Hi Jérôme LELEU, Work like a charm! thanks for ur help!
But why does CAS4 does not auto enable this? since 3.5.2 is enabled....... Anyway thanks! Best regards, Jeffrey. On Tuesday, November 4, 2014 4:33:00 PM UTC+8, Jérôme LELEU wrote: > > Hi, > > OK. I see. If you get the login page instead of the SAML response, I guess > that the SAML support is not enabled and indeed, it is not by default in > CAS 4.0. > You need to follow this documentation: > http://jasig.github.io/cas/4.0.0/protocol/SAML-Protocol.html, part "SAML > 1.1". > > Best regards, > > > Jérôme LELEU > Founder of CAS in the cloud: www.casinthecloud.com | Twitter: @leleuj > Chairman of CAS: www.jasig.org/cas | Creator of pac4j: www.pac4j.org > > 2014-11-04 9:19 GMT+01:00 jeffrey tan <[email protected] <javascript:>> > : > >> hi, >> >> is u again :) >> i not yet try 3.2.5.RELEASE, but i did try >> >> 1. to check the saml response, as i said, i breakpoint to view the return >> response. its return me html of my login page. >> >> 2. i use cas-client-core latest version from maven, still same result. >> >> 3. is not i dont want to use 3.2.5.RELEASE, just when i upgrade, i met >> some exceptions(will try to solve it) >> >> >> On Tuesday, November 4, 2014 3:01:37 PM UTC+8, Jérôme LELEU wrote: >>> >>> Hi, >>> >>> Did you try with a more recent CAS client by Spring Security >>> (3.2.5.RELEASE)? Did you enable DEBUG logs (org.jasig) on client side to >>> see the SAML response returned by the CAS server? >>> >>> Thanks. >>> Best regards, >>> >>> Jérôme LELEU >>> Founder of CAS in the cloud: www.casinthecloud.com | Twitter: @leleuj >>> Chairman of CAS: www.jasig.org/cas | Creator of pac4j: www.pac4j.org >>> >>> 2014-11-04 7:27 GMT+01:00 jeffrey tan <[email protected]>: >>> >>>> http://stackoverflow.com/questions/26710286/cas-4-does- >>>> not-work-properly-with-cas-client-core-3-1-12 >>>> >>>> As title shown, currently i am using CAS 3.5.2, therefore i upgrade to >>>> CAS 4.i just change the user name casuser and mellon to admin admin. its a >>>> very minimal changes. >>>> therefore when i try to login, for example: >>>> >>>> 1 login, abcd/login >>>> >>>> 2 redirect to cas/login >>>> >>>> 3 after success logon, its redirect to abcd/login?st=xxxxxx with blank >>>> page. >>>> >>>> >>>> do i miss somethings? or i need to change pom.xml? >>>> >>>> below is part of my pom.xml >>>> >>>> <dependency> >>>> <groupId>org.springframework.security</groupId> >>>> <artifactId>spring-security-cas</artifactId> >>>> <version>3.1.0.RELEASE</version> >>>> <scope>compile</scope> >>>> </dependency> >>>> <dependency> >>>> <groupId>org.opensaml</groupId> >>>> <artifactId>opensaml</artifactId> >>>> <version>1.1</version> >>>> <scope>runtime</scope> >>>> </dependency> >>>> <dependency> >>>> <groupId>xml-security</groupId> >>>> <artifactId>xmlsec</artifactId> >>>> <version>1.3.0</version> >>>> <scope>runtime</scope> >>>> </dependency> >>>> <dependency> >>>> <groupId>net.sf.ehcache</groupId> >>>> <artifactId>ehcache</artifactId> >>>> <version>1.6.2</version> >>>> <scope>runtime</scope> >>>> </dependency> >>>> >>>> my error log >>>> >>>> java.lang.StringIndexOutOfBoundsException: String index out of >>>> range: -1 >>>> at java.lang.String.substring(String.java:1911) >>>> at org.jasig.cas.client.validation.Saml11TicketValidator. >>>> parseResponseFromServer(Saml11TicketValidator.java:50) >>>> at org.jasig.cas.client.validation.AbstractUrlBasedTicketValidato >>>> r.validate(AbstractUrlBasedTicketValidator.java:197) >>>> at org.springframework.security.cas.authentication. >>>> CasAuthenticationProvider.authenticateNow(CasAuthenticationProvider. >>>> java:140) >>>> at org.springframework.security.cas.authentication. >>>> CasAuthenticationProvider.authenticate(CasAuthenticationProvider. >>>> java:126) >>>> at org.springframework.security.authentication. >>>> ProviderManager.authenticate(ProviderManager.java:156) >>>> at org.springframework.security.cas.web.CasAuthenticationFilter. >>>> attemptAuthentication(CasAuthenticationFilter.java:242) >>>> at org.springframework.security.web.authentication. >>>> AbstractAuthenticationProcessingFilter.doFilter( >>>> AbstractAuthenticationProcessingFilter.java:194) >>>> at org.springframework.security.web.FilterChainProxy$ >>>> VirtualFilterChain.doFilter(FilterChainProxy.java:323) >>>> at org.springframework.security.web.authentication.logout. >>>> LogoutFilter.doFilter(LogoutFilter.java:105) >>>> at org.springframework.security.web.FilterChainProxy$ >>>> VirtualFilterChain.doFilter(FilterChainProxy.java:323) >>>> at org.jasig.cas.client.session.SingleSignOutFilter.doFilter( >>>> SingleSignOutFilter.java:65) >>>> at org.springframework.security.web.FilterChainProxy$ >>>> VirtualFilterChain.doFilter(FilterChainProxy.java:323) >>>> at org.springframework.security.web.context. >>>> SecurityContextPersistenceFilter.doFilter( >>>> SecurityContextPersistenceFilter.java:87) >>>> at org.springframework.security.web.FilterChainProxy$ >>>> VirtualFilterChain.doFilter(FilterChainProxy.java:323) >>>> at org.springframework.security.web.FilterChainProxy.doFilter( >>>> FilterChainProxy.java:173) >>>> at org.springframework.web.filter.DelegatingFilterProxy. >>>> invokeDelegate(DelegatingFilterProxy.java:346) >>>> at org.springframework.web.filter.DelegatingFilterProxy.doFilter( >>>> DelegatingFilterProxy.java:259) >>>> at org.apache.catalina.core.ApplicationFilterChain. >>>> internalDoFilter(ApplicationFilterChain.java:243) >>>> at org.apache.catalina.core.ApplicationFilterChain.doFilter( >>>> ApplicationFilterChain.java:210) >>>> at sg.com.innovax.opscentralv5.objects.setEncoding.doFilter( >>>> setEncoding.java:100) >>>> at org.apache.catalina.core.ApplicationFilterChain. >>>> internalDoFilter(ApplicationFilterChain.java:243) >>>> at org.apache.catalina.core.ApplicationFilterChain.doFilter( >>>> ApplicationFilterChain.java:210) >>>> at org.apache.catalina.core.StandardWrapperValve.invoke( >>>> StandardWrapperValve.java:222) >>>> at org.apache.catalina.core.StandardContextValve.invoke( >>>> StandardContextValve.java:123) >>>> at org.apache.catalina.authenticator.AuthenticatorBase.invoke( >>>> AuthenticatorBase.java:472) >>>> at org.apache.catalina.core.StandardHostValve.invoke( >>>> StandardHostValve.java:171) >>>> at org.apache.catalina.valves.ErrorReportValve.invoke( >>>> ErrorReportValve.java:99) >>>> at org.apache.catalina.valves.AccessLogValve.invoke( >>>> AccessLogValve.java:947) >>>> at org.apache.catalina.core.StandardEngineValve.invoke( >>>> StandardEngineValve.java:118) >>>> at org.apache.catalina.connector.CoyoteAdapter.service( >>>> CoyoteAdapter.java:408) >>>> at org.apache.coyote.http11.AbstractHttp11Processor.process( >>>> AbstractHttp11Processor.java:1009) >>>> at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler. >>>> process(AbstractProtocol.java:589) >>>> at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor. >>>> run(JIoEndpoint.java:312) >>>> at java.util.concurrent.ThreadPoolExecutor.runWorker( >>>> ThreadPoolExecutor.java:1145) >>>> at java.util.concurrent.ThreadPoolExecutor$Worker.run( >>>> ThreadPoolExecutor.java:615) >>>> at java.lang.Thread.run(Thread.java:722) >>>> >>>> >>>> Therefore i checked the error code,view and breakpoint the source >>>> code(package org.jasig.cas.client.validation;). in >>>> Saml11TicketValidator.parseResponseFromServer, its because the >>>> response result wasnt in expected therefore substring got problems. this 1 >>>> just exception handling, is not a root cause.**The root cause is in >>>> Saml11TicketValidator retrieveResponseFromServer, why CAS4 Return login >>>> page(in my CAS4, is already login)??? is it a bug?** >>>> >>>> note: my maven dependency is using cas-client-core-3.1.12.jar >>>> >>>> -- >>>> You are currently subscribed to [email protected] as: >>>> [email protected] >>>> To unsubscribe, change settings or access archives, see >>>> http://www.ja-sig.org/wiki/display/JSG/cas-user >>>> >>>> >>> -- >>> You are currently subscribed to [email protected] as: >>> [email protected] >>> To unsubscribe, change settings or access archives, see >>> http://www.ja-sig.org/wiki/display/JSG/cas-user >>> >>> -- >> You are currently subscribed to [email protected] <javascript:> as: >> [email protected] <javascript:> >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/display/JSG/cas-user >> >> > -- > You are currently subscribed to [email protected] <javascript:> as: > [email protected] <javascript:> > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
