Niva, Yes. You should be able to connect from the CAS client to the CAS server on port 443 (tcp). You can test it with telnet or curl or something similar.
Thanks, Carl On Oct 20, 2014 6:39 PM, "Niva Agmon" <[email protected]> wrote: > Hi Carl, > > Yes, I do get redirected to the service URL with the extra query > parameter, but then I'm still not logged on to the application and the > application log doesn't reflect anything besides me "landing" on that > website. > > On the other hand, going over your reply - "the service contacts your CAS > server directly-- *not* via your browser" - > does that mean that we need to have port 8443 (and probably 443) open > between the CAS clients servers and the CAS server? > Thanks again for replying and helping me with this! > > Niva > > > > I believe everything is in a private development area, but I did try it > and the first URL, going to the CAS server, lets me login correctly using > my LDAP credentials and granting the service ticket : > 2014-10-20 14:01:47,177 INFO > [org.jasig.cas.CentralAuthenticationServiceImpl] - <Granted service ticket [ > ST-2-L0wFefAZudsyf27qjNla-xxxxxxx.temple.edu] for service [ > http://xxxx.temple.edu:9081/selfcare/setQuestions.jsp] for user [xxxxxx]> > > On the websphere application server side I either get java error: Error > 500: java.lang.NullPointerException, > > -----Original Message----- > From: Waldbieser, Carl [mailto:[email protected]] > Sent: Monday, October 20, 2014 9:04 AM > To: [email protected] > Subject: Re: [cas-user] Casifying Webspher 7.0 > > Niva, > > Do you have any public facing infrastructure in place for which you could > give us a URL, or are your services and CAS deployment all in a private > development area? > > What should happen is if you give a URL like this: > > > https://cas.lafayette.edu/cas/login?service=https%3A%2F%2Fwebmail.lafayette.edu > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > Your CAS login URL One of your service URLs > > You get a login page. Once you provide credentials and authenticate, your > browser should be redirected to your service URL with an extra query > parameter like: > > https://webmail.lafayette.edu/?ticket=ST-abcdefghijklmnop-etc-etc > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > A service ticket > > The CAS client in your service is supposed to extract the ticket and > validate it (the service contacts your CAS server directly-- *not* via your > browser). > > Do you get redirected to your service provider with the ticket parameter? > > Thanks, > Carl Waldbieser > ITS System Programmer > Lafayette College > > > ----- Original Message ----- > From: "Niva Agmon" <[email protected]> > To: [email protected] > Sent: Sunday, October 19, 2014 12:49:48 PM > Subject: RE: [cas-user] Casifying Webspher 7.0 > > Carl & Alberto Thanks so much for replying! > Guess part of being a newbie (aside from not really knowing what I’m > doing…), is using the wrong terms – I don’t see any reference to service > tickets in either the client or the server logs, so I’m assuming something > very basic is being missed, but not sure what… > > Thanks, > Niva > > From: Carl Waldbieser [mailto:[email protected]] > Sent: Saturday, October 18, 2014 6:25 PM > To: [email protected] > Subject: Re: [cas-user] Casifying Webspher 7.0 > > > There are no *persistent* connections, but the CAS client will make an > http connection to the CAS server when validating a service ticket. > > Thanks, > Carl Waldbieser > On Oct 18, 2014 3:37 PM, "Alberto Cabello Sánchez" <[email protected] > <mailto:[email protected]>> wrote: > On Fri, 17 Oct 2014 17:25:13 -0500 > "Niva" <[email protected]<mailto:[email protected]>> wrote: > > Am now trying to Casify our Websphere v7.0 environment as a test, and > > followed the instructions on > > https://wiki.jasig.org/pages/viewpage.action?pageId=19314, > > but don't see any connection to the CAS server being established after > > restarting WAS. I put the two jar files and added the CAS interceptor. > > Hi, Niva, > > I think all the authentication stuff is done via browser cookies and > redirects, so no such connections are needed. Indeed, in my setup (CAS + > Apache-PHP) there are no CAS-Apache connections. > > Regards, > > -- > Alberto Cabello Sánchez > <[email protected]<mailto:[email protected]>> > > -- > You are currently subscribed to [email protected]<mailto: > [email protected]> as: [email protected]<mailto: > [email protected]> > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > > > -- > > You are currently subscribed to [email protected]<mailto: > [email protected]> as: [email protected]<mailto:[email protected]> > > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- > You are currently subscribed to [email protected] as: > [email protected] To unsubscribe, change settings or access > archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- > You are currently subscribed to [email protected] as: > [email protected] To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
