Hmm, that's strange. That should have generated the reason it failed. The XML response, however, should also give some indication of why it failed.
On Thu, Mar 31, 2011 at 10:29 AM, Harry Hoffman <[email protected]>wrote: > So, I turned logging up to DEBUG for org.jasig and I’ve pasted the logs > below. Maybe I’m not setting the correct log output but it doesn’t seem as > though the logs are telling me why the error is happening. > > > > In the second case from the previous example I’d just removed the service > field to show that if the URL was missing parameters then the proper XML > would be generated. > > > > Cheers, > > Harry > > > > > > > 2011-03-31 10:22:12,163 DEBUG > [org.jasig.cas.web.support.CookieRetrievingCookieGenerator] - <Removed > cookie with name [CASPRIVACY]> > > 2011-03-31 10:22:12,164 DEBUG > [org.jasig.cas.web.support.CookieRetrievingCookieGenerator] - <Added cookie > with name [CASTGC] and value > [TGT-1-B0tjWgMIhUU4kgCZdXbxnWccTFYpTbRbArjaoutXnlNMbIShEu-cas]> > > 2011-03-31 10:22:12,169 DEBUG > [org.jasig.cas.web.support.CasArgumentExtractor] - <Extractor did not > generate service.> > > 2011-03-31 10:22:12,169 DEBUG > [org.jasig.cas.web.support.SamlArgumentExtractor] - <Extractor did not > generate service.> > > 2011-03-31 10:23:02,403 DEBUG > [org.jasig.cas.web.support.CasArgumentExtractor] - <Extractor generated > service for: https://godzilla.fqdn.dom> > > 2011-03-31 10:23:02,404 DEBUG > [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Attempting to > retrieve ticket > [TGT-1-B0tjWgMIhUU4kgCZdXbxnWccTFYpTbRbArjaoutXnlNMbIShEu-cas]> > > 2011-03-31 10:23:02,404 DEBUG > [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Ticket > [TGT-1-B0tjWgMIhUU4kgCZdXbxnWccTFYpTbRbArjaoutXnlNMbIShEu-cas] found in > registry.> > > 2011-03-31 10:23:02,405 DEBUG > [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Attempting to > retrieve ticket > [TGT-1-B0tjWgMIhUU4kgCZdXbxnWccTFYpTbRbArjaoutXnlNMbIShEu-cas]> > > 2011-03-31 10:23:02,405 DEBUG > [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Ticket > [TGT-1-B0tjWgMIhUU4kgCZdXbxnWccTFYpTbRbArjaoutXnlNMbIShEu-cas] found in > registry.> > > 2011-03-31 10:23:02,406 INFO > [com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit > trail record BEGIN > > ============================================================= > > WHO: hhoffman > > WHAT: TGT-1-B0tjWgMIhUU4kgCZdXbxnWccTFYpTbRbArjaoutXnlNMbIShEu-cas > > ACTION: SERVICE_TICKET_VALIDATE_FAILED > > APPLICATION: CAS > > WHEN: Thu Mar 31 10:23:02 EDT 2011 > > CLIENT IP ADDRESS: 192.168.17.140 > > SERVER IP ADDRESS: 172.16.38.128 > > ============================================================= > > > > > > > 2011-03-31 10:23:02,411 DEBUG > [org.jasig.cas.web.support.CasArgumentExtractor] - <Extractor generated > service for: https://godzilla.fqdn.dom> > > > > *From:* Scott Battaglia [mailto:[email protected]] > *Sent:* Thursday, March 31, 2011 9:46 AM > *To:* [email protected] > *Subject:* Re: [cas-user] CAS-3.4.7 and serviceValidate failures > > > > If you have the logging level up high enough we should be describing why it > fails. > > > > Also, the response from CAS should give some indication of why it failed. > (in the second case when you remove the service parameter, that's why that > fails). > > > > On Thu, Mar 31, 2011 at 9:43 AM, Harry Hoffman <[email protected]> > wrote: > > Hi All, > > I'm trying to use serviceValidate and am running it a HTML only error: CAS > is Unavailable > > The cas server is located at cas.fqdn.dom and I'm passing the following url > via the browser: > > https://cas.fqdn.com/cas/serviceValidate?ticket=TGT-17-wRMnLKgslHfzRalSOVbVC > RXAy9FW6k2bSmLzTXvocp7MeFTZXG-cas&service=https://godzilla.fqdn.dom/ > > I see the following logged in catalina.out: > > 2011-03-31 09:40:27,348 INFO > [com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit > trail record BEGIN > ============================================================= > WHO: hhoffman > WHAT: TGT-17-wRMnLKgslHfzRalSOVbVCRXAy9FW6k2bSmLzTXvocp7MeFTZXG-cas > ACTION: SERVICE_TICKET_VALIDATE_FAILED > APPLICATION: CAS > WHEN: Thu Mar 31 09:40:27 EDT 2011 > CLIENT IP ADDRESS: 192.168.17.140 > SERVER IP ADDRESS: 172.16.38.128 > ============================================================= > > > From the docs it seems like this should be what I need to pass to the cas > server and if I remove the service then I get back a valid XML formatted > error: > <cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'> > <cas:authenticationFailure code='INVALID_REQUEST'> > 'service' and 'ticket' parameters are > both required > </cas:authenticationFailure> > </cas:serviceResponse> > > Am I doing something wrong here or is this a bug? > > Cheers, > Harry > > > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > > > -- > You are currently subscribed to [email protected] as: > [email protected] > > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- > > You are currently subscribed to [email protected] as: > [email protected] > > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
