I should have put this in the last email: is there anything with CASTGC cookie 
that might be affecting different browsers differently?  Or perhaps if a user's 
settings in a particular browser are not quite right, could that be why I'm 
seeing different behavior in different browsers?

-----Original Message-----
From: Zac Harvey 
Sent: Friday, May 16, 2014 2:43 PM
To: [email protected]
Subject: RE: [cas-user] Minimal code for custom casLoginView.jsp form?

After pulling my hair out for a few days, I realized that everything runs 
perfectly fine in Chrome and IE - it's Firefox that is the problem child. In 
Chrome/IE, if I log in (again, using my custom login form - casLoginView.jsp) I 
am successfully redirected back to my app. But the same code running in FF just 
has the bizarre form reset behavior that I've been describing.

Carlos (or anyone else) - are you aware of any FF-specific issues with 
CAS/JSP/WebFlow form submission? I can reproduce this over and over again, so 
I'm confident it's a browser issue.

Thanks,
Zac

-----Original Message-----
From: Carlos Fernandez [mailto:[email protected]]
Sent: Friday, May 16, 2014 10:51 AM
To: [email protected]
Subject: RE: [cas-user] Minimal code for custom casLoginView.jsp form?

Zac,

server.prefix should contain the webapp's context path -- Under Tomcat, it's 
the name of the directory under which the webapp is deployed, which usually 
matches the left side of the WAR file's name. In our case, the WAR file's name 
is cas.war, so the webapp's context path is cas, and server.prefix is therefore 
set to ${server.name}/cas. The exception to this is if the webapp is deployed 
under ROOT, in which case the context path is "/", so you'd set server.prefix 
to ${server.name}/. That's not how your CAS is deployed, though, otherwise 
you'd be able to login. You may have to find how the webapp was deployed, and 
update server.prefix accordingly.

Best regards,
--
Carlos.

-----Original Message-----
From: Zac Harvey [mailto:[email protected]]
Sent: Friday, 16 May, 2014 07:34
To: [email protected]
Subject: RE: [cas-user] Minimal code for custom casLoginView.jsp form?

Sorry, my profuse apologies here.  I sent that last email out too fast.  I do 
in fact have a server.prefix defined inside cas.properties:

server.name=https://localsso.ourcompany.org:5443
server.prefix=${server.name}/

Should this be something else?  Should it match what I'm seeing in the 
"Location" response header?  So something like:

server.name= https://my-cas-server.ourcompany.org:5443
server.prefix=${server.name}/


-----Original Message-----
From: Zac Harvey
Sent: Friday, May 16, 2014 7:31 AM
To: '[email protected]'
Subject: RE: [cas-user] Minimal code for custom casLoginView.jsp form?

Carlos,

Thanks again for the continued support on this; I feel like we're honing in on 
something.  I never "installed" CAS; I actually forked another CAS project's 
source, and have been making modifications to it (I'm on Ubuntu). 
I actually don't even see a "server.prefix" defined *anywhere* inside my 
cas.properties file.

The thing is, I had my CAS server authenticating against our ActiveDirectory 
(via LDAP), but it was using the default login page.  I only started getting 
this bizarre "form reset" behavior once I started customizing the login page; 
server.prefix was never set at any point in time.  And what's this "CASTGC"; 
some sort of redirect token?

Thanks again. Enormously. !

Zac

-----Original Message-----
From: Carlos Fernandez [mailto:[email protected]]
Sent: Thursday, May 15, 2014 2:52 PM
To: [email protected]
Subject: RE: [cas-user] Minimal code for custom casLoginView.jsp form?

Now it's getting somewhere.

Did you install the CAS app as ROOT? Otherwise the Location header URL points 
to something else. What value do you have set for "server.prefix" in 
cas.properties?

Since you're not getting the CASTGC, CAS will respond with the login page, 
exactly as you're seeing.

Best regards,
--
Carlos.


-----Original Message-----
From: Zac Harvey [mailto:[email protected]]
Sent: Thursday, 15 May, 2014 10:12
To: [email protected]
Subject: RE: [cas-user] Minimal code for custom casLoginView.jsp form?

The value of the response's "Location" header is 
"https://my-cas-server.ourcompany.org:5443/login"; (obviously 
"my-cas-server.ourcompany.org" is not the real value!).

There was no "Set-Cookie" header (for response or request), however there was a 
"Pragma" response header with a value of "no-cache".  There was also a 
"JSESSIONID" cookie with a value as well.

Does any of this make sense to you?  Thanks again for all the help so far!

-----Original Message-----
From: Carlos Fernandez [mailto:[email protected]]
Sent: Thursday, May 15, 2014 10:05 AM
To: [email protected]
Subject: RE: [cas-user] Minimal code for custom casLoginView.jsp form?

What URL did the "302 Found" response contain in the "Location" header? Any 
"Set-Cookie" headers with CASTGC and/or CASPRIVACY?

Best regards,
--
Carlos.

-----Original Message-----
From: Zac Harvey [mailto:[email protected]]
Sent: Thursday, 15 May, 2014 07:00
To: [email protected]
Subject: RE: [cas-user] Minimal code for custom casLoginView.jsp form?

Thanks for the help Carlos. Any chance you (or anyone else) can take a look at 
my form and see if anything seems off?

        <%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"; %>
        <%@ taglib prefix="spring" uri="http://www.springframework.org/tags"; %>
        <%@ taglib prefix="form" uri="http://www.springframework.org/tags/form"; 
%>
        <%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions"; %>

        <!-- For debugging and trying your suggestions. -->
        <h2>loginTicket is ${loginTicket}, and flowExecutionKey is 
${flowExecutionKey}.</h2>

        <form:form method="post" id="fm1" commandName="${commandName}"
htmlEscape="true">
            <div class="errors">
                <img src="<c:url 
value="/img/alert_red_20px.png"/>"/><form:errors
path="*" cssClass="error" delimiter=" "/>
            </div>
            <label for="username"><spring:message 
code="screen.welcome.label.netid"/></label>
            <spring:message code="screen.welcome.label.netid.accesskey"
var="userNameAccessKey"/>
            <form:input cssClass="required" cssErrorClass="error" id="username"
tabindex="1" accesskey="${userNameAccessKey}" path="username"
autocomplete="false" htmlEscape="true"/>
            <label for="password" class="fl-label"><spring:message 
code="screen.welcome.label.password"/></label>
            <spring:message code="screen.welcome.label.password.accesskey"
var="passwordAccessKey"/>
            <form:password cssClass="required" cssErrorClass="error" 
id="password"
tabindex="2" path="password" accesskey="${passwordAccessKey}"
htmlEscape="true" autocomplete="off"/>
            <div class="button_bar">
                <input type="hidden" name="lt" value="${loginTicket}"/>
                <input type="hidden" name="execution" 
value="${flowExecutionKey}"/>
                <input type="hidden" name="_eventId" value="submit"/>
                <input name="submit" accesskey="l" value="<spring:message 
code="screen.welcome.button.login"/>" tabindex="4" type="submit"
class="orangebutton"/>
            </div>
        </form:form>

When the above code renders in a browser, I get the following printout in the 
<h2> element:

        loginTicket is LT-19-gn3zqvf3Q3vWX6j39KhbTjRkbCLcLh, and 
flowExecutionKey is e19s1.

So it looks like my "lt" and "flowExecutionKey" are valid, yes?

If everything else above looks good to you, any ideas as to where I could start 
troubleshooting next?  Again when I enter a username and password, and then 
submit the form, it just:

- Refreshes the screen, clearing the text out of the username/password fields 
(like a form reset); and
- I get different values for "lt" and "flowExecutionKey"; and
- The HTTP POST (the form submission itself) comes back "302 Found" but doesn't 
seem to have anything in the HTTP response

Could the fact that I'm getting different vals for lt and flowExecutionKey 
every time the form loads be the culprit?

Thanks again for all the help so far!

-----Original Message-----
From: Carlos Fernandez [mailto:[email protected]]
Sent: Wednesday, May 14, 2014 2:49 PM
To: [email protected]
Subject: RE: [cas-user] Minimal code for custom casLoginView.jsp form?

Zac,

Based on the default casLoginView in 3.5.2, the form will send 'username', 
'password', 'warn', 'lt' (login ticket), 'execution', and '_eventId'. The 
behavior that you see usually happens when the login ticket in the POST request 
is invalid or missing.

This is what the form looks like stripped of DIVs and stand-alone 
<spring:message> tags, and without the OpenID conditional code:

<form:form method="post" id="fm1" cssClass="fm-v clearfix"
commandName="${commandName}" htmlEscape="true">
    <label for="username" class="fl-label"><spring:message 
code="screen.welcome.label.netid" /></label>
    <form:input cssClass="required" cssErrorClass="error" id="username"
size="25" tabindex="1" accesskey="${userNameAccessKey}" path="username"
autocomplete="false" htmlEscape="true" />
    <label for="password" class="fl-label"><spring:message 
code="screen.welcome.label.password" /></label>
    <form:password cssClass="required" cssErrorClass="error" id="password"
size="25" tabindex="2" path="password"  accesskey="${passwordAccessKey}"
htmlEscape="true" autocomplete="off" />
    <input id="warn" name="warn" value="true" tabindex="3"
accesskey="<spring:message code="screen.welcome.label.warn.accesskey" />"
type="checkbox" />
    <label for="warn"><spring:message code="screen.welcome.label.warn"
/></label>
    <input type="hidden" name="lt" value="${loginTicket}" />
    <input type="hidden" name="execution" value="${flowExecutionKey}" />
    <input type="hidden" name="_eventId" value="submit" />
    <input class="btn-submit" name="submit" accesskey="l"
value="<spring:message code="screen.welcome.button.login" />" tabindex="4"
type="submit" />
    <input class="btn-reset" name="reset" accesskey="c"
value="<spring:message code="screen.welcome.button.clear" />" tabindex="5"
type="reset" />
</form:form>

Best regards,
--
Carlos.

-----Original Message-----
From: Zac [mailto:[email protected]]
Sent: Wednesday, 14 May, 2014 13:41
To: [email protected]
Subject: [cas-user] Minimal code for custom casLoginView.jsp form?

I just tried to implement my own casLoginView.jsp form and have CAS displaying 
it beautifully when the user goes to log in to the system. The problem is that 
when you click the login button, the screen just refreshes and gives no 
indication as to whether they successfully logged in or not.

So I ask: what is the minimal <form> code necessary to POST a username and 
password to CAS (from inside the casLoginView.jsp)? What attributes does it 
need?
--
You are currently subscribed to [email protected] as:
[email protected] To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user

--
You are currently subscribed to [email protected] as:
[email protected] To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user

--
You are currently subscribed to [email protected] as:
[email protected] To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user

--
You are currently subscribed to [email protected] as:
[email protected] To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user

--
You are currently subscribed to [email protected] as:
[email protected] To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user

--
You are currently subscribed to [email protected] as: 
[email protected] To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user

--
You are currently subscribed to [email protected] as: 
[email protected] To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user

--
You are currently subscribed to [email protected] as: 
[email protected] To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user

-- 
You are currently subscribed to [email protected] as: 
[email protected]
To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user

Reply via email to