Hi, Maybe I'm missing it, but I don't see anything in your web.config that requires the user to be authenticated to access the app's resources. Take a look at http://msdn.microsoft.com/en-us/library/vstudio/wce3kxhd(v=vs.100).aspx. You want to make sure you've got something that denies access to the anonymous (?) user.
John On 8/11/14, 4:29 PM, Haer, Neelam wrote: > Hi All, > > I was able to fix my original problem (*Description: An error occurred > during the processing of a configuration file required to service this > request. Please review the specific error details below and modify > your configuration file appropriately. *) > > The problem was solved by moving the bin folder to the 'cas' > application directory. But now, I have a different problem. CAS is > not kicking in, ie, the module is not forcing authentication. Does > anyone have any ideas about this? (see my web.config below). > > Thanks, > > *From:*Haer, Neelam [[email protected]] > > *Sent:* August-11-14 4:00 PM > *To:* [email protected] > *Subject:* [cas-user] IIS and .NET CAS Client module - how to > register/install the module? > > Hi All, > > I'm having an issue with the .NET CAS Client module, and hoping that > someone here knows what they're doing when it comes to registering the > module in *IIS 7.7/Windows Server 2008*. > > > I downloaded and unzipped the .NET CAS Client Module, and have a site > setup on IIS 7.4 named 'cas', using HTTPS > > > 'cas' is setup as an 'application' in IIS. > > > As per the installation/setup instructions here > (https://wiki.jasig.org/display/casc/.net+cas+client): > > > 1. I created a web.config file and placed it in the *cas *application > root folder. > > 2. I copied the context of the unzipped > dotnet-client-1.0.2-bin\Release to c:\inetpub\wwwroot\bin > > 3. The contents of the web.config file are at the end of this email. > > 4. I tried to access a page in the my 'cas' application and I get > the following error: > > > *Server Error in '/cas' Application.* > > * > * > > *Configuration Error* > > * > * > > *Description: An error occurred during the processing of a > configuration file required to service this request. Please review the > specific error details below and modify your configuration file > appropriately. * > > * > * > > *Parser Error Message: Could not load file or assembly > 'DotNetCasClient' or one of its dependencies. The system cannot find > the file specified. (C:\inetpub\wwwroot\cas\web.config line 14)* > > > Source Error: > > > > Line 12: <!-- Other system.web elements here --> > > Line 13: <httpModules> > > Line 14: <add name="DotNetCasClient" > type="DotNetCasClient.CasAuthenticationModule,DotNetCasClient" /> > > Line 15: <!-- Other modules here --> > > Line 16: </httpModules> > > > Source File: C:\inetpub\wwwroot\cas\web.config Line: 14 > > > > > -- Does anyone know how the module needs to be "registered" properly > in IIS? I thought just copying it to the bin folder as described in > step #2 would be enough? Please advise!!! Thanks. > > > *WEB.CONFIG CONTENTS* > > > <?xml version="1.0" encoding="UTF-8"?> > > <configuration> > > <configSections> > > <section name="casClientConfig" > type="DotNetCasClient.Configuration.CasClientConfiguration, > DotNetCasClient" /> > > <!-- Other custom sections here --> > > </configSections> > > > <casClientConfig > casServerLoginUrl="https://cas.stg.id.xxx/xxx-cas/login"; > casServerUrlPrefix="https://xxx"; serverName="https://xxx"; > redirectAfterValidation="true" renew="false" singleSignOut="true" > ticketValidatorName="Saml11" > serviceTicketManager="CacheServiceTicketManager" /> > > > > <system.web> > > <!-- Other system.web elements here --> > > <httpModules> > > <add name="DotNetCasClient" > type="DotNetCasClient.CasAuthenticationModule,DotNetCasClient" /> > > <!-- Other modules here --> > > </httpModules> > > <authentication mode="Forms"> > > <forms loginUrl="https://cas.stg.id.xxx/xxx-cas/login"; > timeout="30" defaultUrl="~/default.aspx" cookieless="UseCookies" > slidingExpiration="true" path="/cas/" /> > > </authentication> > > <!-- Other system.web elements here --> > > </system.web> > > > > <system.webServer> > > <!-- > > Disabled Integrated Mode configuration validation. > > This will allow a single deployment to run on IIS 5/6 and 7+ > > without errors > > --> > > <validation validateIntegratedModeConfiguration="false" /> > > <modules> > > <!-- > > Remove and Add the CasAuthenticationModule into the IIS7+ > > Integrated Pipeline. This has no effect on IIS5/6. > > --> > > <remove name="DotNetCasClient" /> > > <add name="DotNetCasClient" > type="DotNetCasClient.CasAuthenticationModule,DotNetCasClient" /> > > <!-- Other modules here --> > > </modules> > > <defaultDocument> > > <files> > > <clear /> > > <add value="index.html" /> > > <add value="default.aspx" /> > > <add value="Default.htm" /> > > <add value="Default.asp" /> > > <add value="index.htm" /> > > <add value="iisstart.htm" /> > > </files> > > </defaultDocument> > > <handlers> > > <remove name="AboMapperCustom-346496207" /> > > </handlers> > > </system.webServer> > > > <system.diagnostics> > > <trace autoflush="true" useGlobalLock="false" /> > > <sharedListeners> > > <!-- > > Writing trace output to a log file is recommended. > > IMPORTANT: > > The user account under which the containing application pool runs > > must have privileges to create and modify the trace log file. > > --> > > <add name="TraceFile" > type="System.Diagnostics.TextWriterTraceListener" > initializeData="C:\inetpub\logs\LogFiles\DotNetCasClient.Log" > traceOutputOptions="DateTime" /> > > </sharedListeners> > > <sources> > > <!-- Provides diagnostic information on module configuration > parameters. --> > > <source name="DotNetCasClient.Config" switchName="Config" > switchType="System.Diagnostics.SourceSwitch"> > > <listeners> > > <add name="TraceFile" /> > > </listeners> > > </source> > > <!-- Traces IHttpModule lifecycle events and meaningful operations > performed therein. --> > > <source name="DotNetCasClient.HttpModule" switchName="HttpModule" > switchType="System.Diagnostics.SourceSwitch"> > > <listeners> > > <add name="TraceFile" /> > > </listeners> > > </source> > > <!-- Provides protocol message and routing information. --> > > <source name="DotNetCasClient.Protocol" switchName="Protocol" > switchType="System.Diagnostics.SourceSwitch"> > > <listeners> > > <add name="TraceFile" /> > > </listeners> > > </source> > > <!-- Provides details on security operations and notable security > conditions. --> > > <source name="DotNetCasClient.Security" switchName="Security" > switchType="System.Diagnostics.SourceSwitch"> > > <listeners> > > <add name="TraceFile" /> > > </listeners> > > </source> > > </sources> > > <switches> > > <!-- > > Set trace switches to appropriate logging level. Recommended > values in order of increasing verbosity: > > - Off > > - Error > > - Warning > > - Information > > - Verbose > > --> > > <!-- > > Config category displays detailed information about > CasAuthenticationModule configuration. > > The output of this category is only displayed when the module is > initialized, which happens > > for the first request following application/server startup. > > --> > > <add name="Config" value="Information" /> > > <!-- > > Set this category to Verbose to trace HttpModule lifecycle > events in CasAuthenticationModule. > > This category produces voluminous output in Verbose mode and > should be avoided except for > > limited periods of time troubleshooting vexing integration problems. > > --> > > <add name="HttpModule" value="Information" /> > > <!-- > > Set to Verbose to display protocol messages between the client > and server. > > This category is very helpful for troubleshooting integration > problems. > > --> > > <add name="Protocol" value="Verbose" /> > > <!-- > > Displays important security-related information. > > --> > > <add name="Security" value="Information" /> > > </switches> > > </system.diagnostics> > > > </configuration> > > > > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user -- *John Gasper* IAM Consultant Unicon, Inc. PGP/GPG Key: 0xbafee3ef -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
