I should have put this in the last email: is there anything with CASTGC cookie that might be affecting different browsers differently? Or perhaps if a user's settings in a particular browser are not quite right, could that be why I'm seeing different behavior in different browsers?
-----Original Message----- From: Zac Harvey Sent: Friday, May 16, 2014 2:43 PM To: [email protected] Subject: RE: [cas-user] Minimal code for custom casLoginView.jsp form? After pulling my hair out for a few days, I realized that everything runs perfectly fine in Chrome and IE - it's Firefox that is the problem child. In Chrome/IE, if I log in (again, using my custom login form - casLoginView.jsp) I am successfully redirected back to my app. But the same code running in FF just has the bizarre form reset behavior that I've been describing. Carlos (or anyone else) - are you aware of any FF-specific issues with CAS/JSP/WebFlow form submission? I can reproduce this over and over again, so I'm confident it's a browser issue. Thanks, Zac -----Original Message----- From: Carlos Fernandez [mailto:[email protected]] Sent: Friday, May 16, 2014 10:51 AM To: [email protected] Subject: RE: [cas-user] Minimal code for custom casLoginView.jsp form? Zac, server.prefix should contain the webapp's context path -- Under Tomcat, it's the name of the directory under which the webapp is deployed, which usually matches the left side of the WAR file's name. In our case, the WAR file's name is cas.war, so the webapp's context path is cas, and server.prefix is therefore set to ${server.name}/cas. The exception to this is if the webapp is deployed under ROOT, in which case the context path is "/", so you'd set server.prefix to ${server.name}/. That's not how your CAS is deployed, though, otherwise you'd be able to login. You may have to find how the webapp was deployed, and update server.prefix accordingly. Best regards, -- Carlos. -----Original Message----- From: Zac Harvey [mailto:[email protected]] Sent: Friday, 16 May, 2014 07:34 To: [email protected] Subject: RE: [cas-user] Minimal code for custom casLoginView.jsp form? Sorry, my profuse apologies here. I sent that last email out too fast. I do in fact have a server.prefix defined inside cas.properties: server.name=https://localsso.ourcompany.org:5443 server.prefix=${server.name}/ Should this be something else? Should it match what I'm seeing in the "Location" response header? So something like: server.name= https://my-cas-server.ourcompany.org:5443 server.prefix=${server.name}/ -----Original Message----- From: Zac Harvey Sent: Friday, May 16, 2014 7:31 AM To: '[email protected]' Subject: RE: [cas-user] Minimal code for custom casLoginView.jsp form? Carlos, Thanks again for the continued support on this; I feel like we're honing in on something. I never "installed" CAS; I actually forked another CAS project's source, and have been making modifications to it (I'm on Ubuntu). I actually don't even see a "server.prefix" defined *anywhere* inside my cas.properties file. The thing is, I had my CAS server authenticating against our ActiveDirectory (via LDAP), but it was using the default login page. I only started getting this bizarre "form reset" behavior once I started customizing the login page; server.prefix was never set at any point in time. And what's this "CASTGC"; some sort of redirect token? Thanks again. Enormously. ! Zac -----Original Message----- From: Carlos Fernandez [mailto:[email protected]] Sent: Thursday, May 15, 2014 2:52 PM To: [email protected] Subject: RE: [cas-user] Minimal code for custom casLoginView.jsp form? Now it's getting somewhere. Did you install the CAS app as ROOT? Otherwise the Location header URL points to something else. What value do you have set for "server.prefix" in cas.properties? Since you're not getting the CASTGC, CAS will respond with the login page, exactly as you're seeing. Best regards, -- Carlos. -----Original Message----- From: Zac Harvey [mailto:[email protected]] Sent: Thursday, 15 May, 2014 10:12 To: [email protected] Subject: RE: [cas-user] Minimal code for custom casLoginView.jsp form? The value of the response's "Location" header is "https://my-cas-server.ourcompany.org:5443/login"; (obviously "my-cas-server.ourcompany.org" is not the real value!). There was no "Set-Cookie" header (for response or request), however there was a "Pragma" response header with a value of "no-cache". There was also a "JSESSIONID" cookie with a value as well. Does any of this make sense to you? Thanks again for all the help so far! -----Original Message----- From: Carlos Fernandez [mailto:[email protected]] Sent: Thursday, May 15, 2014 10:05 AM To: [email protected] Subject: RE: [cas-user] Minimal code for custom casLoginView.jsp form? What URL did the "302 Found" response contain in the "Location" header? Any "Set-Cookie" headers with CASTGC and/or CASPRIVACY? Best regards, -- Carlos. -----Original Message----- From: Zac Harvey [mailto:[email protected]] Sent: Thursday, 15 May, 2014 07:00 To: [email protected] Subject: RE: [cas-user] Minimal code for custom casLoginView.jsp form? Thanks for the help Carlos. Any chance you (or anyone else) can take a look at my form and see if anything seems off? <%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"; %> <%@ taglib prefix="spring" uri="http://www.springframework.org/tags"; %> <%@ taglib prefix="form" uri="http://www.springframework.org/tags/form"; %> <%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions"; %> <!-- For debugging and trying your suggestions. --> <h2>loginTicket is ${loginTicket}, and flowExecutionKey is ${flowExecutionKey}.</h2> <form:form method="post" id="fm1" commandName="${commandName}" htmlEscape="true"> <div class="errors"> <img src="<c:url value="/img/alert_red_20px.png"/>"/><form:errors path="*" cssClass="error" delimiter=" "/> </div> <label for="username"><spring:message code="screen.welcome.label.netid"/></label> <spring:message code="screen.welcome.label.netid.accesskey" var="userNameAccessKey"/> <form:input cssClass="required" cssErrorClass="error" id="username" tabindex="1" accesskey="${userNameAccessKey}" path="username" autocomplete="false" htmlEscape="true"/> <label for="password" class="fl-label"><spring:message code="screen.welcome.label.password"/></label> <spring:message code="screen.welcome.label.password.accesskey" var="passwordAccessKey"/> <form:password cssClass="required" cssErrorClass="error" id="password" tabindex="2" path="password" accesskey="${passwordAccessKey}" htmlEscape="true" autocomplete="off"/> <div class="button_bar"> <input type="hidden" name="lt" value="${loginTicket}"/> <input type="hidden" name="execution" value="${flowExecutionKey}"/> <input type="hidden" name="_eventId" value="submit"/> <input name="submit" accesskey="l" value="<spring:message code="screen.welcome.button.login"/>" tabindex="4" type="submit" class="orangebutton"/> </div> </form:form> When the above code renders in a browser, I get the following printout in the <h2> element: loginTicket is LT-19-gn3zqvf3Q3vWX6j39KhbTjRkbCLcLh, and flowExecutionKey is e19s1. So it looks like my "lt" and "flowExecutionKey" are valid, yes? If everything else above looks good to you, any ideas as to where I could start troubleshooting next? Again when I enter a username and password, and then submit the form, it just: - Refreshes the screen, clearing the text out of the username/password fields (like a form reset); and - I get different values for "lt" and "flowExecutionKey"; and - The HTTP POST (the form submission itself) comes back "302 Found" but doesn't seem to have anything in the HTTP response Could the fact that I'm getting different vals for lt and flowExecutionKey every time the form loads be the culprit? Thanks again for all the help so far! -----Original Message----- From: Carlos Fernandez [mailto:[email protected]] Sent: Wednesday, May 14, 2014 2:49 PM To: [email protected] Subject: RE: [cas-user] Minimal code for custom casLoginView.jsp form? Zac, Based on the default casLoginView in 3.5.2, the form will send 'username', 'password', 'warn', 'lt' (login ticket), 'execution', and '_eventId'. The behavior that you see usually happens when the login ticket in the POST request is invalid or missing. This is what the form looks like stripped of DIVs and stand-alone <spring:message> tags, and without the OpenID conditional code: <form:form method="post" id="fm1" cssClass="fm-v clearfix" commandName="${commandName}" htmlEscape="true"> <label for="username" class="fl-label"><spring:message code="screen.welcome.label.netid" /></label> <form:input cssClass="required" cssErrorClass="error" id="username" size="25" tabindex="1" accesskey="${userNameAccessKey}" path="username" autocomplete="false" htmlEscape="true" /> <label for="password" class="fl-label"><spring:message code="screen.welcome.label.password" /></label> <form:password cssClass="required" cssErrorClass="error" id="password" size="25" tabindex="2" path="password" accesskey="${passwordAccessKey}" htmlEscape="true" autocomplete="off" /> <input id="warn" name="warn" value="true" tabindex="3" accesskey="<spring:message code="screen.welcome.label.warn.accesskey" />" type="checkbox" /> <label for="warn"><spring:message code="screen.welcome.label.warn" /></label> <input type="hidden" name="lt" value="${loginTicket}" /> <input type="hidden" name="execution" value="${flowExecutionKey}" /> <input type="hidden" name="_eventId" value="submit" /> <input class="btn-submit" name="submit" accesskey="l" value="<spring:message code="screen.welcome.button.login" />" tabindex="4" type="submit" /> <input class="btn-reset" name="reset" accesskey="c" value="<spring:message code="screen.welcome.button.clear" />" tabindex="5" type="reset" /> </form:form> Best regards, -- Carlos. -----Original Message----- From: Zac [mailto:[email protected]] Sent: Wednesday, 14 May, 2014 13:41 To: [email protected] Subject: [cas-user] Minimal code for custom casLoginView.jsp form? I just tried to implement my own casLoginView.jsp form and have CAS displaying it beautifully when the user goes to log in to the system. The problem is that when you click the login button, the screen just refreshes and gives no indication as to whether they successfully logged in or not. So I ask: what is the minimal <form> code necessary to POST a username and password to CAS (from inside the casLoginView.jsp)? What attributes does it need? -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
