Hi Carl, Yes, I do get redirected to the service URL with the extra query parameter, but then I'm still not logged on to the application and the application log doesn't reflect anything besides me "landing" on that website.
On the other hand, going over your reply - "the service contacts your CAS server directly-- *not* via your browser" - does that mean that we need to have port 8443 (and probably 443) open between the CAS clients servers and the CAS server? Thanks again for replying and helping me with this! Niva I believe everything is in a private development area, but I did try it and the first URL, going to the CAS server, lets me login correctly using my LDAP credentials and granting the service ticket : 2014-10-20 14:01:47,177 INFO [org.jasig.cas.CentralAuthenticationServiceImpl] - <Granted service ticket [ST-2-L0wFefAZudsyf27qjNla-xxxxxxx.temple.edu] for service [http://xxxx.temple.edu:9081/selfcare/setQuestions.jsp] for user [xxxxxx]> On the websphere application server side I either get java error: Error 500: java.lang.NullPointerException, -----Original Message----- From: Waldbieser, Carl [mailto:[email protected]] Sent: Monday, October 20, 2014 9:04 AM To: [email protected] Subject: Re: [cas-user] Casifying Webspher 7.0 Niva, Do you have any public facing infrastructure in place for which you could give us a URL, or are your services and CAS deployment all in a private development area? What should happen is if you give a URL like this: https://cas.lafayette.edu/cas/login?service=https%3A%2F%2Fwebmail.lafayette.edu ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Your CAS login URL One of your service URLs You get a login page. Once you provide credentials and authenticate, your browser should be redirected to your service URL with an extra query parameter like: https://webmail.lafayette.edu/?ticket=ST-abcdefghijklmnop-etc-etc ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ A service ticket The CAS client in your service is supposed to extract the ticket and validate it (the service contacts your CAS server directly-- *not* via your browser). Do you get redirected to your service provider with the ticket parameter? Thanks, Carl Waldbieser ITS System Programmer Lafayette College ----- Original Message ----- From: "Niva Agmon" <[email protected]> To: [email protected] Sent: Sunday, October 19, 2014 12:49:48 PM Subject: RE: [cas-user] Casifying Webspher 7.0 Carl & Alberto Thanks so much for replying! Guess part of being a newbie (aside from not really knowing what I’m doing…), is using the wrong terms – I don’t see any reference to service tickets in either the client or the server logs, so I’m assuming something very basic is being missed, but not sure what… Thanks, Niva From: Carl Waldbieser [mailto:[email protected]] Sent: Saturday, October 18, 2014 6:25 PM To: [email protected] Subject: Re: [cas-user] Casifying Webspher 7.0 There are no *persistent* connections, but the CAS client will make an http connection to the CAS server when validating a service ticket. Thanks, Carl Waldbieser On Oct 18, 2014 3:37 PM, "Alberto Cabello Sánchez" <[email protected]<mailto:[email protected]>> wrote: On Fri, 17 Oct 2014 17:25:13 -0500 "Niva" <[email protected]<mailto:[email protected]>> wrote: > Am now trying to Casify our Websphere v7.0 environment as a test, and > followed the instructions on > https://wiki.jasig.org/pages/viewpage.action?pageId=19314, > but don't see any connection to the CAS server being established after > restarting WAS. I put the two jar files and added the CAS interceptor. Hi, Niva, I think all the authentication stuff is done via browser cookies and redirects, so no such connections are needed. Indeed, in my setup (CAS + Apache-PHP) there are no CAS-Apache connections. Regards, -- Alberto Cabello Sánchez <[email protected]<mailto:[email protected]>> -- You are currently subscribed to [email protected]<mailto:[email protected]> as: [email protected]<mailto:[email protected]> To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected]<mailto:[email protected]> as: [email protected]<mailto:[email protected]> To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
