Hi, It works : the expected ticket is a service ticket and not the TGT. Pretty strange : it seems that the problem comes from within your application. Easy advice, but did you try enablig some logs on java.net and org.jasig.cas ? Thanks. Best regards, Jérôme
2013/10/22 Michael Kromarek <[email protected]> > Trying https://my_server.highline.edu:8443/cas/serviceValidate with out > any parameters: > > SSL handshake successful > Server Certificate verified > < HTTP/1.1 200 OK > < Cache-Control: private > < Expires: Wed, 31 Dec 1969 16:00:00 PST > < Content-Type: text/plain;charset=UTF-8 > < Content-Language: en-US > < Content-Length: 242 > < Date: Tue, 22 Oct 2013 21:13:55 GMT > < Server: Apache > < > > > > <cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'> > <cas:authenticationFailure code='INVALID_REQUEST'> > 'service' and 'ticket' parameters are > both required > </cas:authenticationFailure> > * Connection #0 to host my_server.highline.edu left intact > * Closing connection #0 > * SSLv3, TLS alert, Client hello (1): > > > > Passing the service ticket created from the attempt at using /cas/services > > curl " > https://my_server.highline.edu:8443/cas/serviceValidate?service=https%3A%2F%2Fmy_server.highline.edu%3A8443%2Fcas%2Fservices&ticket=ST-1-piyf2WgKIKHn1sCCgWVw-my_server.highline.edu"; > -v > > SSL Handshake and certificate verification succeed > > followed by > > > Host: my_server.highline.edu:8443 > > Accept: */* > > > < HTTP/1.1 200 OK > < Cache-Control: private > < Expires: Wed, 31 Dec 1969 16:00:00 PST > < Content-Type: text/plain;charset=UTF-8 > < Content-Language: en-US > < Content-Length: 248 > < Date: Tue, 22 Oct 2013 21:12:03 GMT > < Server: Apache > < > > > > <cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'> > <cas:authenticationFailure code='INVALID_TICKET'> > ticket ' > ST-1-piyf2WgKIKHn1sCCgWVw-my_server.highline.edu' not recognized > </cas:authenticationFailure> > * Connection #0 to host my_server.highline.edu left intact > * Closing connection #0 > * SSLv3, TLS alert, Client hello (1): > > > ----- > > If I change the ticket to the TGT that was created from authenticating at > /cas/login I get the 500 internal service error and the "Cas Unavailable" > html > > > > --Mike K. > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
