This still looks a bit wrong possibly, if you want to actually use that PGT:
<beans:property name="proxyCallbackUrl"
value="https:/ourcasserver:443/cas/proxy/receptor" />
You want to put in a URI to your cas client, not your cas server. Your cas
client needs to receive the PGT.
From: Karl Nielsen [mailto:[email protected]]
Sent: Wednesday, June 26, 2013 1:16 PM
To: [email protected]
Subject: Re: [cas-user] /proxy/receptor
Found it. Had a cached file that wasn't deploying my changes. Thanks for
your help!
On Wed, Jun 26, 2013 at 10:45 AM, Karl Nielsen <[email protected]>
wrote:
So my configuration is now:
<beans:property name="ticketValidator">
<beans:bean
class="org.jasig.cas.client.validation.Cas20ServiceTicketValidator">
<beans:constructor-arg index="0"
value="${system.casServerUrl}/cas" />
<beans:property name="proxyCallbackUrl"
value="https:/ourcasserver:443/cas/proxy/receptor" />
</beans:bean>
</beans:property>
And I am still seeing this error:
2013-06-26 10:39:44,999 ERROR [org.jasig.cas.web.ServiceValidateController]
- <Error constructing pgtUrl>
java.net.MalformedURLException: no protocol: /proxy/receptor
at java.net.URL.<init>(URL.java:586)
Coupled with this log entry:
=============================================================
WHO: audit:unknown
WHAT: ST-269-BtoaD1YpciC3KLRA0uN3-ourcasserver
ACTION: SERVICE_TICKET_VALIDATED
APPLICATION: CAS
WHEN: Wed Jun 26 10:39:45 MDT 2013
CLIENT IP ADDRESS: 10.1.2.50
SERVER IP ADDRESS: 10.1.2.85
=============================================================
I am going to dig a little deeper on the server to see if something is
cached somewhere, but I am not seeing it immediately...
On Wed, Jun 26, 2013 at 10:16 AM, Young III, Russell Alonzo
<[email protected]> wrote:
The proxyCallbackUrl should be the full URL. E.g. <beans:property
name="proxyCallbackUrl" value="https://your.url/proxy/receptor"; />
-Russ
_____
From: Karl Nielsen [[email protected]]
Sent: Wednesday, June 26, 2013 10:47 AM
To: [email protected]
Subject: Re: [cas-user] /proxy/receptor
Looking at my configuration, I am using Spring Security this is the section
dealing with the proxy receptor:
<beans:property name="ticketValidator">
<beans:bean
class="org.jasig.cas.client.validation.Cas20ServiceTicketValidator">
<beans:constructor-arg index="0"
value="https://ourcasserver/cas"; />
<beans:property name="proxyCallbackUrl" value="/proxy/receptor" />
</beans:bean>
</beans:property>
This is the configuration that was giving me the:
java.net.MalformedURLException: no protocol: /proxy/receptor error
To my knowledge this is the correct configuration, am I wrong?
Thanks,
~Karl~
On Thu, Jun 20, 2013 at 7:26 PM, Young III, Russell Alonzo
<[email protected]> wrote:
It looks like CAS for some reason isn't getting the full URL for the proxy
callback. In your web.xml for the proxyCallbackUrl you should have the full
URL (e.g. https://foo.bar/proxy/receptor) and just "/proxy/receptor" for
the proxyReceptorUrl.
_____
From: Karl Nielsen [[email protected]]
Sent: Thursday, June 20, 2013 4:38 PM
To: [email protected]
Subject: [cas-user] /proxy/receptor
I am getting some strange errors that I am having a hard time tracking down.
I am getting this exception:
2013-06-20 14:56:01,350 ERROR [org.jasig.cas.web.ServiceValidateController]
- <Error constructing pgtUrl>
java.net.MalformedURLException: no protocol: /proxy/receptor
at java.net.URL.<init>(URL.java:597)
at java.net.URL.<init>(URL.java:494)
at java.net.URL.<init>(URL.java:443)
If I just go to my cas server in my browser it lets me login just fine. If I
go to my app, named MMP, it shows in the logs that it is verifying the
ticket and works good too. Everything is running fine, then all of a sudden
it no longer works and wont SSO.
After this happens if I try and browse to the server in IE, I get a "There
is a problem with this website's security certificate" error. Chrome doesn't
even give me that, it just spins and spins and spins.
It then logs an unknown user:
=============================================================
WHO: audit:unknown
WHAT: ST-218-eE2tdvOIjPOaWoX92RyP-cas.mycompany.com
ACTION: SERVICE_TICKET_VALIDATED
APPLICATION: CAS
WHEN: Thu Jun 20 14:56:01 MDT 2013
CLIENT IP ADDRESS: 10.1.2.50
SERVER IP ADDRESS: 10.1.2.85
=============================================================
Any idea as to how to go about debugging this?
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
smime.p7s
Description: S/MIME cryptographic signature
