[cas-user] java cas client redirect loop; client not logging

Tue, 17 Jun 2014 12:25:12 -0700 

Hi all,

I'm trying to put up CAS authentication in front of IBM Cognos 10.2.1. So far 
I've added the cas-client-core-3.3.1.jar to the lib directory and set up 
filters in web.xml (relevant portion attached). I see the CAS login page upon 
visiting my Cognos service, but get a redirect loop after entering valid 
credentials. The CAS server logs an ST creation and subsequent validation, then 
the Cognos service redirects the browser back to CAS for another ST 
creation/validation cycle until the browser gives up.

I figure it might be an SSL issue where the CAS client isn't trusting the CAS 
server (even though I've checked cacerts and the STs are seemingly being 
validated on the CAS server side).

At this point I want to see some CAS client logs. Unfortunately, I haven't been 
able to get it to print anything at all. Cognos offers a log4j.properties which 
I customized to print org.jasig.cas.client messages (attached). cas.log is 
created where I expected to find it, but it's always empty. What have I done 
wrong?

Thanks,
Nick
-- 
You are currently subscribed to [email protected] as: 
[email protected]
To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user
<filter>
    <filter-name>CAS Authentication Filter</filter-name>
    <filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class>
    <init-param>
        <param-name>casServerLoginUrl</param-name>
        <param-value>https://login-test.denison.edu/cas/login</param-value>
    </init-param>
    <init-param>
        <param-name>service</param-name>
        <param-value>http://140.141.101.156/ibmcognos/cgi-bin/cognos.cgi?CAMNamespace=Denison-CAS</param-value>
    </init-param>
</filter>
<filter>
    <filter-name>CAS Validation Filter</filter-name>
    <filter-class>org.jasig.cas.client.validation.Cas10TicketValidationFilter</filter-class>
    <init-param>
        <param-name>casServerUrlPrefix</param-name>
        <param-value>https://login-test.denison.edu/cas</param-value>
    </init-param>
    <init-param>
        <param-name>service</param-name>
        <param-value>http://140.141.101.156/ibmcognos/cgi-bin/cognos.cgi?CAMNamespace=Denison-CAS</param-value>
    </init-param>
</filter>
<filter>
    <filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
    <filter-class>org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filter-class>
</filter>
<filter>
    <filter-name>CAS Assertion Thread Local Filter</filter-name>
    <filter-class>org.jasig.cas.client.util.AssertionThreadLocalFilter</filter-class>
</filter>
<filter-mapping>
    <filter-name>CAS Authentication Filter</filter-name>
    <url-pattern>/servlet/dispatch/ext/*</url-pattern>
</filter-mapping>
<filter-mapping>
    <filter-name>CAS Validation Filter</filter-name>
    <url-pattern>/servlet/dispatch/ext/*</url-pattern>
</filter-mapping>
<filter-mapping>
    <filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
    <url-pattern>/servlet/dispatch/ext/*</url-pattern>
</filter-mapping>
<filter-mapping>
    <filter-name>CAS Assertion Thread Local Filter</filter-name>
    <url-pattern>/servlet/dispatch/ext/*</url-pattern>
</filter-mapping>

Attachment: log4j.properties
Description: Binary data

Reply via email to