Hi
I also used to have an infinite loop and the reason was, that my webapp
was not able to validate the ticket (for whatever reason) and hence kept
redirecting the user to CAS, but because the authentication was already
successful (at the very first redirect), CAS just redirected back to the
webapp (based on the service URL) and hence the infinite loop was created.
HTH somehow
Michael
Am 01.07.13 12:00, schrieb Lee Flaxington:
Hello
I would appreciate some help if possible.
I am currently trying to integrate the Ehour timesheet management tool with CAS
single sign on on Ubuntu.
I have got this working in the Ehour dev environment i.e I can run and debug
Ehour within an IntelliJ-IDEA dev environment which uses Jetty as the web
server hosting the CAS client. Within this environment I can logon to the Ehour
URL, get redirected to the CAS server, enter my credentials and then get
redirected with ticket back to Ehour and then successfully navigate the web
site as a CAS authorised user - all good.
When I subsequently try to deploy Ehour into a Tomcat web server I get an
'infinite loop' where the CAS client keeps requesting a ticket from the CAS
server (the CAS server is exactly the same one as used in the working
development environment). I have set Log4j to debug logging but the logs are
not showing any specific error other than just keeps repeating 'An
Authentication object was not found in the SecurityContext'.
I initially thought it must be something to do with the ssl certificate setup and
have tried various ways of creating & self signing certs (keytool, openssl,
portecle etc) as per the info available. I have also moved Ehour (Cas client) to
within a different instance of Tomcat and also changed computer/domain name
(relevant for certificate CN) but all to no avail.
If the logs from the working dev environment are compared to the non working
Tomcat deployment the working CAS server log shows:
ACTION: AUTHENTICATION_SUCCESS
ACTION: TICKET_GRANTING_TICKET_CREATED
ACTION: SERVICE_TICKET_CREATED
ACTION: SERVICE_TICKET_VALIDATED
but when using Tomcat for the CAS client the CAS server log shows:
ACTION: AUTHENTICATION_SUCCESS
ACTION: TICKET_GRANTING_TICKET_CREATED
ACTION: SERVICE_TICKET_CREATED
ACTION: SERVICE_TICKET_CREATED
ACTION: SERVICE_TICKET_CREATED
ACTION: SERVICE_TICKET_CREATED..
loops here..
and never gets to ACTION: SERVICE_TICKET_VALIDATED
This is my first attempt at using CAS so I may be missing something obvious but I
am now struggling to find a resolution. I have attached all the logs both from the
good and bad deployments (both CAS & Ehour).
Any pointers in the right direction would be greatly appreciated.Thanks.
Attachments:
CAS_SERVER_GOOD_DEV.txt = CAS server log when using Ehour in IntelliJ-IDEA dev
environment with Jetty web server hosting CAS client
EHOUR_JETTY_GOOD_DEV.txt = CAS client log when using Ehour in IntelliJ-IDEA dev
environment with Jetty web server hosting CAS client
CAS_SERVER_BAD.txt = CAS server log when using Ehour (CAS client) in Tomcat
instance
EHOUR_TOMCAT_BAD.txt = CAS client log when using Ehour (CAS client) in Tomcat
instance
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
