Any takers? This is a live production issue for us and I'm completely blindsided by this...
From: Zac Harvey Sent: Friday, July 25, 2014 4:19 PM To: [email protected] Subject: CAS 4.0: HTTP 401 Authentication Failed: No principal was found in the response from the CAS server We have some clients that use the Shiro-CAS client for communicating with CAS, and just launched a new app that uses SpringSec-CAS. The Shiro-CAS integration has been running flawlessly for quite some time. SpringSec-CAS users, however, get a HTTP 401 error *after* they try logging in from the CAS login page: "HTTP Status 401 - Authentication Failed: No principal was found in the response from the CAS server." Also, the serviceValidate URL (https://mycas:8443/mycas/serviceValidate?service=app01/app/j_spring_cas_security_check&ticket=ST-1-psUajs8fj5klcp05gJMV-localsso.ourorg.example.com) returns: <cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'> <cas:authenticationFailure code='INVALID_TICKET'> Ticket 'ST-1-psUajs8fj5klcp05gJMV-localsso.ourorg.example.com' not recognized </cas:authenticationFailure> </cas:serviceResponse> Any ideas as to what is going on here? Again this is CAS 4.0. What could cause these errors. Is it a server-side config issue that (somehow) Shiro-CAS clients would be oblivious to? Is it a client-side issue with SpringSec? Best, Zac -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
