Hi, I am having an error from my cas client (Spring secutiry): Failed to provide a CAS service ticket to validate
On cas side the logs seems right: WHO: idanf WHAT: ST-146-xh4JZaIjtvemElJoEmfT-cas for https://mywebsite.com/login ACTION: SERVICE_TICKET_CREATED APPLICATION: CAS WHEN: Wed Feb 26 16:43:34 UTC 2014 CLIENT IP ADDRESS: 194.90.18.242 SERVER IP ADDRESS: mycas.com ============================================================= 2014-02-26 16:43:34,457 DEBUG [org.jasig.cas.web.flow.TerminateWebSessionListener] - <Terminate web session 9E468754A1B6905779CC27E2C3BDECC9 in 2 seconds> 2014-02-26 16:43:34,647 DEBUG [org.jasig.cas.authentication.principal.SamlService] - <Attempted to extract Request from HttpServletRequest. Results:> 2014-02-26 16:43:34,648 DEBUG [org.jasig.cas.authentication.principal.SamlService] - <Request Body: <SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/";><SOAP-ENV:Header/><SOAP-ENV:Body><samlp:Request xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol" MajorVersion="1" MinorVersion="1" RequestID="18b35fd7-97d1-4b65-9529-df3ed4043d78" IssueInstant="2014-02-26T16:43:16Z"><samlp:AssertionArtifact>ST-146-xh4JZaIjtvemElJoEmfT-cas</samlp:AssertionArtifact></samlp:Request></SOAP-ENV:Body></SOAP-ENV:Envelope>> 2014-02-26 16:43:34,648 DEBUG [org.jasig.cas.authentication.principal.SamlService] - <Extracted ArtifactId: ST-146-xh4JZaIjtvemElJoEmfT-cas> 2014-02-26 16:43:34,648 DEBUG [org.jasig.cas.authentication.principal.SamlService] - <Extracted Request Id: 18b35fd7-97d1-4b65-9529-df3ed4043d78> 2014-02-26 16:43:34,648 DEBUG [org.jasig.cas.web.support.SamlArgumentExtractor] - <Extractor generated service for: https://mywebsite.com/login> 2014-02-26 16:43:34,649 DEBUG [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Attempting to retrieve ticket [ST-146-xh4JZaIjtvemElJoEmfT-cas]> 2014-02-26 16:43:34,649 DEBUG [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Ticket [ST-146-xh4JZaIjtvemElJoEmfT-cas] found in registry.> 2014-02-26 16:43:34,650 DEBUG [org.jasig.cas.CentralAuthenticationServiceImpl] - <Principal id to return for service [HTTPS] is [idanf]. The default principal id is [idanf].> 2014-02-26 16:43:34,650 DEBUG [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Removing ticket [ST-146-xh4JZaIjtvemElJoEmfT-cas] from registry> 2014-02-26 16:43:34,650 DEBUG [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Attempting to retrieve ticket [ST-146-xh4JZaIjtvemElJoEmfT-cas]> Audit trail record BEGIN ============================================================= WHO: audit:unknown WHAT: ST-146-xh4JZaIjtvemElJoEmfT-cas ACTION: SERVICE_TICKET_VALIDATED APPLICATION: CAS WHEN: Wed Feb 26 16:43:34 UTC 2014 CLIENT IP ADDRESS: 54.84.136.123 SERVER IP ADDRESS: mycas.com ============================================================= On the client side logs: 2014-02-26 16:46:30,117 DEBUG [http-bio-8080-exec-1] - Checking match of request : '/login'; against '/api/**' -- 2014-02-26 16:46:30,118 DEBUG [http-bio-8080-exec-1] - Authentication attempt using org.springframework.security.cas.authentication.CasAuthenticationProvider 2014-02-26 16:46:30,118 DEBUG [http-bio-8080-exec-1] - Authentication request failed: org.springframework.security.authentication.BadCredentialsException: Failed to provide a CAS service ticket to validate 2014-02-26 16:46:30,118 DEBUG [http-bio-8080-exec-1] - Updated SecurityContextHolder to contain null Authentication 2014-02-26 16:46:30,118 DEBUG [http-bio-8080-exec-1] - Delegating to authentication failure handler org.springframework.security.cas.web.CasAuthenticationFilter$CasAuthenticationFailureHandler@6c05cd35 2014-02-26 16:46:30,118 DEBUG [http-bio-8080-exec-1] - serviceTicketRequest = true 2014-02-26 16:46:30,118 DEBUG [http-bio-8080-exec-1] - No failure URL set, sending 401 Unauthorized error 2014-02-26 16:46:30,118 DEBUG [http-bio-8080-exec-1] - SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession. 2014-02-26 16:46:30,118 DEBUG [http-bio-8080-exec-1] - SecurityContextHolder now cleared, as request processing completed 2014-02-26 16:46:31,879 DEBUG [http-bio-8080-exec-10] - Checking match of request : '/login'; against '/api/**' 2014-02-26 16:46:31,879 DEBUG [http-bio-8080-exec-10] - Checking match of request : '/login'; against '/resources/**' 2014-02-26 16:46:31,879 DEBUG [http-bio-8080-exec-10] - /login at position 1 of 11 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter' -- 2014-02-26 16:46:31,880 DEBUG [http-bio-8080-exec-10] - Authentication attempt using org.springframework.security.cas.authentication.CasAuthenticationProvider 2014-02-26 16:46:31,880 DEBUG [http-bio-8080-exec-10] - Authentication request failed: org.springframework.security.authentication.BadCredentialsException: Failed to provide a CAS service ticket to validate 2014-02-26 16:46:31,880 DEBUG [http-bio-8080-exec-10] - Updated SecurityContextHolder to contain null Authentication 2014-02-26 16:46:31,880 DEBUG [http-bio-8080-exec-10] - Delegating to authentication failure handler org.springframework.security.cas.web.CasAuthenticationFilter$CasAuthenticationFailureHandler@6c05cd35 2014-02-26 16:46:31,880 DEBUG [http-bio-8080-exec-10] - serviceTicketRequest = true 2014-02-26 16:46:31,880 DEBUG [http-bio-8080-exec-10] - No failure URL set, sending 401 Unauthorized error 2014-02-26 16:46:31,880 DEBUG [http-bio-8080-exec-10] - SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession. 2014-02-26 16:46:31,880 DEBUG [http-bio-8080-exec-10] - SecurityContextHolder now cleared, as request processing completed 2014-02-26 16:46:32,297 DEBUG [http-bio-8080-exec-8] - Checking match of request : '/login'; against '/api/**' 2014-02-26 16:46:32,297 DEBUG [http-bio-8080-exec-8] - Checking match of request : '/login'; against '/resources/**' 2014-02-26 16:46:32,297 DEBUG [http-bio-8080-exec-8] - /login at position 1 of 11 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter' -- 2014-02-26 16:46:32,298 DEBUG [http-bio-8080-exec-8] - Authentication attempt using org.springframework.security.cas.authentication.CasAuthenticationProvider 2014-02-26 16:46:32,298 DEBUG [http-bio-8080-exec-8] - Authentication request failed: org.springframework.security.authentication.BadCredentialsException: Failed to provide a CAS service ticket to validate 2014-02-26 16:46:32,298 DEBUG [http-bio-8080-exec-8] - Updated SecurityContextHolder to contain null Authentication 2014-02-26 16:46:32,298 DEBUG [http-bio-8080-exec-8] - Delegating to authentication failure handler org.springframework.security.cas.web.CasAuthenticationFilter$CasAuthenticationFailureHandler@6c05cd35 2014-02-26 16:46:32,298 DEBUG [http-bio-8080-exec-8] - serviceTicketRequest = true 2014-02-26 16:46:32,298 DEBUG [http-bio-8080-exec-8] - No failure URL set, sending 401 Unauthorized error 2014-02-26 16:46:32,298 DEBUG [http-bio-8080-exec-8] - SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession. 2014-02-26 16:46:32,298 DEBUG [http-bio-8080-exec-8] - SecurityContextHolder now cleared, as request processing completed Any idea? thanks. -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
