Misagh, Thank you for the guidance. That makes sense. You have given me a good direction to investigate.
-Dan On 28 Oct 2013, at 15:49, Misagh Moayyed wrote: > Perhaps Something is missing from the CAS authentication filter > configuration of the facade resource that redirects to CAS. You are > missing the "service" parameter from the CAS login url which is why > you're not redirected back. The correct url should look similar to > this: > > > https://sso-test.stsci.edu/cas/login?service=<idp-host-name>/ > casauth/facade/norenew?idp=https://sso-test.stsci.edu/idp/externalAuthnCallback > > > with better url encoding of course. > > > The idea is that the authentication filter of the protected resource > (facade) would intercept the request, and redirects you back to CAS > with the full url (similar to what I have above) turning into the > service parameter. That is not happening. > > > > > -Misagh > ----- Original Message ----- > > From: "Dan Deighton" <[email protected]> > To: [email protected] > Sent: Monday, October 28, 2013 12:26:15 PM > Subject: Re: [cas-user] Redirect problem with CAS, Shibboleth and > shib-cas-authenticator > > https://sso-test.stsci.edu/cas/login?idp=https://sso-test.stsci.edu/idp/externalAuthnCallback > > > On 28 Oct 2013, at 15:24, Misagh Moayyed wrote: > >> When you arrive at the CAS login page, what is the full URL you see >> in >> the browser's address bar? >> >> >> -Misagh >> ----- Original Message ----- >> >> From: "Dan Deighton" <[email protected]> >> To: [email protected] >> Sent: Monday, October 28, 2013 11:40:13 AM >> Subject: [cas-user] Redirect problem with CAS, Shibboleth and >> shib-cas-authenticator >> >> >> >> I have a working installation of Shibboleth with CAS as the frontend >> for authentication using the REMOTE_USER method as described here: >> https://wiki.jasig.org/display/CASUM/Shibboleth-CAS+Integration >> I am trying to convert my setup to use Unicon's >> shib-cas-authenticator. I have configured the connector as per the >> README, but I must be missing something. I get redirected from the SP >> to the Shibboleth IdP, then to casauth, then to CAS. I'm able to log >> into CAS, but I never get redirected back to the IdP. >> The relevant web requests are here: GET >> /idp/profile/SAML2/Redirect/SSO?SAMLRequest=fZJdT4MwGIX%2FCuk9FIrT0QySuV24ZCo… >> HTTP/1.1" 302 - >> GET /idp/AuthnEngine HTTP/1.1" 302 - >> GET >> /casauth/facade/norenew?idp=https://sso-test.stsci.edu/idp/externalAuthnCallback >> HTTP/1.1" 302 - >> GET >> /cas/login?idp=https://sso-test.stsci.edu/idp/externalAuthnCallback >> HTTP/1.1" 200 4592 >> POST >> /cas/login?idp=https://sso-test.stsci.edu/idp/externalAuthnCallback >> HTTP/1.1" 200 2123 >> I'm not sure why I don't get redirected back from CAS. Any guidance >> would be extremely helpful. >> Thanks, >> -Dan -- >> You are currently subscribed to [email protected] as: >> [email protected] >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/display/JSG/cas-user >> >> -- >> You are currently subscribed to [email protected] as: >> [email protected] >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
