I had a service that was looping in 3.5.2. There were some empty lines in the xml response sent to the service. I removed the whitespace by adding <%@page trimDirectiveWhitespaces="true"> to the casServiceValidationSuccess.jsp in the /cas/WEB-INF/view/jsp/protocol/2.0 directory.
May not be related to your problem but I thought I should mention it just in case. Tom On Mon, Jul 1, 2013 at 8:05 AM, Lee <[email protected]> wrote: > Thanks for response. Yes, this what is happening - my CAS server is > authenticating successfully and redirecting back to the CAS client. > I'm just struggling to find the reason why the CAS client is not > validating. The logs aren't showing any errors. > Thanks > Lee > > > On Monday, 1 July 2013 11:17:34 UTC+1, Michael Wechner wrote: > >> Hi >> >> I also used to have an infinite loop and the reason was, that my webapp >> was not able to validate the ticket (for whatever reason) and hence kept >> redirecting the user to CAS, but because the authentication was already >> successful (at the very first redirect), CAS just redirected back to the >> webapp (based on the service URL) and hence the infinite loop was >> created. >> >> HTH somehow >> >> Michael >> >> Am 01.07.13 12:00, schrieb Lee Flaxington: >> > Hello >> > >> > I would appreciate some help if possible. >> > >> > I am currently trying to integrate the Ehour timesheet management tool >> with CAS single sign on on Ubuntu. >> > I have got this working in the Ehour dev environment i.e I can run and >> debug Ehour within an IntelliJ-IDEA dev environment which uses Jetty as the >> web server hosting the CAS client. Within this environment I can logon to >> the Ehour URL, get redirected to the CAS server, enter my credentials and >> then get redirected with ticket back to Ehour and then successfully >> navigate the web site as a CAS authorised user - all good. >> > >> > When I subsequently try to deploy Ehour into a Tomcat web server I get >> an 'infinite loop' where the CAS client keeps requesting a ticket from the >> CAS server (the CAS server is exactly the same one as used in the working >> development environment). I have set Log4j to debug logging but the logs >> are not showing any specific error other than just keeps repeating 'An >> Authentication object was not found in the SecurityContext'. >> > >> > I initially thought it must be something to do with the ssl certificate >> setup and have tried various ways of creating & self signing certs >> (keytool, openssl, portecle etc) as per the info available. I have also >> moved Ehour (Cas client) to within a different instance of Tomcat and also >> changed computer/domain name (relevant for certificate CN) but all to no >> avail. >> > >> > If the logs from the working dev environment are compared to the non >> working Tomcat deployment the working CAS server log shows: >> > >> > ACTION: AUTHENTICATION_SUCCESS >> > ACTION: TICKET_GRANTING_TICKET_CREATED >> > ACTION: SERVICE_TICKET_CREATED >> > ACTION: SERVICE_TICKET_VALIDATED >> > >> > but when using Tomcat for the CAS client the CAS server log shows: >> > >> > ACTION: AUTHENTICATION_SUCCESS >> > ACTION: TICKET_GRANTING_TICKET_CREATED >> > ACTION: SERVICE_TICKET_CREATED >> > ACTION: SERVICE_TICKET_CREATED >> > ACTION: SERVICE_TICKET_CREATED >> > ACTION: SERVICE_TICKET_CREATED.. >> > loops here.. >> > >> > and never gets to ACTION: SERVICE_TICKET_VALIDATED >> > >> > This is my first attempt at using CAS so I may be missing something >> obvious but I am now struggling to find a resolution. I have attached all >> the logs both from the good and bad deployments (both CAS & Ehour). >> > >> > Any pointers in the right direction would be greatly >> appreciated.Thanks. >> > >> > Attachments: >> > CAS_SERVER_GOOD_DEV.txt = CAS server log when using Ehour in >> IntelliJ-IDEA dev environment with Jetty web server hosting CAS client >> > EHOUR_JETTY_GOOD_DEV.txt = CAS client log when using Ehour in >> IntelliJ-IDEA dev environment with Jetty web server hosting CAS client >> > >> > CAS_SERVER_BAD.txt = CAS server log when using Ehour (CAS client) in >> Tomcat instance >> > EHOUR_TOMCAT_BAD.txt = CAS client log when using Ehour (CAS client) in >> Tomcat instance >> > >> >> >> -- >> You are currently subscribed to [email protected] as: >> jasig-cas-user...@**googlegroups.com >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/**display/JSG/cas-user<http://www.ja-sig.org/wiki/display/JSG/cas-user> >> > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
