The timeout for a Service Ticket is very short (maybe like 30 seconds, if even that. I don't have the source code on-hand :-)). If you're attempting to take the ticket and copy/paste it somewhere to then run a test, you may be taking too long. The other thing is they can only be once, so if you're grabbing it after its been used by someone, then your call will not work.
On Fri, Aug 2, 2013 at 8:12 AM, S. Toulmonde <[email protected]> wrote: > Hello everyone. I'm new to this forum and this is my first question for > CAS, so be merciful! :] > > Here's some background: I'm the sys. admin of a site and we're > implementing CAS (3.4.2.1) onto a glassfish cluster (currently, single node > for tests), the whole thing is protected by an apache reverse-proxy with > mod_jk. > > Thus being said, we have several php application already casyfied and > everything seems fine. My worry is that I have a legacy java application > that would also needs to be casyfied. > This java application is in fact an sftp server where users can access > their files, It currently has its own authentication method. The goal is > that the user authenticate to CAS, gets a ticket, use the php application, > gets redirected to the legacy java app and present its ticket as a "token". > The java app validates the ticket and returns a success. > > I checked the tutorial and first tried Cas20ProxyTicketValidator: > > public static void main(String[] args) { > validateTicket("ST-119-tTfBWlPfc4afNiWwP9RP-dcas"); // I get > this ticket from the CAS logfile > // when > the user authenticates through the cas > // changes > everytime of course > } > > public final static boolean validateTicket(String ticket) { > AttributePrincipal principal = null; > String casServerUrl = "https://dcas.sopres.be:8443/cas";; > String legacyServerServiceUrl = "http://dservicedesk.sopres.be";; > Cas20ProxyTicketValidator sv = new > Cas20ProxyTicketValidator(casServerUrl); > > sv.setAcceptAnyProxy(true); > try { > Assertion a = sv.validate(ticket, legacyServerServiceUrl); > principal = a.getPrincipal(); > System.out.println("user name:" + principal.getName()); > } catch (TicketValidationException e) { > e.printStackTrace(); > } > return principal != null; > } > > > Alas, everytime I get "ticket '...' not recognized". > > The only success I have is when, on the same workstation, I surf to: > > https://dcas.sopres.be:8443/cas/login?service=http%3A%2F%2Fdservicedesk.sopres.be > From the logfile, I get: Granted service ticket > [ST-126-bkL0cU2B7hc4d5O1ZOVm-dcas] for service [ > http://dservicedesk.sopres.be] > Change the ticket number in my code, run it and I get the username. > > If I wait a little bit too much, I get the infamous "not recognized" > answer from CAS. > > Could someone give me a clue on how this can be achieved? > > Thanks in advance! > > Seb. > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
