Hi, All configuration in your sample and mine are same except I use HTTPS whereas in your example it is HTTP. Could this be an issue?
On Tue, Mar 25, 2014 at 4:22 PM, Sashika <[email protected]> wrote: > > Hi I checked your sample. Could you please check it with Google2Client and > confirm > > Thanks. > > > On Mon, Mar 24, 2014 at 9:04 PM, Jérôme LELEU <[email protected]> wrote: > >> Hi, >> >> I updated my demo where localhost:8080/cas is the first CAS server which >> can delegate authentication to the second CAS server: localhost:8080/cas2 >> using the OAuth protocol. So I use OAuth 2 protocol with a CAS server which >> delegates itself the authentication to an OAuth provider. >> It's hard to guess the problem while it works on my side. >> >> Can you check if your web session cookie (name : JSESSION) keeps the same >> value? >> >> Thanks. >> Best regards, >> Jérôme >> >> >> >> 2014-03-24 15:42 GMT+01:00 Sashika <[email protected]>: >> >> Hi, >>> Thanks for the test update. In your test I wonder what is the url " >>> http://localhost:8080/cas/login?service=http://fake"; that url seems to >>> me like if you are using CAS protocol to connect clients. But in my case >>> the clients will connect to cas using oauth server support like the url >>> "/cas/oauth2.0/authorize?redirect_url=http://fake"; >>> To update you, when I login through facebook it works perfectly 6 times >>> out of 10. But 4 times I get the error I listed earlier. But when I login >>> through google2client then it gives the above error every time. What could >>> be the possible reason for the above? >>> On 24 Mar 2014 19:19, "Jérôme LELEU" <[email protected]> wrote: >>> >>>> Hi, >>>> >>>> I just made a complete test: >>>> https://github.com/leleuj/cas-pac4j-oauth-demo/tree/doubleoauth and it >>>> works perfectly. >>>> 1) copy/paste in your browser: >>>> http://localhost:8080/cas/login?service=http://fake >>>> 2) click on "Authenticate with another CAS server using OAuth v2.0 >>>> protocol" >>>> 3) click on "Authenticate with Twitter" >>>> 4) Authenticate at Twitter >>>> 5) Click on "Allow" >>>> >>>> Here you go: you have communicate with the CAS server using the OAuth >>>> protocol v2.0 and delegate the authentication to an OAuth provider >>>> (Twitter). >>>> >>>> Best regards, >>>> Jérôme >>>> >>>> >>>> >>>> >>>> >>>> 2014-03-24 12:40 GMT+01:00 Jérôme LELEU <[email protected]>: >>>> >>>>> Hi, >>>>> >>>>> I will make a test today or tomorrow... >>>>> Best, >>>>> Jérôme >>>>> >>>>> >>>>> >>>>> 2014-03-24 4:28 GMT+01:00 Sashika <[email protected]>: >>>>> >>>>>> Hi, >>>>>> >>>>>> I raised this same question a few months before as well, but now this >>>>>> has become a real issue. >>>>>> My CAS server is configured as an OAuths server. That means my >>>>>> clients connect to CAS through OAuth2.0 by issuing a >>>>>> cas/oauth2/0/authorize >>>>>> request. Also the same server is configured with >>>>>> "cas-server-support-pac4j" >>>>>> and "pac4j-oauth". This means my clients can log in to CAS server through >>>>>> facebook etc. The problem is when I try to log in through facebook, >>>>>> google >>>>>> etc..it displays the CAS is unavailable error message after loging in to >>>>>> the social network. The extract of the log is attached. What could be the >>>>>> issue. >>>>>> >>>>>> ============================================================= >>>>>> WHO: audit:unknown >>>>>> WHAT: >>>>>> TGT-18-EzIpvsOFt6HAAFg3bWZQ1c15b6l7ftySMEd3Az1LRHKFnzE0s4-passport.yatango.com >>>>>> ACTION: TICKET_GRANTING_TICKET_CREATED >>>>>> APPLICATION: CAS >>>>>> WHEN: Mon Mar 24 03:26:18 UTC 2014 >>>>>> CLIENT IP ADDRESS: 124.43.26.150 >>>>>> SERVER IP ADDRESS: 10.251.1.108 >>>>>> ============================================================= >>>>>> >>>>>> > >>>>>> |#] >>>>>> >>>>>> [#|2014-03-24T03:26:18.701+0000|INFO|glassfish3.1.2|javax.enterprise.system.std.com.sun.enterprise.server.logging|_ThreadID=59;_ThreadName=Thread-2;|2014-03-24 >>>>>> 03:26:18,701 INFO [org.jasig.cas.CentralAuthenticationServiceImpl] - >>>>>> <Granted service ticket [ >>>>>> ST-10-OQZyn5kf2ndBS1hc5e4d-passport.yatango.com] for service >>>>>> [https://????.com/cas/oauth2.0/callbackAuthorize] for user >>>>>> [115165125832412854137]> >>>>>> |#] >>>>>> >>>>>> [#|2014-03-24T03:26:18.702+0000|INFO|glassfish3.1.2|javax.enterprise.system.std.com.sun.enterprise.server.logging|_ThreadID=59;_ThreadName=Thread-2;|2014-03-24 >>>>>> 03:26:18,702 INFO >>>>>> [com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - >>>>>> <Audit >>>>>> trail record BEGIN >>>>>> ============================================================= >>>>>> WHO: 115165125832412854137 >>>>>> WHAT: ST-10-OQZyn5kf2ndBS1hc5e4d-passport.yatango.com for https:// >>>>>> ??????.com/cas/oauth2.0/callbackAuthorize >>>>>> ACTION: SERVICE_TICKET_CREATED >>>>>> APPLICATION: CAS >>>>>> WHEN: Mon Mar 24 03:26:18 UTC 2014 >>>>>> CLIENT IP ADDRESS: 124.43.26.150 >>>>>> SERVER IP ADDRESS: 10.251.1.108 >>>>>> ============================================================= >>>>>> >>>>>> > >>>>>> |#] >>>>>> >>>>>> [#|2014-03-24T03:26:18.964+0000|INFO|glassfish3.1.2|javax.enterprise.system.std.com.sun.enterprise.server.logging|_ThreadID=60;_ThreadName=Thread-2;|2014-03-24 >>>>>> 03:26:18,963 ERROR >>>>>> [org.jasig.cas.support.oauth.web.OAuth20CallbackAuthorizeController] - >>>>>> <oauth20_callbackUrl is missing from the session and can not be >>>>>> retrieved.> >>>>>> |#] >>>>>> >>>>>> The login to the social network seems to be ok. But there is an error >>>>>> in the last line. >>>>>> >>>>>> >>>>>> Regards >>>>>> Sashika. >>>>>> >>>>>> -- >>>>>> You are currently subscribed to [email protected] as: >>>>>> [email protected] >>>>>> To unsubscribe, change settings or access archives, see >>>>>> http://www.ja-sig.org/wiki/display/JSG/cas-user >>>>>> >>>>>> >>>>> >>>> -- >>>> You are currently subscribed to [email protected] as: >>>> [email protected] >>>> To unsubscribe, change settings or access archives, see >>>> http://www.ja-sig.org/wiki/display/JSG/cas-user >>>> >>>> -- >>> You are currently subscribed to [email protected] as: >>> [email protected] >>> To unsubscribe, change settings or access archives, see >>> http://www.ja-sig.org/wiki/display/JSG/cas-user >>> >>> >> -- >> You are currently subscribed to [email protected] as: >> [email protected] >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/display/JSG/cas-user >> >> > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
