My first step would be to increase the logging level to DEBUG for the SPNEGO-related classes... you familiar with how to alter log4j's config?
On Mon, Feb 14, 2011 at 2:48 PM, Healey, Thomas <[email protected] > wrote: > Bill et al, > I am sorry. Here is the log. > 2011-02-14 14:46:21,955 INFO > [org.jasig.cas.authentication.AuthenticationManagerImpl] - > <AuthenticationHandler: > org.jasig.cas.support.spnego.authentication.handler.support.JCIFSSpnegoAuthenticationHandler > failed to authenticate the user which provided the following credentials: > Principal is null> > > I shouldn't assume that this information is useless or not required. It > didn't provide me with much:) > Tom > Go Hoos! > > On Feb 14, 2011, at 2:24 PM, William Markmann wrote: > > Hey Tom -- first of all, wahoowa! Second, if you could post an example log > snippet from an authentication attempt, it might be a little easier to > suggest where to look for potential solutions... the "Principal is null" > message could have several different causes. > > - Bill > > > On Mon, Feb 14, 2011 at 2:20 PM, Healey, Thomas < > [email protected]<mailto:[email protected]>> wrote: > All, > As you may know since Windows 7 came out it has been broken regarding > SPNEGO and CAS environments running on Windows Server 2003. What used to > happen was when a authenticated domain user went to an CAS protected site > the user would be seamlessly authenticated and forwarded onto the app to be > authorized and, if authorized, sent to the site. Now I get "Principal is > null" message in the CAS logs and the user is forwarded to the CAS login > page. I searched the web for other instances of this problem but those > people who are having problems with Windows 7 and CAS/SPNEGO were having a > problem with the version of Java they were using and they were getting the > following in their logs: > "GSSException: Channel binding mismatch (Mechanism level: ChannelBinding > not provided!)" from https://wiki.jasig.org/display/CASUM/SPNEGO > This is not our problem as we have upgraded the Java version many moons > ago. It also suggests a MS webpage > http://support.microsoft.com/?scid=kb%3Ben-us%3B968389&x=10&y=18 > for further guidance but that didn't help when I tried it. > I have also tried to use Windows Server 2008 but no luck. > Any thoughts or other areas I can look for answers? > > > > -- > Bill Markmann > > Counterpoint Consulting, Inc. > (p) 571-338-2455 > (f) 202-403-3425 > (e) [email protected]<mailto:[email protected] > > > (w) http://www.counterpointconsulting.com/ > > -- > You are currently subscribed to [email protected]<mailto: > [email protected]> as: [email protected]<mailto: > [email protected]> > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > Tom Healey > [email protected]<mailto:[email protected]> > Office:(434)924-0562 > [cid:[email protected]] <http://www.darden.virginia.edu/> < > http://www.darden.virginia.edu/> <http://www.darden.virginia.edu/> < > http://www.darden.virginia.edu/> > Visit Darden on <http://www.darden.virginia.edu/> > [cid:[email protected]] <http://www.facebook.com/DardenMBA> < > http://www.facebook.com/DardenMBA> <http://www.facebook.com/DardenMBA> < > http://www.facebook.com/DardenMBA> <http://www.facebook.com/DardenMBA> > Facebook<http://www.facebook.com/DardenMBA> | < > http://www.linkedin.com/groups?gid=35744&trk=myg_ugrp_ovr&goback=%2Emyg> > [cid:[email protected]] < > http://www.linkedin.com/groups?gid=35744&trk=myg_ugrp_ovr&goback=%2Emyg> < > http://www.linkedin.com/groups?gid=35744&trk=myg_ugrp_ovr&goback=%2Emyg> < > http://www.linkedin.com/groups?gid=35744&trk=myg_ugrp_ovr&goback=%2Emyg> < > http://www.linkedin.com/groups?gid=35744&trk=myg_ugrp_ovr&goback=%2Emyg> < > http://www.linkedin.com/groups?gid=35744&trk=myg_ugrp_ovr&goback=%2Emyg> > LinkedIn< > http://www.linkedin.com/groups?gid=35744&trk=myg_ugrp_ovr&goback=%2Emyg> | > <http://twitter.com/DardenMBA> [cid:[email protected]] < > http://twitter.com/DardenMBA> <http://twitter.com/DardenMBA> < > http://twitter.com/DardenMBA> <http://twitter.com/DardenMBA> < > http://twitter.com/DardenMBA> Twitter<http://twitter.com/DardenMBA> | < > http://www.youtube.com/user/DardenMBA> [cid:[email protected]] > <http://www.youtube.com/user/DardenMBA> < > http://www.youtube.com/user/DardenMBA> < > http://www.youtube.com/user/DardenMBA> < > http://www.youtube.com/user/DardenMBA> YouTube< > http://www.youtube.com/user/DardenMBA> > Please do not print this e-mail or attachments unless necessary. If you > must, please recycle. > Keep your Darden information current on < > http://dardencommunity.darden.virginia.edu/> > [cid:[email protected]] < > http://dardencommunity.darden.virginia.edu/> > > > > > > > > <http://dardencommunity.darden.virginia.edu/> > > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > -- Bill Markmann Counterpoint Consulting, Inc. (p) 571-338-2455 (f) 202-403-3425 (e) [email protected] (w) http://www.counterpointconsulting.com/ -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
