ok i understand why it does'nt work ... i will try with certicate Thks On Mon, Jan 12, 2015 at 7:15 PM, John Gasper <[email protected]> wrote:
> Jeremie, > > That is probably your issue. By default CAS Server won't issue a > TicketGrantTicket without SSL (https). It's not secure to pass credentials > without SSL. > > --- > *John Gasper* > IAM Consultant > Unicon, Inc. > PGP/GPG Key: 0xbafee3ef > > On 1/12/15 10:12 AM, Jeremie NATAF wrote: > > hi, > there are no certificat, all connection are over http, there are no https > Could we use jasig on http and share connection http ? > tks > > On Mon, Jan 12, 2015 at 7:05 PM, Chris Cheltenham < > [email protected]> wrote: > >> John, >> >> >> >> What are the browser certificates for? >> >> >> >> >> >> >> >> Thank You, >> >> >> >> Chris Cheltenham >> >> SwainTechs / HHS >> >> >> >> Cell# 267-586-2369 >> >> >> >> *From:* John Gasper [mailto:[email protected]] >> *Sent:* Monday, January 12, 2015 11:29 AM >> *To:* [email protected] >> *Subject:* Re: [cas-user] share a connection between application >> >> >> >> I can't say that I've seen anything like this before... What authenticate >> handlers are you using? >> >> >> --- >> *John Gasper* >> IAM Consultant >> Unicon, Inc. >> PGP/GPG Key: 0xbafee3ef >> >> On 1/12/15 5:47 AM, jnataf wrote: >> >> Hi everybody, >> >> >> >> Two webapp applications (webapp1 on tomcat 1 and webapp2 on tomcat 2) are >> deployed on two tomcats server. >> >> >> >> My problem : >> >> I can connect on each application with sso, but i can't share connection >> betwen the two applications, i have to reconnect each time on the second >> application. >> >> >> >> the cas server generated alway a new ticket >> >> >> >> My use case : >> >> - i connect to the webapp1 with sso >> >> - i browse to the webapp2 and i automated redirect to the cas login page, i >> have to logon a second time on sso server >> >> >> >> thanks for your help >> >> 2015-01-12 15:12:37,565 DEBUG >> [org.jasig.cas.web.flow.InitialFlowSetupAction] - Action >> 'InitialFlowSetupAction' completed execution; result is 'success' >> >> 2015-01-12 15:12:37,565 DEBUG >> [org.jasig.cas.adaptors.trusted.web.flow.PrincipalFromRequestRemoteUserNonInteractiveCredentialsAction] >> - Action 'PrincipalFromRequestRemoteUserNonInteractiveCredentialsAction' >> beginning execution >> >> 2015-01-12 15:12:37,566 DEBUG >> [org.jasig.cas.adaptors.trusted.web.flow.PrincipalFromRequestRemoteUserNonInteractiveCredentialsAction] >> - Remote User not found in HttpServletRequest. >> >> 2015-01-12 15:12:37,566 DEBUG >> [org.jasig.cas.adaptors.trusted.web.flow.PrincipalFromRequestRemoteUserNonInteractiveCredentialsAction] >> - Action 'PrincipalFromRequestRemoteUserNonInteractiveCredentialsAction' >> completed execution; result is 'error' >> >> 2015-01-12 15:12:37,566 DEBUG >> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Action >> 'AuthenticationViaFormAction' beginning execution >> >> 2015-01-12 15:12:37,566 DEBUG >> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Executing setupForm >> >> 2015-01-12 15:12:37,566 DEBUG >> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Creating new form >> object with name 'credentials' >> >> 2015-01-12 15:12:37,566 DEBUG >> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Creating new instance >> of form object class [class >> org.jasig.cas.authentication.principal.UsernamePasswordCredentials] >> >> 2015-01-12 15:12:37,566 DEBUG >> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Putting form object >> of type [class >> org.jasig.cas.authentication.principal.UsernamePasswordCredentials] in scope >> Flow with name 'credentials' >> >> 2015-01-12 15:12:37,566 DEBUG >> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Creating new form >> errors for object with name 'credentials' >> >> 2015-01-12 15:12:37,566 DEBUG >> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - No property editor >> registrar set, no custom editors to register >> >> 2015-01-12 15:12:37,567 DEBUG >> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Putting form errors >> instance in scope Flash >> >> 2015-01-12 15:12:37,567 DEBUG >> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Action >> 'AuthenticationViaFormAction' completed execution; result is 'success' >> >> 2015-01-12 15:12:37,567 DEBUG >> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Action >> 'AuthenticationViaFormAction' beginning execution >> >> 2015-01-12 15:12:37,567 DEBUG >> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Action >> 'AuthenticationViaFormAction' completed execution; result is 'success' >> >> 2015-01-12 15:12:42,460 DEBUG >> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Action >> 'AuthenticationViaFormAction' beginning execution >> >> 2015-01-12 15:12:42,460 DEBUG >> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Executing bind >> >> 2015-01-12 15:12:42,460 DEBUG >> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Found existing form >> object with name 'credentials' of type [class >> org.jasig.cas.authentication.principal.UsernamePasswordCredentials] in scope >> Flow >> >> 2015-01-12 15:12:42,460 DEBUG >> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - No property editor >> registrar set, no custom editors to register >> >> 2015-01-12 15:12:42,461 DEBUG >> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Binding allowed >> request parameters in map['username' -> 'nataf1', 'submit' -> 'SE >> CONNECTER', '_eventId' -> 'submit', 'service' -> >> 'http://portail.intranet.citepro.cite-sciences.fr/c/portal/login?p_l_id=12980', >> 'lt' -> >> '_c7E1350E9-537B-F296-195A-D28DDFA8017E_k0595A0EE-EC71-239E-AE03-AB417C17634F', >> 'password' -> 'secret'] to form object with name 'credentials', pre-bind >> formObject toString = [username: null] >> >> 2015-01-12 15:12:42,461 DEBUG >> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - (Any field is allowed) >> >> 2015-01-12 15:12:42,461 DEBUG >> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Binding completed for >> form object with name 'credentials', post-bind formObject toString = >> [username: nataf1] >> >> 2015-01-12 15:12:42,462 DEBUG >> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - There are [0] errors, >> details: [] >> >> 2015-01-12 15:12:42,462 DEBUG >> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Executing validation >> >> 2015-01-12 15:12:42,462 DEBUG >> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Invoking validator >> org.jasig.cas.validation.UsernamePasswordCredentialsValidator@3b69278 >> >> 2015-01-12 15:12:42,462 DEBUG >> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Validation completed >> for form object >> >> 2015-01-12 15:12:42,462 DEBUG >> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - There are [0] errors, >> details: [] >> >> 2015-01-12 15:12:42,462 DEBUG >> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Putting form errors >> instance in scope Flash >> >> 2015-01-12 15:12:42,462 DEBUG >> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Action >> 'AuthenticationViaFormAction' completed execution; result is 'success' >> >> 2015-01-12 15:12:42,462 DEBUG >> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Action >> 'AuthenticationViaFormAction' beginning execution >> >> 2015-01-12 15:12:42,463 DEBUG >> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Found existing form >> object with name 'credentials' of type [class >> org.jasig.cas.authentication.principal.UsernamePasswordCredentials] in scope >> Flow >> >> 2015-01-12 15:12:42,463 DEBUG >> [org.jasig.cas.CentralAuthenticationServiceImpl] - Attempting to create >> TicketGrantingTicket for [username: nataf1] >> >> 2015-01-12 15:12:42,463 DEBUG >> [org.jasig.cas.CentralAuthenticationServiceImpl] - Attempting to create >> TicketGrantingTicket for [username: nataf1] >> >> 2015-01-12 15:12:42,480 INFO >> [org.jasig.cas.authentication.AuthenticationManagerImpl] - >> AuthenticationHandler: >> org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler successfully >> authenticated the user which provided the following credentials: [username: >> nataf1] >> >> 2015-01-12 15:12:42,480 DEBUG >> [org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver] >> - Attempting to resolve a principal... >> >> 2015-01-12 15:12:42,480 DEBUG >> [org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver] >> - Creating SimplePrincipal for [nataf1] >> >> 2015-01-12 15:12:42,481 DEBUG >> [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - Added ticket >> [TGT-16-cT3RrXO3rcFFM0kUuADGdp2NCPA9hhGnmGgjRmNOK3FsOWHrb4-cas] to registry. >> >> 2015-01-12 15:12:42,481 DEBUG >> [org.jasig.cas.web.support.CookieRetrievingCookieGenerator] - Removed cookie >> with name [CASPRIVACY] >> >> 2015-01-12 15:12:42,481 DEBUG >> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Action >> 'AuthenticationViaFormAction' completed execution; result is 'success' >> >> 2015-01-12 15:12:42,481 DEBUG >> [org.jasig.cas.web.flow.SendTicketGrantingTicketAction] - Action >> 'SendTicketGrantingTicketAction' beginning execution >> >> 2015-01-12 15:12:42,481 DEBUG >> [org.jasig.cas.web.support.CookieRetrievingCookieGenerator] - Added cookie >> with name [CASTGC] and value >> [TGT-16-cT3RrXO3rcFFM0kUuADGdp2NCPA9hhGnmGgjRmNOK3FsOWHrb4-cas] >> >> 2015-01-12 15:12:42,482 DEBUG >> [org.jasig.cas.web.flow.SendTicketGrantingTicketAction] - Action >> 'SendTicketGrantingTicketAction' completed execution; result is 'success' >> >> 2015-01-12 15:12:42,482 DEBUG >> [org.jasig.cas.web.flow.GenerateServiceTicketAction] - Action >> 'GenerateServiceTicketAction' beginning execution >> >> 2015-01-12 15:12:42,482 DEBUG >> [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - Attempting to >> retrieve ticket >> [TGT-16-cT3RrXO3rcFFM0kUuADGdp2NCPA9hhGnmGgjRmNOK3FsOWHrb4-cas] >> >> 2015-01-12 15:12:42,482 DEBUG >> [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - Ticket >> [TGT-16-cT3RrXO3rcFFM0kUuADGdp2NCPA9hhGnmGgjRmNOK3FsOWHrb4-cas] found in >> registry. >> >> 2015-01-12 15:12:42,482 DEBUG >> [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - Added ticket >> [ST-14-ogdO1bt3aGv9rZ5JIRAs-cas] to registry. >> >> 2015-01-12 15:12:42,482 INFO >> [org.jasig.cas.CentralAuthenticationServiceImpl] - Granted service ticket >> [ST-14-ogdO1bt3aGv9rZ5JIRAs-cas] for service >> [http://portail.intranet.citepro.cite-sciences.fr/c/portal/login?p_l_id=12980] >> for user [nataf1] >> >> 2015-01-12 15:12:42,483 DEBUG >> [org.jasig.cas.web.flow.GenerateServiceTicketAction] - Action >> 'GenerateServiceTicketAction' completed execution; result is 'success' >> >> 2015-01-12 15:12:42,518 DEBUG >> [org.jasig.cas.web.support.CasArgumentExtractor] - Extractor generated >> service for: >> http://portail.intranet.citepro.cite-sciences.fr/c/portal/login?p_l_id=12980 >> >> 2015-01-12 15:12:42,518 DEBUG >> [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - Attempting to >> retrieve ticket [ST-14-ogdO1bt3aGv9rZ5JIRAs-cas] >> >> 2015-01-12 15:12:42,518 DEBUG >> [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - Ticket >> [ST-14-ogdO1bt3aGv9rZ5JIRAs-cas] found in registry. >> >> 2015-01-12 15:12:42,519 DEBUG >> [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - Removing ticket >> [ST-14-ogdO1bt3aGv9rZ5JIRAs-cas] from registry >> >> 2015-01-12 15:12:51,531 DEBUG >> [org.jasig.cas.web.flow.InitialFlowSetupAction] - Action >> 'InitialFlowSetupAction' beginning execution >> >> 2015-01-12 15:12:51,532 DEBUG >> [org.jasig.cas.web.support.CasArgumentExtractor] - Extractor generated >> service for: >> http://portail.intranet.citepro.cite-sciences.fr/bonita/portal/homepage >> >> 2015-01-12 15:12:51,532 DEBUG >> [org.jasig.cas.web.flow.InitialFlowSetupAction] - Placing service in >> FlowScope: >> http://portail.intranet.citepro.cite-sciences.fr/bonita/portal/homepage >> >> 2015-01-12 15:12:51,532 DEBUG >> [org.jasig.cas.web.flow.InitialFlowSetupAction] - Action >> 'InitialFlowSetupAction' completed execution; result is 'success' >> >> 2015-01-12 15:12:51,533 DEBUG >> [org.jasig.cas.adaptors.trusted.web.flow.PrincipalFromRequestRemoteUserNonInteractiveCredentialsAction] >> - Action 'PrincipalFromRequestRemoteUserNonInteractiveCredentialsAction' >> beginning execution >> >> 2015-01-12 15:12:51,533 DEBUG >> [org.jasig.cas.adaptors.trusted.web.flow.PrincipalFromRequestRemoteUserNonInteractiveCredentialsAction] >> - Remote User not found in HttpServletRequest. >> >> 2015-01-12 15:12:51,533 DEBUG >> [org.jasig.cas.adaptors.trusted.web.flow.PrincipalFromRequestRemoteUserNonInteractiveCredentialsAction] >> - Action 'PrincipalFromRequestRemoteUserNonInteractiveCredentialsAction' >> completed execution; result is 'error' >> >> 2015-01-12 15:12:51,533 DEBUG >> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Action >> 'AuthenticationViaFormAction' beginning execution >> >> 2015-01-12 15:12:51,533 DEBUG >> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Executing setupForm >> >> 2015-01-12 15:12:51,533 DEBUG >> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Creating new form >> object with name 'credentials' >> >> 2015-01-12 15:12:51,533 DEBUG >> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Creating new instance >> of form object class [class >> org.jasig.cas.authentication.principal.UsernamePasswordCredentials] >> >> 2015-01-12 15:12:51,533 DEBUG >> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Putting form object >> of type [class >> org.jasig.cas.authentication.principal.UsernamePasswordCredentials] in scope >> Flow with name 'credentials' >> >> 2015-01-12 15:12:51,533 DEBUG >> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Creating new form >> errors for object with name 'credentials' >> >> 2015-01-12 15:12:51,533 DEBUG >> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - No property editor >> registrar set, no custom editors to register >> >> 2015-01-12 15:12:51,534 DEBUG >> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Putting form errors >> instance in scope Flash >> >> 2015-01-12 15:12:51,534 DEBUG >> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Action >> 'AuthenticationViaFormAction' completed execution; result is 'success' >> >> 2015-01-12 15:12:51,534 DEBUG >> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Action >> 'AuthenticationViaFormAction' beginning execution >> >> 2015-01-12 15:12:51,534 DEBUG >> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Action >> 'AuthenticationViaFormAction' completed execution; result is 'success' >> >> ~ >> >> >> >> >> >> URL >> >> for the webapp1 >> http://portail.intranet.citepro.cite-sciences.fr/c/portal/login?p_l_id=12980 >> >> >> >> and webapp2 >> >> >> >> http://portail.intranet.citepro.cite-sciences.fr/bonita/portal/homepage >> >> >> >> we caan see on log when i navigate to the webapp2 >> >> >> >> the log Remote User not found >> >> >> >> 2015-01-12 15:12:51,533 DEBUG >> [org.jasig.cas.adaptors.trusted.web.flow.PrincipalFromRequestRemoteUserNonInteractiveCredentialsAction] >> - Remote User not found in HttpServletRequest. >> >> >> >> >> >> this log can explain the problem ? >> >> >> >> >> >> Thks >> >> Jeremie >> >> >> >> >> >> -- >> >> You are currently subscribed to [email protected] as: >> [email protected] >> >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/display/JSG/cas-user >> >> -- >> You are currently subscribed to [email protected] as: >> [email protected] >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/display/JSG/cas-user >> >> > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
