On Wed, 12 Jan 2011, Marvin Addison wrote:
>> However, when I use stock 3.4.5 CAS (no Banner modifications) there is an
>> additional HTTP GET:
>> ...
>> 128.193.4.147 - - [10/Jan/2011:10:27:58 -0800] GET
>> /proxy/receptor?pgtIou=PGTIOU-1-WhdMT1U6BOPp535XH6op-cas1.onid.oregonstate.edu&pgtId=TGT-2-iaEiZ34D9my591v2xhn7uQbCo6efjOyOEQ7DSNR7Xv9OUnWdUT-cas1.onid.oregonstate.edu
>> HTTP/1.1 302 - -
>
> This could indicate that you're not getting the PGTIOU in the failure
> case. Debugging on the client could help confirm that. Based on
> previous logs I don't see a problem on the server side.
>
>> Do you have any suggestions to debug the client side on Luminis?
>
> Nothing concrete. Hopefully there's a log4j configuration file or
> similar you can tweak to turn up logging. I'm almost certain it uses
> the Jasig Java CAS client under the hood. Maybe someone familiar with
> Luminis can speak up here. Shoot, maybe even someone from Sungard is
> listening ;)
Reviving an old thread of my own here...
All of my original problems were related to Sungard's
UDCIDAuthenticationMetaDataPopulator bean, which as it turns out, I don't
need to use. I can populate the UDCID attribute just fine from LDAP using
the standard CAS LdapPersonAttributeDao bean.
I was able to get CAS 3.3.5 working fine, including Sungard's
/bannerValidate servlet-mapping and their jars.
However, I'm running into a problem getting CAS 3.4.7 working for
/bannerValidate. The "normal" CAS functions are working fine. Here is
what the cas-client.log shows when I attempt to go to Banner:
2011-04-13 17:21:57,153 INFO
[com.sghe.cas.client.web.validation.BannerApplicationTicketValidator] -
Validation ULR : https://login.oregonstate.edu/cas-dev/bannerValidate
2011-04-13 17:21:57,153 INFO
[com.sghe.cas.client.web.validation.BannerApplicationTicketValidator] - CAS
Server Validation URL : https://login.oregonstate.edu/cas-dev/bannerValidate
2011-04-13 17:21:57,153 INFO
[com.sghe.cas.client.web.validation.BannerApplicationTicketValidator] -
https://login.oregonstate.edu/cas-dev/bannerValidate?BANNER-SV=https%3A%2F%2Flum-admin-dev.ucsadm.oregonstate.edu%3A443%2Fbanner-cas-client%2Fauthorized%2Fbanner%2FSelfService&BANNER-ST=ST-2-12yPceZPUVHz5BcIqq7x-login1.onid.oregonstate.edu&banner_accounts_profile=banner_accounts_profile
2011-04-13 17:21:57,221 WARN
[com.sghe.cas.client.web.validation.BannerApplicationTicketValidator] - GOT
HTTP Response Code :500
2011-04-13 17:21:57,222 WARN
[com.sghe.cas.client.web.filter.BannerTicketValidationFilter] -
org.jasig.cas.client.validation.ValidationException: Unable to retrieve
successful validation response from CAS Server.Response Code 500
org.jasig.cas.client.validation.ValidationException: Unable to retrieve
successful validation response from CAS Server.Response Code 500
I have attached the CAS server logfile, which shows that CAS tried to
render BannerAccountSuccessResponseView, but nothing further. I'm not
sure where the HTTP 500 is originating. Nothing unusual was logged in
catalina.out.
Should I expect some sort of error in my logs? Do I need to crank
everything up to DEBUG?
Is anyone running these /bannerValidate mods with CAS 3.4.x?
Thanks,
Andy
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user2011-04-13 17:21:57,114 TRACE
[edu.vt.middleware.servlet.filter.RequestDumperFilter] - Dumping request...
-----------------------------------------------------
REQUEST received Wed Apr 13 17:21:57 PDT 2011
characterEncoding=null
contentLength=0
contentType=null
locale=en_US
locales=en_US, en
parameter=service=https://lum-admin-dev.ucsadm.oregonstate.edu:443/banner-cas-client/authorized/banner/SelfService
protocol=HTTP/1.1
remoteAddr=10.192.128.94
remoteHost=10.192.128.94
scheme=https
serverName=login.oregonstate.edu
serverPort=443
isSecure=true
contextPath=/cas-dev
cookie=JSESSIONID=BCA7541B1278408F7AF161A6D58170FE
cookie=CASTGC=TGT-1-bZoUUJ1KMFX5LGlqoksfZeLv1TKYI20EiWibnyzg1nLbXVfKCJ-login1.onid.oregonstate.edu
header=host=login.oregonstate.edu
header=user-agent=Mozilla/5.0 (X11; U; Linux i686 (x86_64); en-US;
rv:1.9.2.16) Gecko/20110319 Firefox/3.6.16
header=accept=text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
header=Accept-Language=en-us,en;q=0.5
header=Accept-Encoding=gzip,deflate
header=Accept-Charset=ISO-8859-1,utf-8;q=0.7,*;q=0.7
header=Keep-Alive=115
header=connection=keep-alive
header=referer=https://lum-admin-dev.ucsadm.oregonstate.edu/banner-cas-client/menu-page.jsp
header=cookie=JSESSIONID=BCA7541B1278408F7AF161A6D58170FE;
CASTGC=TGT-1-bZoUUJ1KMFX5LGlqoksfZeLv1TKYI20EiWibnyzg1nLbXVfKCJ-login1.onid.oregonstate.edu
header=content-length=0
method=GET
pathInfo=null
queryString=service=https%3A%2F%2Flum-admin-dev.ucsadm.oregonstate.edu%3A443%2Fbanner-cas-client%2Fauthorized%2Fbanner%2FSelfService
remoteUser=null
requestedSessionId=BCA7541B1278408F7AF161A6D58170FE
requestURI=/cas-dev/login
servletPath=/login
-----------------------------------------------------
2011-04-13 17:21:57,126 INFO [org.jasig.cas.CentralAuthenticationServiceImpl] -
Granted service ticket [ST-2-12yPceZPUVHz5BcIqq7x-login1.onid.oregonstate.edu]
for service
[https://lum-admin-dev.ucsadm.oregonstate.edu:443/banner-cas-client/authorized/banner/SelfService]
for user [saisusr]
2011-04-13 17:21:57,126 INFO
[com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit trail
record BEGIN
=============================================================
WHO: saisusr
WHAT: ST-2-12yPceZPUVHz5BcIqq7x-login1.onid.oregonstate.edu for
https://lum-admin-dev.ucsadm.oregonstate.edu:443/banner-cas-client/authorized/banner/SelfService
ACTION: SERVICE_TICKET_CREATED
APPLICATION: CAS
WHEN: Wed Apr 13 17:21:57 PDT 2011
CLIENT IP ADDRESS: 10.192.128.94
SERVER IP ADDRESS: login.oregonstate.edu
=============================================================
2011-04-13 17:21:57,199 TRACE
[edu.vt.middleware.servlet.filter.RequestDumperFilter] - Dumping request...
-----------------------------------------------------
REQUEST received Wed Apr 13 17:21:57 PDT 2011
characterEncoding=null
contentLength=0
contentType=null
locale=en_US
locales=en_US
parameter=banner_accounts_profile=banner_accounts_profile
parameter=BANNER-SV=https://lum-admin-dev.ucsadm.oregonstate.edu:443/banner-cas-client/authorized/banner/SelfService
parameter=BANNER-ST=ST-2-12yPceZPUVHz5BcIqq7x-login1.onid.oregonstate.edu
protocol=HTTP/1.1
remoteAddr=128.193.135.180
remoteHost=128.193.135.180
scheme=https
serverName=login.oregonstate.edu
serverPort=443
isSecure=true
contextPath=/cas-dev
cookie=JSESSIONID=D3BFCF7477A742161A98B1D6EA0468D9
header=user-agent=Jakarta Commons-HttpClient/3.0.1
header=host=login.oregonstate.edu
header=cookie=$Version=0;
JSESSIONID=D3BFCF7477A742161A98B1D6EA0468D9; $Path=/cas-dev
header=content-length=0
method=POST
pathInfo=null
queryString=BANNER-SV=https%3A%2F%2Flum-admin-dev.ucsadm.oregonstate.edu%3A443%2Fbanner-cas-client%2Fauthorized%2Fbanner%2FSelfService&BANNER-ST=ST-2-12yPceZPUVHz5BcIqq7x-login1.onid.oregonstate.edu&banner_accounts_profile=banner_accounts_profile
remoteUser=null
requestedSessionId=D3BFCF7477A742161A98B1D6EA0468D9
requestURI=/cas-dev/bannerValidate
servletPath=/bannerValidate
-----------------------------------------------------
2011-04-13 17:21:57,199 INFO [com.sghe.cas.web.support.BannerArgumentExtractor]
- Creating a new instance of the BannerAccountsService class
2011-04-13 17:21:57,199 INFO [com.sghe.cas.principal.BannerAccountsService] -
Can I create a Banner Service Form ?
2011-04-13 17:21:57,199 INFO [com.sghe.cas.principal.BannerAccountsService] -
BANNER-ST : ST-2-12yPceZPUVHz5BcIqq7x-login1.onid.oregonstate.edu
2011-04-13 17:21:57,199 INFO [com.sghe.cas.principal.BannerAccountsService] -
BANNER-SV :
https://lum-admin-dev.ucsadm.oregonstate.edu:443/banner-cas-client/authorized/banner/SelfService
2011-04-13 17:21:57,199 INFO [com.sghe.cas.principal.BannerAccountsService] -
BANNER-SV :
https://lum-admin-dev.ucsadm.oregonstate.edu:443/banner-cas-client/authorized/banner/SelfService
2011-04-13 17:21:57,199 INFO [com.sghe.cas.principal.BannerAccountsService] -
Service ID :
https://lum-admin-dev.ucsadm.oregonstate.edu:443/banner-cas-client/authorized/banner/SelfService
2011-04-13 17:21:57,199 TRACE [com.sghe.cas.principal.BannerAccountsService] -
Entering method [getArtifactId with arguments []
2011-04-13 17:21:57,199 TRACE [com.sghe.cas.principal.BannerAccountsService] -
Leaving method [getArtifactId] with return value
[ST-2-12yPceZPUVHz5BcIqq7x-login1.onid.oregonstate.edu].
2011-04-13 17:21:57,207 TRACE [com.sghe.cas.principal.BannerAccountsService] -
Entering method [getId with arguments []
2011-04-13 17:21:57,207 TRACE [com.sghe.cas.principal.BannerAccountsService] -
Leaving method [getId] with return value
[https://lum-admin-dev.ucsadm.oregonstate.edu:443/banner-cas-client/authorized/banner/SelfService].
2011-04-13 17:21:57,207 TRACE [com.sghe.cas.principal.BannerAccountsService] -
Entering method [getId with arguments []
2011-04-13 17:21:57,207 TRACE [com.sghe.cas.principal.BannerAccountsService] -
Leaving method [getId] with return value
[https://lum-admin-dev.ucsadm.oregonstate.edu:443/banner-cas-client/authorized/banner/SelfService].
2011-04-13 17:21:57,207 TRACE [com.sghe.cas.principal.BannerAccountsService] -
Entering method [getId with arguments []
2011-04-13 17:21:57,207 TRACE [com.sghe.cas.principal.BannerAccountsService] -
Leaving method [getId] with return value
[https://lum-admin-dev.ucsadm.oregonstate.edu:443/banner-cas-client/authorized/banner/SelfService].
2011-04-13 17:21:57,207 TRACE [com.sghe.cas.principal.BannerAccountsService] -
Entering method [getId with arguments []
2011-04-13 17:21:57,207 TRACE [com.sghe.cas.principal.BannerAccountsService] -
Leaving method [getId] with return value
[https://lum-admin-dev.ucsadm.oregonstate.edu:443/banner-cas-client/authorized/banner/SelfService].
2011-04-13 17:21:57,208 TRACE [com.sghe.cas.principal.BannerAccountsService] -
Entering method [matches with arguments
[[https://lum-admin-dev.ucsadm.oregonstate.edu:443/banner-cas-client/authorized/banner/SelfService]]
2011-04-13 17:21:57,208 TRACE [com.sghe.cas.principal.BannerAccountsService] -
Leaving method [matches] with return value [true].
2011-04-13 17:21:57,209 INFO
[com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit trail
record BEGIN
=============================================================
WHO: audit:unknown
WHAT: ST-2-12yPceZPUVHz5BcIqq7x-login1.onid.oregonstate.edu
ACTION: SERVICE_TICKET_VALIDATED
APPLICATION: CAS
WHEN: Wed Apr 13 17:21:57 PDT 2011
CLIENT IP ADDRESS: 128.193.135.180
SERVER IP ADDRESS: login.oregonstate.edu
=============================================================
2011-04-13 17:21:57,211 TRACE
[com.sghe.cas.view.BannerAccountSuccessResponseView] - Rendering view with name
'bannerAccountServiceSuccessView' with model
{assertion=[principals={[[Principal=saisusr,
attributes={authenticationMethod=org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler}]]}
for
service=https://lum-admin-dev.ucsadm.oregonstate.edu:443/banner-cas-client/authorized/banner/SelfService]}
and static attributes {}
2011-04-13 17:21:57,212 INFO [com.sghe.cas.web.support.BannerArgumentExtractor]
- Creating a new instance of the BannerAccountsService class
2011-04-13 17:21:57,212 INFO [com.sghe.cas.principal.BannerAccountsService] -
Can I create a Banner Service Form ?
2011-04-13 17:21:57,212 INFO [com.sghe.cas.principal.BannerAccountsService] -
BANNER-ST : ST-2-12yPceZPUVHz5BcIqq7x-login1.onid.oregonstate.edu
2011-04-13 17:21:57,212 INFO [com.sghe.cas.principal.BannerAccountsService] -
BANNER-SV :
https://lum-admin-dev.ucsadm.oregonstate.edu:443/banner-cas-client/authorized/banner/SelfService
2011-04-13 17:21:57,212 INFO [com.sghe.cas.principal.BannerAccountsService] -
BANNER-SV :
https://lum-admin-dev.ucsadm.oregonstate.edu:443/banner-cas-client/authorized/banner/SelfService
2011-04-13 17:21:57,212 INFO [com.sghe.cas.principal.BannerAccountsService] -
Service ID :
https://lum-admin-dev.ucsadm.oregonstate.edu:443/banner-cas-client/authorized/banner/SelfService
2011-04-13 17:21:57,213 TRACE [com.sghe.cas.principal.BannerAccountsService] -
Entering method [getId with arguments []
2011-04-13 17:21:57,213 TRACE [com.sghe.cas.principal.BannerAccountsService] -
Leaving method [getId] with return value
[https://lum-admin-dev.ucsadm.oregonstate.edu:443/banner-cas-client/authorized/banner/SelfService].
2011-04-13 17:21:57,213 TRACE [com.sghe.cas.principal.BannerAccountsService] -
Entering method [getId with arguments []
2011-04-13 17:21:57,213 TRACE [com.sghe.cas.principal.BannerAccountsService] -
Leaving method [getId] with return value
[https://lum-admin-dev.ucsadm.oregonstate.edu:443/banner-cas-client/authorized/banner/SelfService].
2011-04-13 17:21:57,213 TRACE [com.sghe.cas.principal.BannerAccountsService] -
Entering method [getId with arguments []
2011-04-13 17:21:57,213 TRACE [com.sghe.cas.principal.BannerAccountsService] -
Leaving method [getId] with return value
[https://lum-admin-dev.ucsadm.oregonstate.edu:443/banner-cas-client/authorized/banner/SelfService].
2011-04-13 17:21:57,213 TRACE [com.sghe.cas.principal.BannerAccountsService] -
Entering method [getId with arguments []
2011-04-13 17:21:57,213 TRACE [com.sghe.cas.principal.BannerAccountsService] -
Leaving method [getId] with return value
[https://lum-admin-dev.ucsadm.oregonstate.edu:443/banner-cas-client/authorized/banner/SelfService].
