Is the certificate for your CAS server set up as a trusted cert in the truststore of the jre used to run CAS? I could be that the ST validation is failing due to cert validation issues.
David Ohsie EMC Corporation > -----Original Message----- > From: [email protected] > [mailto:[email protected]] > Sent: Wednesday, August 28, 2013 8:00 AM > To: [email protected] > Subject: [cas-user] Redirection loop when attempting to access > https://localhost:8443/cas/services/ > > Hi, > > I'm using the standard CAS 3.5.2 webapp, and when trying to access the > services URL, I get a redirection loop. Here's what I did: > > 1. I typed into my browser: https://cas-server-name:8443/cas/services/ > 2. I get the standard login screen > 3. I provide user details and password, click on Login > 4. I get a warning that there's a redirection loop > > On the server side I can see this: > > [date] [time] INFO: [org.jasig.cas.CentralAuthenticationServiceImpl] - > <Granted service ticket [ST-xx-xxxxxxxxx-cas-server-name] for service > [https://cas-server-name:8443/cas/services/j_acegi_cas_security_check] for > user [username]> [date] [time] INFO > [com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit > trail record BEGIN > ========================================================== > ==== > WHO: [username] > WHAT: ST-xx-xxxxxxxxx-cas-server-name for https://cas-server- > name:8443/cas/services/j_acegi_cas_security_check > ACTION: SERVICE_TICKET_CREATED > APPLICATION: CAS > WHEN: [date] [time] > CLIENT IP ADDRESS: [client IP] > SERVER IP ADDRESS: [server IP] > ========================================================== > ==== > > > > So, the service ticket is created, but I don't get anywhere. What am I doing > wrong here? > > With Regards > > Stefan > > > > -- > This e-mail and any attachments may contain confidential, copyright and or > privileged material, and are for the use of the intended addressee only. If > you are not the intended addressee or an authorised recipient of the > addressee please notify us of receipt by returning the e-mail and do not use, > copy, retain, distribute or disclose the information in or attached to the e- > mail. > Any opinions expressed within this e-mail are those of the individual and not > necessarily of Diamond Light Source Ltd. > Diamond Light Source Ltd. cannot guarantee that this e-mail or any > attachments are free from viruses and we cannot accept liability for any > damage which you may sustain as a result of software viruses which may be > transmitted in or with the message. > Diamond Light Source Limited (company no. 4375679). Registered in England > and Wales with its registered office at Diamond House, Harwell Science and > Innovation Campus, Didcot, Oxfordshire, OX11 0DE, United Kingdom > > > > > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see http://www.ja- > sig.org/wiki/display/JSG/cas-user > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
