Re:[cas-user] CAS 4.0 with PWM 1.7.1

David Boudreault Wed, 24 Sep 2014 10:50:21 -0700

Finally , i changed my *pwmView.jsp* for this and i am not having a null 
ticket anymore. (I have a redirection loop again... Cas generates in loop 
the service ticket (ST-1, ST2, ST3.....): Can anyone tell me why ?


*pwmView.jsp *
 <%@ taglib uri='http://java.sun.com/jsp/jstl/core' prefix='c'%>

 <c:redirect url="
https://xxx.xxx.ca/pwm/private/CommandServlet?processAction=checkAll&forwardURL=https%3A%2F%2Fxxx.xxx.ca%3A4443%2Fperl%2Fenapemp.pl?${requestScope.serviceTicketId}
 
<https://authtest.enap.ca/pwm/private/CommandServlet?processAction=checkAll&forwardURL=https%3A%2F%2Fsafirh.enap.ca%3A4443%2Fperl%2Fenapemp.pl?$%7BrequestScope.serviceTicketId%7D>
"/>

 ${requestScope.serviceTicketId} return the ticket.



Here is my* cas log *file :

2014-09-24 13:26:03,155 DEBUG 
[org.jasig.cas.authentication.LdapAuthenticationHandler] - Attempting LDAP 
authentication for test+password
2014-09-24 13:26:03,700 DEBUG 
[org.jasig.cas.authentication.LdapAuthenticationHandler] - LDAP response: 
[org.ldaptive.auth.AuthenticationResponse@1989240314::authenticationResultCode=AUTHENTICATION_HANDLER_SUCCESS,
 
ldapEntry=[dn=CN=test 
test,OU=Users,OU=ETUDIANTS,OU=DER,dc=xxxmtl,dc=ca[[lastLogonTimestamp[130560524857221034]],
 
[countryCode[0]], [givenName[test]], [whenChanged[20140924171445.0Z]], 
[lastLogoff[0]], [instanceType[4]], [codePage[0]], 
[dSCorePropagationData[16010101000000.0Z]], [uSNCreated[76116]], 
[logonCount[0]], [uSNChanged[76122]], [badPwdCount[0]], 
[whenCreated[20140924171420.0Z]], [name[test test]], 
[objectCategory[CN=Person,CN=Schema,CN=Configuration,DC=xxxmtl,DC=ca]], 
[objectClass[organizationalPerson, person, user, top]], [sn[test]], 
[userAccountControl[66048]], [lastLogon[0]], [sAMAccountType[805306368]], 
[pwdLastSet[130560524612751797]], [badPasswordTime[0]], 
[distinguishedName[CN=test 
test,OU=Users,OU=ETUDIANTS,OU=DER,DC=xxxmtl,DC=ca]], [cn[test test]], 
[primaryGroupID[513]], [sAMAccountName[test]], [objectSid[        ?
????A!<5?)  ]], [accountExpires[9223372036854775807]], [userPrincipalName[
[email protected]]], [objectGUID[|LkT?BF??u??]], [displayName[test test]]], 
responseControls=null, messageId=-1], accountState=null, result=true, 
resultCode=SUCCESS, message=null, controls=null]
2014-09-24 13:26:03,701 DEBUG 
[org.jasig.cas.authentication.LdapAuthenticationHandler] - Found principal 
attribute: [sAMAccountName[test]]
2014-09-24 13:26:03,701 DEBUG 
[org.jasig.cas.authentication.LdapAuthenticationHandler] - Found principal 
attribute: [cn[test test]]
2014-09-24 13:26:03,701 DEBUG 
[org.jasig.cas.authentication.LdapAuthenticationHandler] - Found principal 
attribute: [distinguishedName[CN=test 
test,OU=Users,OU=ETUDIANTS,OU=DER,DC=xxxmtl,DC=ca]]
2014-09-24 13:26:03,702 DEBUG 
[org.jasig.cas.authentication.LdapAuthenticationHandler] - Found principal 
attribute: [displayName[test test]]
2014-09-24 13:26:03,702 DEBUG 
[org.jasig.cas.authentication.LdapAuthenticationHandler] - Found principal 
attribute: [givenName[test]]
2014-09-24 13:26:03,702 DEBUG 
[org.jasig.cas.authentication.LdapAuthenticationHandler] - Found principal 
attribute: [sn[test]]
2014-09-24 13:26:03,704 INFO 
[org.jasig.cas.authentication.PolicyBasedAuthenticationManager] - 
LdapAuthenticationHandler successfully authenticated test+password
2014-09-24 13:26:03,704 DEBUG 
[org.jasig.cas.authentication.principal.PersonDirectoryPrincipalResolver] - 
Attempting to resolve a principal...
2014-09-24 13:26:03,704 DEBUG 
[org.jasig.cas.authentication.principal.PersonDirectoryPrincipalResolver] - 
Creating SimplePrincipal for [test]
2014-09-24 13:26:03,704 DEBUG 
[org.jasig.cas.authentication.PolicyBasedAuthenticationManager] - 
org.jasig.cas.authentication.principal.PersonDirectoryPrincipalResolver@39814dd0
 
resolved test from test+password
2014-09-24 13:26:03,707 INFO 
[org.jasig.cas.authentication.PolicyBasedAuthenticationManager] - 
Authenticated test with credentials [test+password].
2014-09-24 13:26:03,707 DEBUG 
[org.jasig.cas.authentication.PolicyBasedAuthenticationManager] - Attribute 
map for test: {uid=uid, eduPersonAffiliation=eduPersonAffiliation, 
groupMembership=groupMembership}
2014-09-24 13:26:03,707 DEBUG 
[org.jasig.cas.extension.clearpass.EncryptedMapDecorator] - Generated hash 
of value 
[c62c667677424e2ca3aab21723537308dd547585688204434075020f97c4c6713a520d1604a14083c572f510685fd5955ffe142138d976aaa2240071c8761a8c]
 
for key [test].
2014-09-24 13:26:03,732 INFO 
[com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit 
trail record BEGIN
=============================================================
WHO: audit:unknown
WHAT: supplied credentials: [test+password]
ACTION: AUTHENTICATION_SUCCESS
APPLICATION: CAS
WHEN: Wed Sep 24 13:26:03 EDT 2014
CLIENT IP ADDRESS: 172.17.102.191
SERVER IP ADDRESS: 172.17.140.47
=============================================================


2014-09-24 13:26:03,737 DEBUG 
[org.jasig.cas.extension.clearpass.TicketRegistryDecorator] - Creating 
mapping ticket 
TGT-1-1o639saNZoYlqK6EcchXSOTJDFZzBDjrfPVjZLsYaW1gvgBLZc-cas01.example.org 
<http://tgt-1-1o639sanzoylqk6ecchxsotjdfzzbdjrfpvjzlsyaw1gvgblzc-cas01.example.org/>
 to 
user name test
2014-09-24 13:26:03,738 DEBUG 
[org.jasig.cas.extension.clearpass.EncryptedMapDecorator] - Generated hash 
of value 
[febd411414e9371a8febc60e7e55f865e2706211ffa0b278b94bc0ebe8ee0679804cf7ee86a4bcdbb25fe006df3401a6ca0c59a5bc64134f170ed6307d4ee489]
 
for key [
TGT-1-1o639saNZoYlqK6EcchXSOTJDFZzBDjrfPVjZLsYaW1gvgBLZc-cas01.example.org 
<http://tgt-1-1o639sanzoylqk6ecchxsotjdfzzbdjrfpvjzlsyaw1gvgblzc-cas01.example.org/>
].
2014-09-24 13:26:03,739 DEBUG 
[org.jasig.cas.ticket.registry.DefaultTicketRegistry] - Added ticket [
TGT-1-1o639saNZoYlqK6EcchXSOTJDFZzBDjrfPVjZLsYaW1gvgBLZc-cas01.example.org 
<http://tgt-1-1o639sanzoylqk6ecchxsotjdfzzbdjrfpvjzlsyaw1gvgblzc-cas01.example.org/>]
 
to registry.
2014-09-24 13:26:03,739 INFO 
[com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit 
trail record BEGIN
=============================================================
WHO: audit:unknown
WHAT: 
TGT-1-1o639saNZoYlqK6EcchXSOTJDFZzBDjrfPVjZLsYaW1gvgBLZc-cas01.example.org 
<http://tgt-1-1o639sanzoylqk6ecchxsotjdfzzbdjrfpvjzlsyaw1gvgblzc-cas01.example.org/>
ACTION: TICKET_GRANTING_TICKET_CREATED
APPLICATION: CAS
WHEN: Wed Sep 24 13:26:03 EDT 2014
CLIENT IP ADDRESS: 172.17.102.191
SERVER IP ADDRESS: 172.17.140.47
=============================================================


2014-09-24 13:26:03,740 DEBUG 
[org.jasig.cas.web.support.CookieRetrievingCookieGenerator] - Removed 
cookie with name [CASPRIVACY]
2014-09-24 13:26:03,740 DEBUG 
[org.jasig.cas.ticket.registry.DefaultTicketRegistry] - Attempting to 
retrieve ticket [
TGT-1-1o639saNZoYlqK6EcchXSOTJDFZzBDjrfPVjZLsYaW1gvgBLZc-cas01.example.org 
<http://tgt-1-1o639sanzoylqk6ecchxsotjdfzzbdjrfpvjzlsyaw1gvgblzc-cas01.example.org/>
]
2014-09-24 13:26:03,740 DEBUG 
[org.jasig.cas.ticket.registry.DefaultTicketRegistry] - Ticket [
TGT-1-1o639saNZoYlqK6EcchXSOTJDFZzBDjrfPVjZLsYaW1gvgBLZc-cas01.example.org 
<http://tgt-1-1o639sanzoylqk6ecchxsotjdfzzbdjrfpvjzlsyaw1gvgblzc-cas01.example.org/>]
 
found in registry.
2014-09-24 13:26:03,742 DEBUG 
[org.jasig.cas.web.support.CookieRetrievingCookieGenerator] - Added cookie 
with name [CASTGC] and value [
TGT-1-1o639saNZoYlqK6EcchXSOTJDFZzBDjrfPVjZLsYaW1gvgBLZc-cas01.example.org 
<http://tgt-1-1o639sanzoylqk6ecchxsotjdfzzbdjrfpvjzlsyaw1gvgblzc-cas01.example.org/>
]
2014-09-24 13:26:03,746 DEBUG 
[org.jasig.cas.ticket.registry.DefaultTicketRegistry] - Attempting to 
retrieve ticket [
TGT-1-1o639saNZoYlqK6EcchXSOTJDFZzBDjrfPVjZLsYaW1gvgBLZc-cas01.example.org 
<http://tgt-1-1o639sanzoylqk6ecchxsotjdfzzbdjrfpvjzlsyaw1gvgblzc-cas01.example.org/>
]
2014-09-24 13:26:03,746 DEBUG 
[org.jasig.cas.ticket.registry.DefaultTicketRegistry] - Ticket [
TGT-1-1o639saNZoYlqK6EcchXSOTJDFZzBDjrfPVjZLsYaW1gvgBLZc-cas01.example.org 
<http://tgt-1-1o639sanzoylqk6ecchxsotjdfzzbdjrfpvjzlsyaw1gvgblzc-cas01.example.org/>]
 
found in registry.
2014-09-24 13:26:03,749 DEBUG 
[org.jasig.cas.CentralAuthenticationServiceImpl] - Generated service ticket 
id [ST-1-exq5XkB35DzQDn9Cq5lM-cas01.example.org 
<http://st-1-exq5xkb35dzqdn9cq5lm-cas01.example.org/>] for ticket granting 
ticket [
TGT-1-1o639saNZoYlqK6EcchXSOTJDFZzBDjrfPVjZLsYaW1gvgBLZc-cas01.example.org 
<http://tgt-1-1o639sanzoylqk6ecchxsotjdfzzbdjrfpvjzlsyaw1gvgblzc-cas01.example.org/>
]
2014-09-24 13:26:03,751 DEBUG 
[org.jasig.cas.ticket.registry.DefaultTicketRegistry] - Added ticket [
ST-1-exq5XkB35DzQDn9Cq5lM-cas01.example.org 
<http://st-1-exq5xkb35dzqdn9cq5lm-cas01.example.org/>] to registry.
2014-09-24 13:26:03,751 INFO 
[org.jasig.cas.CentralAuthenticationServiceImpl] - Granted service ticket [
ST-1-exq5XkB35DzQDn9Cq5lM-cas01.example.org 
<http://st-1-exq5xkb35dzqdn9cq5lm-cas01.example.org/>] for service [
https://xxxh.xxx.ca:4443/perl/xxxemp.pl] for user [test]
2014-09-24 13:26:03,751 DEBUG 
[org.jasig.cas.ticket.registry.DefaultTicketRegistry] - Attempting to 
retrieve ticket [
TGT-1-1o639saNZoYlqK6EcchXSOTJDFZzBDjrfPVjZLsYaW1gvgBLZc-cas01.example.org 
<http://tgt-1-1o639sanzoylqk6ecchxsotjdfzzbdjrfpvjzlsyaw1gvgblzc-cas01.example.org/>
]
2014-09-24 13:26:03,751 DEBUG 
[org.jasig.cas.ticket.registry.DefaultTicketRegistry] - Ticket [
TGT-1-1o639saNZoYlqK6EcchXSOTJDFZzBDjrfPVjZLsYaW1gvgBLZc-cas01.example.org 
<http://tgt-1-1o639sanzoylqk6ecchxsotjdfzzbdjrfpvjzlsyaw1gvgblzc-cas01.example.org/>]
 
found in registry.
2014-09-24 13:26:03,752 INFO 
[com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit 
trail record BEGIN
=============================================================
WHO: test
WHAT: ST-1-exq5XkB35DzQDn9Cq5lM-cas01.example.org 
<http://st-1-exq5xkb35dzqdn9cq5lm-cas01.example.org/> for 
https://xxxh.xxx.ca:4443/perl/xxxemp.pl
ACTION: SERVICE_TICKET_CREATED
APPLICATION: CAS
WHEN: Wed Sep 24 13:26:03 EDT 2014
CLIENT IP ADDRESS: 172.17.102.191
SERVER IP ADDRESS: 172.17.140.47
=============================================================


2014-09-24 13:26:03,771 DEBUG 
[org.jasig.cas.web.flow.TerminateWebSessionListener] - Terminate web 
session B8ECF4DC5232B62BAE3291F617CC3137 in 2 seconds
2014-09-24 13:26:03,771 DEBUG 
[org.jasig.cas.web.flow.TerminateWebSessionListener] - Terminate web 
session B8ECF4DC5232B62BAE3291F617CC3137 in 2 seconds
2014-09-24 13:26:03,798 DEBUG 
[org.jasig.cas.web.support.CasArgumentExtractor] - Extractor generated 
service for: 
https://xxx.xxx.xx//pwm/private/CommandServlet?processAction=checkAll&forwardURL=https%3A%2F%2Fxxxh.xxx.ca%3A4443%2Fperl%2Fxxxemp.pl?ST-1-exq5XkB35DzQDn9Cq5lM-cas01.example.org
2014-09-24 13:26:03,798 DEBUG 
[org.jasig.cas.web.flow.InitialFlowSetupAction] - Placing service in 
FlowScope: 
https://xxx.xxx.xx//pwm/private/CommandServlet?processAction=checkAll&forwardURL=https%3A%2F%2Fxxxh.xxx.ca%3A4443%2Fperl%2Fxxxemp.pl?ST-1-exq5XkB35DzQDn9Cq5lM-cas01.example.org
2014-09-24 13:26:03,798 DEBUG 
[org.jasig.cas.web.flow.InitialFlowSetupAction] - Placing service in 
FlowScope: 
https://xxx.xxx.xx//pwm/private/CommandServlet?processAction=checkAll&forwardURL=https%3A%2F%2Fxxxh.xxx.ca%3A4443%2Fperl%2Fxxxemp.pl?ST-1-exq5XkB35DzQDn9Cq5lM-cas01.example.org
2014-09-24 13:26:03,799 DEBUG 
[org.jasig.cas.ticket.registry.DefaultTicketRegistry] - Attempting to 
retrieve ticket [
TGT-1-1o639saNZoYlqK6EcchXSOTJDFZzBDjrfPVjZLsYaW1gvgBLZc-cas01.example.org 
<http://tgt-1-1o639sanzoylqk6ecchxsotjdfzzbdjrfpvjzlsyaw1gvgblzc-cas01.example.org/>
]
2014-09-24 13:26:03,800 DEBUG 
[org.jasig.cas.ticket.registry.DefaultTicketRegistry] - Ticket [
TGT-1-1o639saNZoYlqK6EcchXSOTJDFZzBDjrfPVjZLsYaW1gvgBLZc-cas01.example.org 
<http://tgt-1-1o639sanzoylqk6ecchxsotjdfzzbdjrfpvjzlsyaw1gvgblzc-cas01.example.org/>]
 
found in registry.
2014-09-24 13:26:03,802 DEBUG 
[org.jasig.cas.ticket.registry.DefaultTicketRegistry] - Attempting to 
retrieve ticket [
TGT-1-1o639saNZoYlqK6EcchXSOTJDFZzBDjrfPVjZLsYaW1gvgBLZc-cas01.example.org 
<http://tgt-1-1o639sanzoylqk6ecchxsotjdfzzbdjrfpvjzlsyaw1gvgblzc-cas01.example.org/>
]
2014-09-24 13:26:03,802 DEBUG 
[org.jasig.cas.ticket.registry.DefaultTicketRegistry] - Ticket [
TGT-1-1o639saNZoYlqK6EcchXSOTJDFZzBDjrfPVjZLsYaW1gvgBLZc-cas01.example.org 
<http://tgt-1-1o639sanzoylqk6ecchxsotjdfzzbdjrfpvjzlsyaw1gvgblzc-cas01.example.org/>]
 
found in registry.
2014-09-24 13:26:03,803 DEBUG 
[org.jasig.cas.CentralAuthenticationServiceImpl] - Generated service ticket 
id [ST-2-zHW35HmAKGKxQupDdTMy-cas01.example.org 
<http://st-2-zhw35hmakgkxqupddtmy-cas01.example.org/>] for ticket granting 
ticket [
TGT-1-1o639saNZoYlqK6EcchXSOTJDFZzBDjrfPVjZLsYaW1gvgBLZc-cas01.example.org 
<http://tgt-1-1o639sanzoylqk6ecchxsotjdfzzbdjrfpvjzlsyaw1gvgblzc-cas01.example.org/>
]
2014-09-24 13:26:03,803 DEBUG 
[org.jasig.cas.ticket.registry.DefaultTicketRegistry] - Added ticket [
ST-2-zHW35HmAKGKxQupDdTMy-cas01.example.org 
<http://st-2-zhw35hmakgkxqupddtmy-cas01.example.org/>] to registry.
2014-09-24 13:26:03,803 INFO 
[org.jasig.cas.CentralAuthenticationServiceImpl] - Granted service ticket [
ST-2-zHW35HmAKGKxQupDdTMy-cas01.example.org 
<http://st-2-zhw35hmakgkxqupddtmy-cas01.example.org/>] for service [
https://xxx.xxx.xx//pwm/private/CommandServlet?processAction=checkAll&forwardURL=https%3A%2F%2Fxxxh.xxx.ca%3A4443%2Fperl%2Fxxxemp.pl?ST-1-exq5XkB35DzQDn9Cq5lM-cas01.example.org]
 
for user [test]
2014-09-24 13:26:03,803 DEBUG 
[org.jasig.cas.ticket.registry.DefaultTicketRegistry] - Attempting to 
retrieve ticket [
TGT-1-1o639saNZoYlqK6EcchXSOTJDFZzBDjrfPVjZLsYaW1gvgBLZc-cas01.example.org 
<http://tgt-1-1o639sanzoylqk6ecchxsotjdfzzbdjrfpvjzlsyaw1gvgblzc-cas01.example.org/>
]
2014-09-24 13:26:03,803 DEBUG 
[org.jasig.cas.ticket.registry.DefaultTicketRegistry] - Ticket [
TGT-1-1o639saNZoYlqK6EcchXSOTJDFZzBDjrfPVjZLsYaW1gvgBLZc-cas01.example.org 
<http://tgt-1-1o639sanzoylqk6ecchxsotjdfzzbdjrfpvjzlsyaw1gvgblzc-cas01.example.org/>]
 
found in registry.
 

Le mardi 23 septembre 2014 16:27:58 UTC-4, David Boudreault a écrit :
>
> I have Cas 4.0 with LDAP  + Clearpass .I
>
> When I type my PWM adress in my browser I'm redirected to my CAS log page 
> where I can type my username and password. 
>  
> My problem is with my CAS redirection to the PWM CommandServlet. I have a 
> redirection loop when CAS make the redirection to PWM after the login.
>  
> I suspect my cas *login-webflow.xml* to be the problem.
>  
> I changed this line :
>  
>    <end-state id="redirectView" 
> view="externalRedirect:#{requestScope.response.url}" 
> />
>  
> By this one
>  
>         <end-state id="redirectView" view="pwmView"/>
>  
>  
> * pwmView.jsp*
>  
> <%
>  String redirectURL=
>  
>
> https://(mydomain)/pwm/private/CommandServlet?processAction=checkAll&forwardURL=(myserviceurl)?
>    + request.getParameter("ticket") ;
>  
> response.sendRedirect(redirectURL );
>    %>
>  
>  
> My problem is that request.getParameter(ticket) is always null.
>
> How can I get the service ticket ? And I want to know if it's ok to do the 
> redirection to PWM with the <end-state id="redirectView">
>
> Thanks!!
>
> David
> Afficher le contenu coupé 
>

-- 
You are currently subscribed to [email protected] as: 
[email protected]
To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user

Re:[cas-user] CAS 4.0 with PWM 1.7.1

Reply via email to