Hi, It should not be, but as there is no other difference, I'm open to any lead...
To come back to my previous question: can you check if your web session cookie (name : JSESSION) keeps the same value during the test? Thanks. Best regards, Jérôme 2014-03-26 8:46 GMT+01:00 Sashika <[email protected]>: > Hi, > > All configuration in your sample and mine are same except I use HTTPS > whereas in your example it is HTTP. Could this be an issue? > > > On Tue, Mar 25, 2014 at 4:22 PM, Sashika <[email protected]> wrote: > >> >> Hi I checked your sample. Could you please check it with Google2Client >> and confirm >> >> Thanks. >> >> >> On Mon, Mar 24, 2014 at 9:04 PM, Jérôme LELEU <[email protected]> wrote: >> >>> Hi, >>> >>> I updated my demo where localhost:8080/cas is the first CAS server which >>> can delegate authentication to the second CAS server: localhost:8080/cas2 >>> using the OAuth protocol. So I use OAuth 2 protocol with a CAS server which >>> delegates itself the authentication to an OAuth provider. >>> It's hard to guess the problem while it works on my side. >>> >>> Can you check if your web session cookie (name : JSESSION) keeps the >>> same value? >>> >>> Thanks. >>> Best regards, >>> Jérôme >>> >>> >>> >>> 2014-03-24 15:42 GMT+01:00 Sashika <[email protected]>: >>> >>> Hi, >>>> Thanks for the test update. In your test I wonder what is the url " >>>> http://localhost:8080/cas/login?service=http://fake"; that url seems to >>>> me like if you are using CAS protocol to connect clients. But in my case >>>> the clients will connect to cas using oauth server support like the url >>>> "/cas/oauth2.0/authorize?redirect_url=http://fake"; >>>> To update you, when I login through facebook it works perfectly 6 times >>>> out of 10. But 4 times I get the error I listed earlier. But when I login >>>> through google2client then it gives the above error every time. What could >>>> be the possible reason for the above? >>>> On 24 Mar 2014 19:19, "Jérôme LELEU" <[email protected]> wrote: >>>> >>>>> Hi, >>>>> >>>>> I just made a complete test: >>>>> https://github.com/leleuj/cas-pac4j-oauth-demo/tree/doubleoauth and >>>>> it works perfectly. >>>>> 1) copy/paste in your browser: >>>>> http://localhost:8080/cas/login?service=http://fake >>>>> 2) click on "Authenticate with another CAS server using OAuth v2.0 >>>>> protocol" >>>>> 3) click on "Authenticate with Twitter" >>>>> 4) Authenticate at Twitter >>>>> 5) Click on "Allow" >>>>> >>>>> Here you go: you have communicate with the CAS server using the OAuth >>>>> protocol v2.0 and delegate the authentication to an OAuth provider >>>>> (Twitter). >>>>> >>>>> Best regards, >>>>> Jérôme >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> 2014-03-24 12:40 GMT+01:00 Jérôme LELEU <[email protected]>: >>>>> >>>>>> Hi, >>>>>> >>>>>> I will make a test today or tomorrow... >>>>>> Best, >>>>>> Jérôme >>>>>> >>>>>> >>>>>> >>>>>> 2014-03-24 4:28 GMT+01:00 Sashika <[email protected]>: >>>>>> >>>>>>> Hi, >>>>>>> >>>>>>> I raised this same question a few months before as well, but now >>>>>>> this has become a real issue. >>>>>>> My CAS server is configured as an OAuths server. That means my >>>>>>> clients connect to CAS through OAuth2.0 by issuing a >>>>>>> cas/oauth2/0/authorize >>>>>>> request. Also the same server is configured with >>>>>>> "cas-server-support-pac4j" >>>>>>> and "pac4j-oauth". This means my clients can log in to CAS server >>>>>>> through >>>>>>> facebook etc. The problem is when I try to log in through facebook, >>>>>>> google >>>>>>> etc..it displays the CAS is unavailable error message after loging in to >>>>>>> the social network. The extract of the log is attached. What could be >>>>>>> the >>>>>>> issue. >>>>>>> >>>>>>> ============================================================= >>>>>>> WHO: audit:unknown >>>>>>> WHAT: >>>>>>> TGT-18-EzIpvsOFt6HAAFg3bWZQ1c15b6l7ftySMEd3Az1LRHKFnzE0s4-passport.yatango.com >>>>>>> ACTION: TICKET_GRANTING_TICKET_CREATED >>>>>>> APPLICATION: CAS >>>>>>> WHEN: Mon Mar 24 03:26:18 UTC 2014 >>>>>>> CLIENT IP ADDRESS: 124.43.26.150 >>>>>>> SERVER IP ADDRESS: 10.251.1.108 >>>>>>> ============================================================= >>>>>>> >>>>>>> > >>>>>>> |#] >>>>>>> >>>>>>> [#|2014-03-24T03:26:18.701+0000|INFO|glassfish3.1.2|javax.enterprise.system.std.com.sun.enterprise.server.logging|_ThreadID=59;_ThreadName=Thread-2;|2014-03-24 >>>>>>> 03:26:18,701 INFO [org.jasig.cas.CentralAuthenticationServiceImpl] - >>>>>>> <Granted service ticket [ >>>>>>> ST-10-OQZyn5kf2ndBS1hc5e4d-passport.yatango.com] for service >>>>>>> [https://????.com/cas/oauth2.0/callbackAuthorize] for user >>>>>>> [115165125832412854137]> >>>>>>> |#] >>>>>>> >>>>>>> [#|2014-03-24T03:26:18.702+0000|INFO|glassfish3.1.2|javax.enterprise.system.std.com.sun.enterprise.server.logging|_ThreadID=59;_ThreadName=Thread-2;|2014-03-24 >>>>>>> 03:26:18,702 INFO >>>>>>> [com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - >>>>>>> <Audit >>>>>>> trail record BEGIN >>>>>>> ============================================================= >>>>>>> WHO: 115165125832412854137 >>>>>>> WHAT: ST-10-OQZyn5kf2ndBS1hc5e4d-passport.yatango.com for https:// >>>>>>> ??????.com/cas/oauth2.0/callbackAuthorize >>>>>>> ACTION: SERVICE_TICKET_CREATED >>>>>>> APPLICATION: CAS >>>>>>> WHEN: Mon Mar 24 03:26:18 UTC 2014 >>>>>>> CLIENT IP ADDRESS: 124.43.26.150 >>>>>>> SERVER IP ADDRESS: 10.251.1.108 >>>>>>> ============================================================= >>>>>>> >>>>>>> > >>>>>>> |#] >>>>>>> >>>>>>> [#|2014-03-24T03:26:18.964+0000|INFO|glassfish3.1.2|javax.enterprise.system.std.com.sun.enterprise.server.logging|_ThreadID=60;_ThreadName=Thread-2;|2014-03-24 >>>>>>> 03:26:18,963 ERROR >>>>>>> [org.jasig.cas.support.oauth.web.OAuth20CallbackAuthorizeController] - >>>>>>> <oauth20_callbackUrl is missing from the session and can not be >>>>>>> retrieved.> >>>>>>> |#] >>>>>>> >>>>>>> The login to the social network seems to be ok. But there is an >>>>>>> error in the last line. >>>>>>> >>>>>>> >>>>>>> Regards >>>>>>> Sashika. >>>>>>> >>>>>>> -- >>>>>>> You are currently subscribed to [email protected] as: >>>>>>> [email protected] >>>>>>> To unsubscribe, change settings or access archives, see >>>>>>> http://www.ja-sig.org/wiki/display/JSG/cas-user >>>>>>> >>>>>>> >>>>>> >>>>> -- >>>>> You are currently subscribed to [email protected] as: >>>>> [email protected] >>>>> To unsubscribe, change settings or access archives, see >>>>> http://www.ja-sig.org/wiki/display/JSG/cas-user >>>>> >>>>> -- >>>> You are currently subscribed to [email protected] as: >>>> [email protected] >>>> To unsubscribe, change settings or access archives, see >>>> http://www.ja-sig.org/wiki/display/JSG/cas-user >>>> >>>> >>> -- >>> You are currently subscribed to [email protected] as: >>> [email protected] >>> To unsubscribe, change settings or access archives, see >>> http://www.ja-sig.org/wiki/display/JSG/cas-user >>> >>> >> > -- > You are currently subscribed to [email protected] as: [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
