I managed to track down my mistakes.
On Thursday, January 8, 2015 at 8:47:35 AM UTC-6, Aaron Spike wrote:
>
> After successful login on my CAS server, Moodle responds with "The given
> username contains invalid characters" and indeed the username passed in is
> something weird like "3eytuju6mqbz5d8+v93dfbyfjv8=".
>
anonymousAccess=true caused CAS to send a token in place of the username.
After changing this setting to false, moodle works fine with CAS.
<bean class="org.jasig.cas.services.RegexRegisteredService">
<property name="anonymousAccess" value="true" />
</bean>
> After successful login on my CAS server, the Tomcat running Orbeon Forms
> presents me with the following traceback:
>
> java.lang.IllegalArgumentException: protocol = https host = null
> sun.net.spi.DefaultProxySelector.select(DefaultProxySelector.java:170)
>
> sun.net.www.protocol.http.HttpURLConnection.plainConnect(HttpURLConnection.java:926)
>
> sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:177)
>
> sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:1091)
>
> sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:250)
>
> org.jasig.cas.client.validation.Saml11TicketValidator.retrieveResponseFromServer(Saml11TicketValidator.java:259)
>
> org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:200)
>
> org.jasig.cas.client.tomcat.AuthenticatorDelegate.authenticate(AuthenticatorDelegate.java:99)
>
> org.jasig.cas.client.tomcat.v7.AbstractAuthenticator.authenticate(AbstractAuthenticator.java:159)
>
> org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:574)
>
> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:99)
> org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:953)
> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:408)
>
> org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1023)
>
> org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:589)
>
> org.apache.tomcat.util.net.AprEndpoint$SocketWithOptionsProcessor.run(AprEndpoint.java:1810)
>
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
>
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
> java.lang.Thread.run(Thread.java:745)
>
The proxy error was a bit misleading. I made a typo in the
casServerUrlPrefix, omitting a slash after the scheme. Interestingly this
didn't cause the URI parsing library to throw an exception for an invalid
URL, but the host name was not parsed out properly causing the proxy
message. Here's a BAD EXAMPLE:
<Valve
className="org.jasig.cas.client.tomcat.v7.Saml11Authenticator"
encoding="UTF-8"
casServerLoginUrl="https://server.example.com/cas/login";
casServerUrlPrefix="https:/server.example.com/cas/"
serverName="client.example.com"
/>
Aaron Spike
--
This electronic communication, including any attached documents, may
contain confidential and/or legally privileged information that is intended
only for use by the recipient(s) named above. If you have received this
communication in error, please notify the sender immediately and delete the
communication and any attachments. Views expressed by the author do not
necessarily represent those of Martin Luther College.
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
