At this point, if you can't bump the logging to get more information about the cause of the error, then you might need to attach a debugger to your container and step through some code.
On 10/21/14 12:10 PM, Adam Causey wrote: > John, > > As far as I know I am sending the newly acquired proxy ticket, however > I did notice that my proxy tickets are prefixed with ST which is not > what the example shows. > > I followed the steps found on the Proxy CAS Walkthrough > <https://wiki.jasig.org/display/CAS/Proxy+CAS+Walkthrough> page using > the clearPass URL as the targetService in Step Four, and in Step Five > I verified the ticket by calling proxyValidate with the clearPass URL > as the service and the ticket I received from Step Four as the ticket. > > Step Five produced the result below, which seems to indicate that the > ticket was valid. However, if I call the clearPass URL with the > ticket appended I get the 'invalid ticket' error in the logs. This > tells me the backend call that the clearPass endpoint is making is > where the failure is occurring. > <cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'> > <cas:authenticationSuccess> > <cas:user>apcausey</cas:user> > <cas:proxies> > > <cas:proxy>https://dev.vcu.edu/cas-test/proxyCallback</cas:proxy> > </cas:proxies> > </cas:authenticationSuccess> > </cas:serviceResponse> > Thanks! > > Adam > > > > On Tue, Oct 21, 2014 at 12:54 PM, John Gasper <[email protected] > <mailto:[email protected]>> wrote: > > Adam, > > Are you sending the calling application's originally requested > service ticket or are you sending a newly acquired proxy ticket to > clearPass? > > John > > --- > *John Gasper* > IAM Consultant > Unicon, Inc. > PGP/GPG Key: 0xbafee3ef > > On 10/21/14 8:53 AM, Adam Causey wrote: >> I'm still having issues with clearPass not recognizing the >> service ticket when I call the /clearPass endpoint. I ran >> through the 'Proxy CAS Walkthrough' instructions to make sure >> that proxying is setup correctly and that I understand it better. >> >> Is my understanding correct that all I should have to do is treat >> the /clearPass endpoint as I would a normal proxied service even >> though it is on the CAS server itself? >> >> I followed the instructions for setting up clear pass to the >> tooth and have re-checked my configuration. >> >> Does anyone using clearPass have any suggestions, or is it not >> widely implemented? >> >> Thanks, >> Adam >> >> >> >> On Thu, Oct 16, 2014 at 8:21 AM, Adam Causey <[email protected] >> <mailto:[email protected]>> wrote: >> >> I'm attempting to setup clearpass in CAS 3.5.2. I've >> followed the instructions found >> here: https://wiki.jasig.org/display/casum/clearpass . >> However, it my test client when I call the /clearPass >> endpoint I get a 404 Not Found response. >> >> I checked to make sure the /clearPass is being mapping with >> the defined HandlerMapping in clearpass-configuration.xml, >> and everything looks fine. There are no errors in my logs. >> >> Any advice on getting this setup? >> >> Thanks! >> >> Adam Causey >> Virginia Commonwealth University >> >> >> -- >> You are currently subscribed to [email protected] >> <mailto:[email protected]> as: [email protected] >> <mailto:[email protected]> >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- > You are currently subscribed to [email protected] > <mailto:[email protected]> as: [email protected] > <mailto:[email protected]> > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
