John, As far as I know I am sending the newly acquired proxy ticket, however I did notice that my proxy tickets are prefixed with ST which is not what the example shows.
I followed the steps found on the Proxy CAS Walkthrough <https://wiki.jasig.org/display/CAS/Proxy+CAS+Walkthrough> page using the clearPass URL as the targetService in Step Four, and in Step Five I verified the ticket by calling proxyValidate with the clearPass URL as the service and the ticket I received from Step Four as the ticket. Step Five produced the result below, which seems to indicate that the ticket was valid. However, if I call the clearPass URL with the ticket appended I get the 'invalid ticket' error in the logs. This tells me the backend call that the clearPass endpoint is making is where the failure is occurring. <cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'> <cas:authenticationSuccess> <cas:user>apcausey</cas:user> <cas:proxies> <cas:proxy>https://dev.vcu.edu/cas-test/proxyCallback</cas:proxy> </cas:proxies> </cas:authenticationSuccess></cas:serviceResponse> Thanks! Adam On Tue, Oct 21, 2014 at 12:54 PM, John Gasper <[email protected]> wrote: > Adam, > > Are you sending the calling application's originally requested service > ticket or are you sending a newly acquired proxy ticket to clearPass? > > John > > --- > *John Gasper* > IAM Consultant > Unicon, Inc. > PGP/GPG Key: 0xbafee3ef > > On 10/21/14 8:53 AM, Adam Causey wrote: > > I'm still having issues with clearPass not recognizing the service > ticket when I call the /clearPass endpoint. I ran through the 'Proxy CAS > Walkthrough' instructions to make sure that proxying is setup correctly and > that I understand it better. > > Is my understanding correct that all I should have to do is treat the > /clearPass endpoint as I would a normal proxied service even though it is > on the CAS server itself? > > I followed the instructions for setting up clear pass to the tooth and > have re-checked my configuration. > > Does anyone using clearPass have any suggestions, or is it not widely > implemented? > > Thanks, > Adam > > > > On Thu, Oct 16, 2014 at 8:21 AM, Adam Causey <[email protected]> wrote: > >> I'm attempting to setup clearpass in CAS 3.5.2. I've followed the >> instructions found here: https://wiki.jasig.org/display/casum/clearpass >> . However, it my test client when I call the /clearPass endpoint I get a >> 404 Not Found response. >> >> I checked to make sure the /clearPass is being mapping with the defined >> HandlerMapping in clearpass-configuration.xml, and everything looks fine. >> There are no errors in my logs. >> >> Any advice on getting this setup? >> >> Thanks! >> >> Adam Causey >> Virginia Commonwealth University >> >> > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > > -- > You are currently subscribed to [email protected] as: [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
