While navigating to the login page, I have the following: https://pitonyakvm-02:8443/cas-server-webapp-4.0.0/cas/login?TARGET=http%3a%2f%2flocalhost%3a60503%2fauth%2flogin%3fp%3d%252FCM2S.html
After login, I have the following: https://pitonyakvm-02:8443/cas-server-webapp-4.0.0/login;jsessionid=8D94A04A840871AC67C9885A70239DDD?TARGET=http%3a%2f%2flocalhost%3a60503%2fauth%2flogin%3fp%3d%252FCM2S.html I even tried changing my server name (for the client) and I have these: While redirecting TO CAS: https://pitonyakvm-02:8443/cas-server-webapp-4.0.0/cas/login?TARGET=http%3a%2f%2fpitonyakvm-02%3a60503%2fauth%2flogin%3fp%3d%252FCM2S.html While login page is displayed: https://pitonyakvm-02:8443/cas-server-webapp-4.0.0/login?TARGET=http%3a%2f%2fpitonyakvm-02%3a60503%2fauth%2flogin%3fp%3d%252FCM2S.html After I login and am looking at the CAS page that says "hey, you logged in" https://pitonyakvm-02:8443/cas-server-webapp-4.0.0/login;jsessionid=B5AF217DBCC7AC3E364E29E524D1C8B4?TARGET=http%3a%2f%2fpitonyakvm-02%3a60503%2fauth%2flogin%3fp%3d%252FCM2S.html A single URL decode yields this (more readable) https://pitonyakvm-02:8443/cas-server-webapp-4.0.0/cas/login?TARGET=http://pitonyakvm-02:60503/auth/login?p=%2FCM2S.html https://pitonyakvm-02:8443/cas-server-webapp-4.0.0/login?TARGET=http://pitonyakvm-02:60503/auth/login?p=%2FCM2S.html https://pitonyakvm-02:8443/cas-server-webapp-4.0.0/login;jsessionid=B5AF217DBCC7AC3E364E29E524D1C8B4?TARGET=http://pitonyakvm-02:60503/auth/login?p=%2FCM2S.html Of course, that final parameter decodes to /CM2S.html (not that it probably matters). From: John Gasper [mailto:[email protected]] Sent: Monday, November 10, 2014 11:22 AM To: [email protected] Subject: Re: [cas-user] Configure CAS 4 to redirect back to client Hi Andrew, What's the service= querystring parameter look like when you are sitting at the CAS login page after your client redirected you to CAS Server? --- John Gasper IAM Consultant Unicon, Inc. PGP/GPG Key: 0xbafee3ef On 11/10/14 7:58 AM, Pitonyak, Andrew D wrote: I have a .NET client that uses CAS single sign on. When I hit CAS 3.x setup by someone else, I redirect to CAS, authenticate to CAS and then redirect back to my site. I setup a CAS 4 server on my local machine to test in development. In Windows, I installed tomcat 8.0.14 (the latest). I then auto-deployed CAS mostly out-of-the box no changes made from the original I can navigate directly to the site and login using the default "casuser / Mellon" credentials. (note that my machine name is pitonyakvm-02 and everything is running locally for this test). https://pitonyakvm-02:8443<https://pitonyakvm-02:8443/>/cas-server-webapp-4.0.0/login<http://localhost:8080/cas-server-webapp-4.0.0/login> When I use my client to login, it properly redirects to CAS, CAS shows the login page, I use the default credentials, I am then told that I authenticated but I do not redirect back to my client. Did I miss a simple property that tells CAS to redirect back after login rather than simply showing the screen that tells me that I successfully authenticated? I assume that my client is sending the correct things since I am able to hit the 3.x version, login, and redirect back correctly. In this case, CAS is external to my machine. My first thought is that I need to change something in the login-webflow.xml, but I thought that it was configured by default to redirect. Is it possible that tomcat deploys by default to not allow redirections? [cid:[email protected]] Andrew D. Pitonyak Principal Research Scientist Health & Analytics 505 King Avenue, Columbus, OH 43201 P: 614-424-5252 -- You are currently subscribed to [email protected]<mailto:[email protected]> as: [email protected]<mailto:[email protected]> To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected]<mailto:[email protected]> as: [email protected]<mailto:[email protected]> To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
