So, I turned logging up to DEBUG for org.jasig and I've pasted the logs below. Maybe I'm not setting the correct log output but it doesn't seem as though the logs are telling me why the error is happening.
In the second case from the previous example I'd just removed the service field to show that if the URL was missing parameters then the proper XML would be generated. Cheers, Harry > 2011-03-31 10:22:12,163 DEBUG [org.jasig.cas.web.support.CookieRetrievingCookieGenerator] - <Removed cookie with name [CASPRIVACY]> 2011-03-31 10:22:12,164 DEBUG [org.jasig.cas.web.support.CookieRetrievingCookieGenerator] - <Added cookie with name [CASTGC] and value [TGT-1-B0tjWgMIhUU4kgCZdXbxnWccTFYpTbRbArjaoutXnlNMbIShEu-cas]> 2011-03-31 10:22:12,169 DEBUG [org.jasig.cas.web.support.CasArgumentExtractor] - <Extractor did not generate service.> 2011-03-31 10:22:12,169 DEBUG [org.jasig.cas.web.support.SamlArgumentExtractor] - <Extractor did not generate service.> 2011-03-31 10:23:02,403 DEBUG [org.jasig.cas.web.support.CasArgumentExtractor] - <Extractor generated service for: https://godzilla.fqdn.dom> 2011-03-31 10:23:02,404 DEBUG [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Attempting to retrieve ticket [TGT-1-B0tjWgMIhUU4kgCZdXbxnWccTFYpTbRbArjaoutXnlNMbIShEu-cas]> 2011-03-31 10:23:02,404 DEBUG [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Ticket [TGT-1-B0tjWgMIhUU4kgCZdXbxnWccTFYpTbRbArjaoutXnlNMbIShEu-cas] found in registry.> 2011-03-31 10:23:02,405 DEBUG [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Attempting to retrieve ticket [TGT-1-B0tjWgMIhUU4kgCZdXbxnWccTFYpTbRbArjaoutXnlNMbIShEu-cas]> 2011-03-31 10:23:02,405 DEBUG [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Ticket [TGT-1-B0tjWgMIhUU4kgCZdXbxnWccTFYpTbRbArjaoutXnlNMbIShEu-cas] found in registry.> 2011-03-31 10:23:02,406 INFO [com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit trail record BEGIN ============================================================= WHO: hhoffman WHAT: TGT-1-B0tjWgMIhUU4kgCZdXbxnWccTFYpTbRbArjaoutXnlNMbIShEu-cas ACTION: SERVICE_TICKET_VALIDATE_FAILED APPLICATION: CAS WHEN: Thu Mar 31 10:23:02 EDT 2011 CLIENT IP ADDRESS: 192.168.17.140 SERVER IP ADDRESS: 172.16.38.128 ============================================================= > 2011-03-31 10:23:02,411 DEBUG [org.jasig.cas.web.support.CasArgumentExtractor] - <Extractor generated service for: https://godzilla.fqdn.dom> From: Scott Battaglia [mailto:[email protected]] Sent: Thursday, March 31, 2011 9:46 AM To: [email protected] Subject: Re: [cas-user] CAS-3.4.7 and serviceValidate failures If you have the logging level up high enough we should be describing why it fails. Also, the response from CAS should give some indication of why it failed. (in the second case when you remove the service parameter, that's why that fails). On Thu, Mar 31, 2011 at 9:43 AM, Harry Hoffman <[email protected]> wrote: Hi All, I'm trying to use serviceValidate and am running it a HTML only error: CAS is Unavailable The cas server is located at cas.fqdn.dom and I'm passing the following url via the browser: https://cas.fqdn.com/cas/serviceValidate?ticket=TGT-17-wRMnLKgslHfzRalSOVbVC <https://cas.fqdn.com/cas/serviceValidate?ticket=TGT-17-wRMnLKgslHfzRalSOVbV C%0d%0aRXAy9FW6k2bSmLzTXvocp7MeFTZXG-cas&service=https://godzilla.fqdn.dom/> RXAy9FW6k2bSmLzTXvocp7MeFTZXG-cas&service=https://godzilla.fqdn.dom/ I see the following logged in catalina.out: 2011-03-31 09:40:27,348 INFO [com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit trail record BEGIN ============================================================= WHO: hhoffman WHAT: TGT-17-wRMnLKgslHfzRalSOVbVCRXAy9FW6k2bSmLzTXvocp7MeFTZXG-cas ACTION: SERVICE_TICKET_VALIDATE_FAILED APPLICATION: CAS WHEN: Thu Mar 31 09:40:27 EDT 2011 CLIENT IP ADDRESS: 192.168.17.140 SERVER IP ADDRESS: 172.16.38.128 ============================================================= >From the docs it seems like this should be what I need to pass to the cas server and if I remove the service then I get back a valid XML formatted error: <cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'> <cas:authenticationFailure code='INVALID_REQUEST'> 'service' and 'ticket' parameters are both required </cas:authenticationFailure> </cas:serviceResponse> Am I doing something wrong here or is this a bug? Cheers, Harry -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
