After looking at the logs, I see the following which may be the reason why the validation is failing. Should I not be attempting to validate a TGT?
2012-11-21 16:34:55,449 [http-bio-443-exec-10] ERROR org.apache.catalina.core.ContainerBase.[Catalina].[owf.dev.wisrd.org].[/cas].[cas]- Servlet.service() for servlet [cas] in context with path [/cas] threw exception [Request processing failed; nested exception is java.lang.ClassCastException: Ticket [ TGT-52-01Kant4DzlPvIJ5Jo0NISURt4lVtPlnlN1aJwjLIGJzNsZdnb6-owf.dev.wisrd.orgis of type class org.jasig.cas.ticket.TicketGrantingTicketImpl when we were expecting interface org.jasig.cas.ticket.ServiceTicket] with root cause java.lang.ClassCastException: Ticket [ TGT-52-01Kant4DzlPvIJ5Jo0NISURt4lVtPlnlN1aJwjLIGJzNsZdnb6-owf.dev.wisrd.orgis of type class org.jasig.cas.ticket.TicketGrantingTicketImpl when we were expecting interface org.jasig.cas.ticket.ServiceTicket at org.jasig.cas.ticket.registry.AbstractTicketRegistry.getTicket_aroundBody0(AbstractTicketRegistry.java:55) at org.jasig.cas.ticket.registry.AbstractTicketRegistry.getTicket_aroundBody1$advice(AbstractTicketRegistry.java:57) at org.jasig.cas.ticket.registry.AbstractTicketRegistry.getTicket(AbstractTicketRegistry.java:1) at org.jasig.cas.CentralAuthenticationServiceImpl.validateServiceTicket_aroundBody8(CentralAuthenticationServiceImpl.java:341) at org.jasig.cas.CentralAuthenticationServiceImpl.validateServiceTicket_aroundBody9$advice(CentralAuthenticationServiceImpl.java:57) at org.jasig.cas.CentralAuthenticationServiceImpl.validateServiceTicket(CentralAuthenticationServiceImpl.java:1) at sun.reflect.GeneratedMethodAccessor736.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:601) at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:318) at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:183) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150) at org.springframework.aop.aspectj.MethodInvocationProceedingJoinPoint.proceed(MethodInvocationProceedingJoinPoint.java:80) at org.perf4j.aop.AbstractTimingAspect$1.proceed(AbstractTimingAspect.java:47) at org.perf4j.aop.AgnosticTimingAspect.runProfiledMethod(AgnosticTimingAspect.java:53) at org.perf4j.aop.AbstractTimingAspect.doPerfLogging(AbstractTimingAspect.java:45) at sun.reflect.GeneratedMethodAccessor426.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:601) at org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethodWithGivenArgs(AbstractAspectJAdvice.java:621) at org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethod(AbstractAspectJAdvice.java:610) at org.springframework.aop.aspectj.AspectJAroundAdvice.invoke(AspectJAroundAdvice.java:65) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:161) at org.springframework.aop.aspectj.MethodInvocationProceedingJoinPoint.proceed(MethodInvocationProceedingJoinPoint.java:80) at com.github.inspektr.audit.AuditTrailManagementAspect.handleAuditTrail(AuditTrailManagementAspect.java:126) at sun.reflect.GeneratedMethodAccessor425.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:601) at org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethodWithGivenArgs(AbstractAspectJAdvice.java:621) at org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethod(AbstractAspectJAdvice.java:610) at org.springframework.aop.aspectj.AspectJAroundAdvice.invoke(AspectJAroundAdvice.java:65) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:161) at org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:90) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172) at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:202) at $Proxy24.validateServiceTicket(Unknown Source) at org.jasig.cas.web.ServiceValidateController.handleRequestInternal(ServiceValidateController.java:146) at org.springframework.web.servlet.mvc.AbstractController.handleRequest(AbstractController.java:153) at org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter.handle(SimpleControllerHandlerAdapter.java:48) at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:923) at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:852) at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:882) at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:778) at javax.servlet.http.HttpServlet.service(HttpServlet.java:621) at javax.servlet.http.HttpServlet.service(HttpServlet.java:722) at org.jasig.cas.web.init.SafeDispatcherServlet.service_aroundBody2(SafeDispatcherServlet.java:128) at org.jasig.cas.web.init.SafeDispatcherServlet.service_aroundBody3$advice(SafeDispatcherServlet.java:57) at org.jasig.cas.web.init.SafeDispatcherServlet.service(SafeDispatcherServlet.java:1) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:304) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210) at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:88) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76) at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346) at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:259) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210) at com.github.inspektr.common.web.ClientInfoThreadLocalFilter.doFilter(ClientInfoThreadLocalFilter.java:63) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:224) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:185) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:151) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:100) at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:929) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:405) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:269) at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:515) at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:302) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603) at java.lang.Thread.run(Thread.java:722) On Wed, Nov 21, 2012 at 11:30 AM, Joey Daughtery <[email protected]>wrote: > Ok, it does help to pass the parameters after building them in the code. > However, I am now getting html response indicating CAS Server is not > available and that something went wrong. > > Taking a look at the cas log, shows the ticket failed validation after i > get the login ticket: > Login: > 2012-11-21 16:20:34,568 INFO > [com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit > trail record BEGIN > ============================================================= > WHO: [username: joe.daughtery.usa] > WHAT: > TGT-50-FGwdbh403CvOJIFLDgqGXc0qISS0qSaCpewpEQw66GnmGsd6Re-owf.dev.wisrd.org > ACTION: TICKET_GRANTING_TICKET_CREATED > APPLICATION: CAS > WHEN: Wed Nov 21 16:20:34 UTC 2012 > CLIENT IP ADDRESS: 208.101.221.137 > SERVER IP ADDRESS: 10.29.28.43 > ============================================================= > > Attempt to validate ticket from login: > ============================================================= > WHO: joe.daughtery.usa > WHAT: > TGT-50-FGwdbh403CvOJIFLDgqGXc0qISS0qSaCpewpEQw66GnmGsd6Re-owf.dev.wisrd.org > ACTION: SERVICE_TICKET_VALIDATE_FAILED > APPLICATION: CAS > WHEN: Wed Nov 21 16:20:46 UTC 2012 > CLIENT IP ADDRESS: 208.101.221.137 > SERVER IP ADDRESS: 10.29.28.43 > ============================================================= > > I am actually, calling the login url, obtaining the ticket returned and > for testing purposes, calling the serviceValidate to make sure I can > validate the ticket. Note that I am using the same HttpClient to execute > the login and validate calls to make sure I have the same session id. > > Any thoughts on what might be wrong? > > Thanks > > Joe > > > On Wed, Nov 21, 2012 at 10:04 AM, Scott Battaglia < > [email protected]> wrote: > >> The response from the CAS server indicates that it doesn't think you are >> :-) >> >> Can you post one of the service validate URLs generated (i.e. from an >> Apache access log on the CAS side)? Maybe there is some encoding issue. >> >> >> On Wed, Nov 21, 2012 at 10:02 AM, Joey Daughtery < >> [email protected]> wrote: >> >>> Yes, I am sending both service and ticket parameters. >>> >>> Thanks >>> >>> Joe >>> >>> >>> On Wed, Nov 21, 2012 at 9:58 AM, Scott Battaglia < >>> [email protected]> wrote: >>> >>>> Are you passing both a service parameter and a ticket parameter when >>>> you call validate? >>>> >>>> >>>> On Wed, Nov 21, 2012 at 9:44 AM, Joey Daughtery < >>>> [email protected]> wrote: >>>> >>>>> Jerome >>>>> Thanks for the response. The following is the response: >>>>> <cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'> >>>>> <cas:authenticationFailure code='INVALID_REQUEST'> >>>>> 'service' and 'ticket' parameters are both >>>>> required >>>>> </cas:authenticationFailure> >>>>> </cas:serviceResponse> >>>>> >>>>> Thanks >>>>> >>>>> Joe >>>>> >>>>> On Wed, Nov 21, 2012 at 9:33 AM, jleleu <[email protected]> wrote: >>>>> >>>>>> Hi, >>>>>> >>>>>> The log you posted told you that you have been authenticated (CASTGC >>>>>> cookie created), though it didn't tell you that your ticket has been >>>>>> validated. >>>>>> Is it the complete log ? >>>>>> >>>>>> What is the exact response from the /serviceValidate url ? Issue with >>>>>> ticket or service ? HTTP code ? >>>>>> >>>>>> Thanks, >>>>>> Jérôme >>>>>> >>>>>> >>>>>> -- >>>>>> You are currently subscribed to [email protected] as: >>>>>> [email protected] >>>>>> >>>>>> To unsubscribe, change settings or access archives, see >>>>>> http://www.ja-sig.org/wiki/display/JSG/cas-user >>>>>> >>>>> >>>>> -- >>>>> You are currently subscribed to [email protected] as: >>>>> [email protected] >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> To unsubscribe, change settings or access archives, see >>>>> http://www.ja-sig.org/wiki/display/JSG/cas-user >>>>> >>>>> >>>> -- >>>> You are currently subscribed to [email protected] as: >>>> [email protected] >>>> >>>> >>>> >>>> >>>> To unsubscribe, change settings or access archives, see >>>> http://www.ja-sig.org/wiki/display/JSG/cas-user >>>> >>>> >>> -- >>> You are currently subscribed to [email protected] as: >>> [email protected] >>> >>> >>> >>> To unsubscribe, change settings or access archives, see >>> http://www.ja-sig.org/wiki/display/JSG/cas-user >>> >>> >> -- >> You are currently subscribed to [email protected] as: >> [email protected] >> >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/display/JSG/cas-user >> >> > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
