Hi, SAML 1.1 support was primarly created to retrieve user attributes, which can now be done using the /p3 endpoint. So SAML is not necessary by default in CAS 4.0 and was therefore made optional.
Best regards, Jérôme LELEU Founder of CAS in the cloud: www.casinthecloud.com | Twitter: @leleuj Chairman of CAS: www.jasig.org/cas | Creator of pac4j: www.pac4j.org 2014-11-04 10:14 GMT+01:00 jeffrey tan <[email protected]>: > Hi Jérôme LELEU, > > Work like a charm! thanks for ur help! > > But why does CAS4 does not auto enable this? since 3.5.2 is enabled....... > > Anyway thanks! > > Best regards, > Jeffrey. > > > On Tuesday, November 4, 2014 4:33:00 PM UTC+8, Jérôme LELEU wrote: >> >> Hi, >> >> OK. I see. If you get the login page instead of the SAML response, I >> guess that the SAML support is not enabled and indeed, it is not by default >> in CAS 4.0. >> You need to follow this documentation: http://jasig. >> github.io/cas/4.0.0/protocol/SAML-Protocol.html, part "SAML 1.1". >> >> Best regards, >> >> >> Jérôme LELEU >> Founder of CAS in the cloud: www.casinthecloud.com | Twitter: @leleuj >> Chairman of CAS: www.jasig.org/cas | Creator of pac4j: www.pac4j.org >> >> 2014-11-04 9:19 GMT+01:00 jeffrey tan <[email protected]>: >> >>> hi, >>> >>> is u again :) >>> i not yet try 3.2.5.RELEASE, but i did try >>> >>> 1. to check the saml response, as i said, i breakpoint to view the >>> return response. its return me html of my login page. >>> >>> 2. i use cas-client-core latest version from maven, still same result. >>> >>> 3. is not i dont want to use 3.2.5.RELEASE, just when i upgrade, i met >>> some exceptions(will try to solve it) >>> >>> >>> On Tuesday, November 4, 2014 3:01:37 PM UTC+8, Jérôme LELEU wrote: >>>> >>>> Hi, >>>> >>>> Did you try with a more recent CAS client by Spring Security >>>> (3.2.5.RELEASE)? Did you enable DEBUG logs (org.jasig) on client side to >>>> see the SAML response returned by the CAS server? >>>> >>>> Thanks. >>>> Best regards, >>>> >>>> Jérôme LELEU >>>> Founder of CAS in the cloud: www.casinthecloud.com | Twitter: @leleuj >>>> Chairman of CAS: www.jasig.org/cas | Creator of pac4j: www.pac4j.org >>>> >>>> 2014-11-04 7:27 GMT+01:00 jeffrey tan <[email protected]>: >>>> >>>>> http://stackoverflow.com/questions/26710286/cas-4-does-not- >>>>> work-properly-with-cas-client-core-3-1-12 >>>>> >>>>> As title shown, currently i am using CAS 3.5.2, therefore i upgrade to >>>>> CAS 4.i just change the user name casuser and mellon to admin admin. its a >>>>> very minimal changes. >>>>> therefore when i try to login, for example: >>>>> >>>>> 1 login, abcd/login >>>>> >>>>> 2 redirect to cas/login >>>>> >>>>> 3 after success logon, its redirect to abcd/login?st=xxxxxx with blank >>>>> page. >>>>> >>>>> >>>>> do i miss somethings? or i need to change pom.xml? >>>>> >>>>> below is part of my pom.xml >>>>> >>>>> <dependency> >>>>> <groupId>org.springframework.security</groupId> >>>>> <artifactId>spring-security-cas</artifactId> >>>>> <version>3.1.0.RELEASE</version> >>>>> <scope>compile</scope> >>>>> </dependency> >>>>> <dependency> >>>>> <groupId>org.opensaml</groupId> >>>>> <artifactId>opensaml</artifactId> >>>>> <version>1.1</version> >>>>> <scope>runtime</scope> >>>>> </dependency> >>>>> <dependency> >>>>> <groupId>xml-security</groupId> >>>>> <artifactId>xmlsec</artifactId> >>>>> <version>1.3.0</version> >>>>> <scope>runtime</scope> >>>>> </dependency> >>>>> <dependency> >>>>> <groupId>net.sf.ehcache</groupId> >>>>> <artifactId>ehcache</artifactId> >>>>> <version>1.6.2</version> >>>>> <scope>runtime</scope> >>>>> </dependency> >>>>> >>>>> my error log >>>>> >>>>> java.lang.StringIndexOutOfBoundsException: String index out of >>>>> range: -1 >>>>> at java.lang.String.substring(String.java:1911) >>>>> at org.jasig.cas.client.validation.Saml11TicketValidator.parseR >>>>> esponseFromServer(Saml11TicketValidator.java:50) >>>>> at org.jasig.cas.client.validation.AbstractUrlBasedTicketValidato >>>>> r.validate(AbstractUrlBasedTicketValidator.java:197) >>>>> at org.springframework.security.cas.authentication.CasAuthentic >>>>> ationProvider.authenticateNow(CasAuthenticationProvider.java:140) >>>>> at org.springframework.security.cas.authentication.CasAuthentic >>>>> ationProvider.authenticate(CasAuthenticationProvider.java:126) >>>>> at org.springframework.security.authentication.ProviderManager. >>>>> authenticate(ProviderManager.java:156) >>>>> at org.springframework.security.cas.web.CasAuthenticationFilter. >>>>> attemptAuthentication(CasAuthenticationFilter.java:242) >>>>> at org.springframework.security.web.authentication.AbstractAuth >>>>> enticationProcessingFilter.doFilter(AbstractAuthenticationProcessi >>>>> ngFilter.java:194) >>>>> at org.springframework.security.web.FilterChainProxy$VirtualFil >>>>> terChain.doFilter(FilterChainProxy.java:323) >>>>> at org.springframework.security.web.authentication.logout.Logou >>>>> tFilter.doFilter(LogoutFilter.java:105) >>>>> at org.springframework.security.web.FilterChainProxy$VirtualFil >>>>> terChain.doFilter(FilterChainProxy.java:323) >>>>> at org.jasig.cas.client.session.SingleSignOutFilter.doFilter(Si >>>>> ngleSignOutFilter.java:65) >>>>> at org.springframework.security.web.FilterChainProxy$VirtualFil >>>>> terChain.doFilter(FilterChainProxy.java:323) >>>>> at org.springframework.security.web.context.SecurityContextPers >>>>> istenceFilter.doFilter(SecurityContextPersistenceFilter.java:87) >>>>> at org.springframework.security.web.FilterChainProxy$VirtualFil >>>>> terChain.doFilter(FilterChainProxy.java:323) >>>>> at org.springframework.security.web.FilterChainProxy.doFilter(F >>>>> ilterChainProxy.java:173) >>>>> at org.springframework.web.filter.DelegatingFilterProxy.invokeD >>>>> elegate(DelegatingFilterProxy.java:346) >>>>> at org.springframework.web.filter.DelegatingFilterProxy.doFilter( >>>>> DelegatingFilterProxy.java:259) >>>>> at org.apache.catalina.core.ApplicationFilterChain.internalDoFi >>>>> lter(ApplicationFilterChain.java:243) >>>>> at org.apache.catalina.core.ApplicationFilterChain.doFilter(App >>>>> licationFilterChain.java:210) >>>>> at sg.com.innovax.opscentralv5.objects.setEncoding.doFilter(set >>>>> Encoding.java:100) >>>>> at org.apache.catalina.core.ApplicationFilterChain.internalDoFi >>>>> lter(ApplicationFilterChain.java:243) >>>>> at org.apache.catalina.core.ApplicationFilterChain.doFilter(App >>>>> licationFilterChain.java:210) >>>>> at org.apache.catalina.core.StandardWrapperValve.invoke(Standar >>>>> dWrapperValve.java:222) >>>>> at org.apache.catalina.core.StandardContextValve.invoke(Standar >>>>> dContextValve.java:123) >>>>> at org.apache.catalina.authenticator.AuthenticatorBase.invoke(A >>>>> uthenticatorBase.java:472) >>>>> at org.apache.catalina.core.StandardHostValve.invoke(StandardHo >>>>> stValve.java:171) >>>>> at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorRepo >>>>> rtValve.java:99) >>>>> at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogVa >>>>> lve.java:947) >>>>> at org.apache.catalina.core.StandardEngineValve.invoke(Standard >>>>> EngineValve.java:118) >>>>> at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAd >>>>> apter.java:408) >>>>> at org.apache.coyote.http11.AbstractHttp11Processor.process(Abs >>>>> tractHttp11Processor.java:1009) >>>>> at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler. >>>>> process(AbstractProtocol.java:589) >>>>> at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run( >>>>> JIoEndpoint.java:312) >>>>> at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPool >>>>> Executor.java:1145) >>>>> at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoo >>>>> lExecutor.java:615) >>>>> at java.lang.Thread.run(Thread.java:722) >>>>> >>>>> >>>>> Therefore i checked the error code,view and breakpoint the source >>>>> code(package org.jasig.cas.client.validation;). in >>>>> Saml11TicketValidator.parseResponseFromServer, its because the >>>>> response result wasnt in expected therefore substring got problems. this 1 >>>>> just exception handling, is not a root cause.**The root cause is in >>>>> Saml11TicketValidator retrieveResponseFromServer, why CAS4 Return login >>>>> page(in my CAS4, is already login)??? is it a bug?** >>>>> >>>>> note: my maven dependency is using cas-client-core-3.1.12.jar >>>>> >>>>> -- >>>>> You are currently subscribed to [email protected] as: >>>>> [email protected] >>>>> To unsubscribe, change settings or access archives, see >>>>> http://www.ja-sig.org/wiki/display/JSG/cas-user >>>>> >>>>> >>>> -- >>>> You are currently subscribed to [email protected] as: >>>> [email protected] >>>> To unsubscribe, change settings or access archives, see >>>> http://www.ja-sig.org/wiki/display/JSG/cas-user >>>> >>>> -- >>> You are currently subscribed to [email protected] as: [email protected] >>> To unsubscribe, change settings or access archives, see >>> http://www.ja-sig.org/wiki/display/JSG/cas-user >>> >>> >> -- >> You are currently subscribed to [email protected] as: >> [email protected] >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/display/JSG/cas-user >> >> -- > You are currently subscribed to [email protected] as: [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
