You can try using "serviceValidate" instead and it would give you more information.
You can change timeout values in this file: https://source.jasig.org/cas3/tags/cas-server-3.4.5/cas-server-webapp/src/main/webapp/WEB-INF/spring-configuration/ticketExpirationPolicies.xml On Thu, Jan 13, 2011 at 5:30 PM, Jim Schumacher <[email protected]> wrote: > Thanks Scott for the reply, > > I actually do have the service values matching in both the login and the > validate. > > Would this indicate that the only reason for "/validate" failure would be > the timeout? > > How do you configure the sytstem for a longer timeout? > > -z > > ------------------------------ > *From:* Scott Battaglia <[email protected]> > *To:* [email protected] > *Sent:* Thu, January 13, 2011 12:44:43 PM > *Subject:* Re: [cas-user] Help with "/validate?ticket=...&service=..." on > a backend service > > If you gave service=www.yahoo.com in the first case and > http://www.yahoo.com in the second case, it won't work. > > The other issue could be that newer versions of CAS have a shorter ticket > timeout you could be hitting. > > > On Thu, Jan 13, 2011 at 2:40 PM, Zapatero <[email protected]> wrote: > >> Greetings, >> >> I'm putting together a validation API for several backend services >> (using the terms of the CAS architecture as discussed here: >> http://www.jasig.org/cas/cas1-architecture >> and here: >> http://www.jasig.org/cas/cas2-architecture >> ) >> >> I'm following the validate protocol as specified in this document: >> http://www.jasig.org/cas/protocol >> >> >> Which CAS ticket cookie will the services need to forward to the backend >> for validation? The backend servers need to resolve the ticket to a user >> name, and to do so without interferring with the ticket's use by the proper >> web services. >> >> I've been testing with the vanilla CAS installation, running on tomcat. >> So far I have not been able to get the standalone /validate (using curl) to >> return a "yes" >> >> Examples: >> >> After doing a login?service=www.yahoo.com and getting >> "ticket=ST-1-OXdWJBTRmZKNQdw9r5Eh-cas >> >> I tried to validate it with: >> $ curl ' >> http://tomcat:9090/cas-server-webapp-3.4.3.1/validate?ticket=ST-1-OXdWJBTRmZKNQdw9r5Eh-cas&service=http%3A%2F%2F >> www.yahoo.com%2F' >> >> This returns "no". >> >> I've also extracted CAS tickets from the cookies. I noticed that if using >> a ticket that starts with "TGT" that CAS on the tomcat side throws an >> exception! >> >> Anyway, can anyone help me get a "hello world" validation to work? >> >> Thanks, >> >> -z >> >> >> -- >> You are currently subscribed to [email protected] as: >> [email protected] >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/display/JSG/cas-user >> > > -- > You are currently subscribed to [email protected] as: > [email protected] > > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- > > You are currently subscribed to [email protected] as: > [email protected] > > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
