Zac,
server.prefix should contain the webapp's context path -- Under Tomcat, it's
the name of the directory under which the webapp is deployed, which usually
matches the left side of the WAR file's name. In our case, the WAR file's
name is cas.war, so the webapp's context path is cas, and server.prefix is
therefore set to ${server.name}/cas. The exception to this is if the webapp
is deployed under ROOT, in which case the context path is "/", so you'd set
server.prefix to ${server.name}/. That's not how your CAS is deployed,
though, otherwise you'd be able to login. You may have to find how the
webapp was deployed, and update server.prefix accordingly.
Best regards,
--
Carlos.
-----Original Message-----
From: Zac Harvey [mailto:[email protected]]
Sent: Friday, 16 May, 2014 07:34
To: [email protected]
Subject: RE: [cas-user] Minimal code for custom casLoginView.jsp form?
Sorry, my profuse apologies here. I sent that last email out too fast. I
do in fact have a server.prefix defined inside cas.properties:
server.name=https://localsso.ourcompany.org:5443
server.prefix=${server.name}/
Should this be something else? Should it match what I'm seeing in the
"Location" response header? So something like:
server.name= https://my-cas-server.ourcompany.org:5443
server.prefix=${server.name}/
-----Original Message-----
From: Zac Harvey
Sent: Friday, May 16, 2014 7:31 AM
To: '[email protected]'
Subject: RE: [cas-user] Minimal code for custom casLoginView.jsp form?
Carlos,
Thanks again for the continued support on this; I feel like we're honing in
on something. I never "installed" CAS; I actually forked another CAS
project's source, and have been making modifications to it (I'm on Ubuntu).
I actually don't even see a "server.prefix" defined *anywhere* inside my
cas.properties file.
The thing is, I had my CAS server authenticating against our ActiveDirectory
(via LDAP), but it was using the default login page. I only started getting
this bizarre "form reset" behavior once I started customizing the login
page; server.prefix was never set at any point in time. And what's this
"CASTGC"; some sort of redirect token?
Thanks again. Enormously. !
Zac
-----Original Message-----
From: Carlos Fernandez [mailto:[email protected]]
Sent: Thursday, May 15, 2014 2:52 PM
To: [email protected]
Subject: RE: [cas-user] Minimal code for custom casLoginView.jsp form?
Now it's getting somewhere.
Did you install the CAS app as ROOT? Otherwise the Location header URL
points to something else. What value do you have set for "server.prefix" in
cas.properties?
Since you're not getting the CASTGC, CAS will respond with the login page,
exactly as you're seeing.
Best regards,
--
Carlos.
-----Original Message-----
From: Zac Harvey [mailto:[email protected]]
Sent: Thursday, 15 May, 2014 10:12
To: [email protected]
Subject: RE: [cas-user] Minimal code for custom casLoginView.jsp form?
The value of the response's "Location" header is
"https://my-cas-server.ourcompany.org:5443/login"; (obviously
"my-cas-server.ourcompany.org" is not the real value!).
There was no "Set-Cookie" header (for response or request), however there
was a "Pragma" response header with a value of "no-cache". There was also a
"JSESSIONID" cookie with a value as well.
Does any of this make sense to you? Thanks again for all the help so far!
-----Original Message-----
From: Carlos Fernandez [mailto:[email protected]]
Sent: Thursday, May 15, 2014 10:05 AM
To: [email protected]
Subject: RE: [cas-user] Minimal code for custom casLoginView.jsp form?
What URL did the "302 Found" response contain in the "Location" header? Any
"Set-Cookie" headers with CASTGC and/or CASPRIVACY?
Best regards,
--
Carlos.
-----Original Message-----
From: Zac Harvey [mailto:[email protected]]
Sent: Thursday, 15 May, 2014 07:00
To: [email protected]
Subject: RE: [cas-user] Minimal code for custom casLoginView.jsp form?
Thanks for the help Carlos. Any chance you (or anyone else) can take a look
at my form and see if anything seems off?
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"; %>
<%@ taglib prefix="spring" uri="http://www.springframework.org/tags"; %>
<%@ taglib prefix="form" uri="http://www.springframework.org/tags/form";
%>
<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions"; %>
<!-- For debugging and trying your suggestions. -->
<h2>loginTicket is ${loginTicket}, and flowExecutionKey is
${flowExecutionKey}.</h2>
<form:form method="post" id="fm1" commandName="${commandName}"
htmlEscape="true">
<div class="errors">
<img src="<c:url
value="/img/alert_red_20px.png"/>"/><form:errors
path="*" cssClass="error" delimiter=" "/>
</div>
<label for="username"><spring:message
code="screen.welcome.label.netid"/></label>
<spring:message code="screen.welcome.label.netid.accesskey"
var="userNameAccessKey"/>
<form:input cssClass="required" cssErrorClass="error" id="username"
tabindex="1" accesskey="${userNameAccessKey}" path="username"
autocomplete="false" htmlEscape="true"/>
<label for="password" class="fl-label"><spring:message
code="screen.welcome.label.password"/></label>
<spring:message code="screen.welcome.label.password.accesskey"
var="passwordAccessKey"/>
<form:password cssClass="required" cssErrorClass="error"
id="password"
tabindex="2" path="password" accesskey="${passwordAccessKey}"
htmlEscape="true" autocomplete="off"/>
<div class="button_bar">
<input type="hidden" name="lt" value="${loginTicket}"/>
<input type="hidden" name="execution"
value="${flowExecutionKey}"/>
<input type="hidden" name="_eventId" value="submit"/>
<input name="submit" accesskey="l" value="<spring:message
code="screen.welcome.button.login"/>" tabindex="4" type="submit"
class="orangebutton"/>
</div>
</form:form>
When the above code renders in a browser, I get the following printout in
the <h2> element:
loginTicket is LT-19-gn3zqvf3Q3vWX6j39KhbTjRkbCLcLh, and
flowExecutionKey
is e19s1.
So it looks like my "lt" and "flowExecutionKey" are valid, yes?
If everything else above looks good to you, any ideas as to where I could
start troubleshooting next? Again when I enter a username and password, and
then submit the form, it just:
- Refreshes the screen, clearing the text out of the username/password
fields (like a form reset); and
- I get different values for "lt" and "flowExecutionKey"; and
- The HTTP POST (the form submission itself) comes back "302 Found" but
doesn't seem to have anything in the HTTP response
Could the fact that I'm getting different vals for lt and flowExecutionKey
every time the form loads be the culprit?
Thanks again for all the help so far!
-----Original Message-----
From: Carlos Fernandez [mailto:[email protected]]
Sent: Wednesday, May 14, 2014 2:49 PM
To: [email protected]
Subject: RE: [cas-user] Minimal code for custom casLoginView.jsp form?
Zac,
Based on the default casLoginView in 3.5.2, the form will send 'username',
'password', 'warn', 'lt' (login ticket), 'execution', and '_eventId'. The
behavior that you see usually happens when the login ticket in the POST
request is invalid or missing.
This is what the form looks like stripped of DIVs and stand-alone
<spring:message> tags, and without the OpenID conditional code:
<form:form method="post" id="fm1" cssClass="fm-v clearfix"
commandName="${commandName}" htmlEscape="true">
<label for="username" class="fl-label"><spring:message
code="screen.welcome.label.netid" /></label>
<form:input cssClass="required" cssErrorClass="error" id="username"
size="25" tabindex="1" accesskey="${userNameAccessKey}" path="username"
autocomplete="false" htmlEscape="true" />
<label for="password" class="fl-label"><spring:message
code="screen.welcome.label.password" /></label>
<form:password cssClass="required" cssErrorClass="error" id="password"
size="25" tabindex="2" path="password" accesskey="${passwordAccessKey}"
htmlEscape="true" autocomplete="off" />
<input id="warn" name="warn" value="true" tabindex="3"
accesskey="<spring:message code="screen.welcome.label.warn.accesskey" />"
type="checkbox" />
<label for="warn"><spring:message code="screen.welcome.label.warn"
/></label>
<input type="hidden" name="lt" value="${loginTicket}" />
<input type="hidden" name="execution" value="${flowExecutionKey}" />
<input type="hidden" name="_eventId" value="submit" />
<input class="btn-submit" name="submit" accesskey="l"
value="<spring:message code="screen.welcome.button.login" />" tabindex="4"
type="submit" />
<input class="btn-reset" name="reset" accesskey="c"
value="<spring:message code="screen.welcome.button.clear" />" tabindex="5"
type="reset" />
</form:form>
Best regards,
--
Carlos.
-----Original Message-----
From: Zac [mailto:[email protected]]
Sent: Wednesday, 14 May, 2014 13:41
To: [email protected]
Subject: [cas-user] Minimal code for custom casLoginView.jsp form?
I just tried to implement my own casLoginView.jsp form and have CAS
displaying it beautifully when the user goes to log in to the system. The
problem is that when you click the login button, the screen just refreshes
and gives no indication as to whether they successfully logged in or not.
So I ask: what is the minimal <form> code necessary to POST a username and
password to CAS (from inside the casLoginView.jsp)? What attributes does it
need?
--
You are currently subscribed to [email protected] as:
[email protected] To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
--
You are currently subscribed to [email protected] as:
[email protected] To unsubscribe, change settings or access archives,
see http://www.ja-sig.org/wiki/display/JSG/cas-user
--
You are currently subscribed to [email protected] as:
[email protected] To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
--
You are currently subscribed to [email protected] as:
[email protected] To unsubscribe, change settings or access archives,
see http://www.ja-sig.org/wiki/display/JSG/cas-user
--
You are currently subscribed to [email protected] as:
[email protected] To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
--
You are currently subscribed to [email protected] as:
[email protected] To unsubscribe, change settings or access archives,
see http://www.ja-sig.org/wiki/display/JSG/cas-user
--
You are currently subscribed to [email protected] as:
[email protected] To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
