CAS logging is available at: $CATALINA_HOME/webapps/cas/WEB-INF/classes/log4j.xml assuming you want to modify the deployed war. Set "org.jasig" or other appropriate packages to DEBUG. Depending on your configuration, logs will be written to cas.log or tomcat's log directory, etc.
-----Original Message----- From: Waldbieser, Carl [mailto:[email protected]] Sent: Friday, May 29, 2015 11:13 AM To: [email protected] Subject: Re: [cas-user] debugging AUTHENTICATION_FAILED Phil, If you are on Linux, you could try: $ netstat -c 1 -tn | grep 3306 That will re-poll the connections every second. The other flags are to make sure you look at TCP connections and the numeric values of ports instead of whatever the mapping is in /etc/services. I would think you should be able to see at least an "ESTABLISHED" or "CLOSE_WAIT" state. You could try checking the basic connectivity from the CAS server to the database: $ telnet $YOUR_DB_IP_OR_HOSTNAME 3306 If you get a "connection refused" you might have a firewall issue. Not sure what to do about your CAS logging. Java tends to be ultra-configurable in that regard. The logging configs in your Tomcat's "conf" folder might give you a starting point. Thanks, Carl ----- Original Message ----- From: "Phil Romov" <[email protected]> To: [email protected] Sent: Friday, May 29, 2015 1:18:18 PM Subject: Re: [cas-user] debugging AUTHENTICATION_FAILED Netstat | grep 3306 isn’t showing anything, but then again I’m not sure if there’s going to be a persistent connection for cas that we can see I would much rather be able to set up logging to see what’s happening, but I’m a java/cas newbie and not sure how to enable it It might also be something to do with tomcat, as I copied over the entire webapps/cas directory from an older working version, and it doesn’t work on my new tomcat install. Really puzzled. Any pointers are appreciated. Thanks! Phil On 5/28/15, 9:28 AM, "Waldbieser, Carl" <[email protected]> wrote: >Phil, > >You can use `netstat` just to see if the TCP connection to MySQL is >established. >You could also run a local MySQL database instance with a couple test >users and switch your CAS config to use that temporarily until you >determine if the queries are what you expect. > >I haven't used Amazon RDS before, but the docs for the Amazon CLI tools >have this command: > > >http://docs.aws.amazon.com/AmazonRDS/latest/CommandLineReference/CLIRef >ere >nce-cmd-DownloadCompleteDBLogFile.html > >Thanks, >Carl > >----- Original Message ----- >From: "Phil Romov" <[email protected]> >To: [email protected] >Sent: Thursday, May 28, 2015 9:10:31 AM >Subject: Re: [cas-user] debugging AUTHENTICATION_FAILED > >Carl, >That’s an interesting idea… The MySQL database lives on amazon RDS, and >I’m not quite sure how to check that log. I’ve been crawling around >the RDS dashboard and related pages, and can’t find anything pointing >to the logs! > >At this point I might try to sniff the network traffic instead :X > >Any other ideas are welcome > >Thanks >Phil > >On 5/26/15, 3:18 PM, "Waldbieser, Carl" <[email protected]> wrote: > >>Phil, >> >>Can you tell if your CAS instance is actually connecting to your MySQL >>database to authenticate? >>Can you look at the MySQL query log to see what queries your CAS >>instance is making against it? >> >> https://dev.mysql.com/doc/refman/5.1/en/query-log.html >> >>Thanks, >>Carl Waldbieser >>ITS Systems Programmer >>Lafayette College >> >>----- Original Message ----- >>From: "Phil Romov" <[email protected]> >>To: [email protected] >>Sent: Tuesday, May 26, 2015 3:12:53 PM >>Subject: Re: [cas-user] debugging AUTHENTICATION_FAILED >> >>To be sure, I’ve done a diff -r between the working cas and the >>nonworking one, and besides cosmetic differences (like >>“Specification-Title: Jasig CAS Web Application” vs >>“Specificatio-Title: Jasig CAS - Uber WAR”) I couldn’t find anything >>different! >> >>Stumped >>Phil >> >>On 5/26/15, 2:33 PM, "Romov, Phil" <[email protected]> wrote: >> >>>Chris, >>>No, we aren’t using eDirectory. >>> >>>What’s frustating is I had cas working before. I used the regular >>>web app war (now I’m using the uber one, and I even copied the lib >>>over from the one that was working) and I copied over all the config >>>files (using the select * method of confirming auth against custom >>>users table) - or so I thought. I must have missed one, because the >>>new cas install is still not working >>> >>>(I have to abandon my old cas install because it was installed on a >>>bundled tomcat with something else) >>> >>>I must be missing something really obvious here, but I don’t even >>>know where to start looking as the log file is all but devoid of >>>helpful information >>> >>>Any ideas whatsoever are welcome! >>> >>>Thanks >>>Phil >>> >>>From: Christopher Myers >>><[email protected]<mailto:[email protected]>> >>>Reply-To: "[email protected]<mailto:[email protected]>" >>><[email protected]<mailto:[email protected]>> >>>Date: Friday, May 22, 2015 at 9:09 AM >>>To: "[email protected]<mailto:[email protected]>" >>><[email protected]<mailto:[email protected]>> >>>Subject: Re: [cas-user] debugging AUTHENTICATION_FAILED >>> >>>Hey Phil - >>> >>>You don't happen to use eDirectory on the back-end, do you? If so, I >>>can send you some directions that can make troubleshooting something >>>like this a TON easier... >>> >>>Chris >>> >>>>>> "Romov, Phil" <[email protected]<mailto:[email protected]>> >>>>>>05/21/15 3:55 PM >>> >>>Misagh, >>>Thanks for your reply! However, I might need significantly more >>>schooling on how to do this.. >>> >>>I tried googling around for some hints, but saw a mish-mash of >>>.properties and .xml files and didn¹t know where to start. >>> >>>So I tried a stab in the dark, adding to >>>webapps/cas/WEB-INF/cas.properties: >>> >>>log4j.org.jasig.cas=DEBUG >>> >>>And restarted tomcat >>> >>>However, I didn¹t get anything new in the logs, the same basic error >>>AUTHENTICATION_FAILED and no detail how to resolve itŠ >>> >>>Please advise >>>Thanks! >>>Phil >>> >>> >>> >>> >>> >>>On 5/20/15, 4:10 PM, "Misagh Moayyed" >>><[email protected]<mailto:[email protected]>> wrote: >>> >>>>The easiest way would be to review your log4j file, and adjust >>>>relevant levels to DEBUG, and watch the output. Specifically, you >>>>want to have org.jasig.cas to DEBUG and packages that deal with jdbc >>>>and your oracle driver. >>>> >>>>-----Original Message----- >>>>From: Romov, Phil [mailto:[email protected]] >>>>Sent: Wednesday, May 20, 2015 9:48 AM >>>>To: [email protected]<mailto:[email protected]> >>>>Subject: [cas-user] debugging AUTHENTICATION_FAILED >>>> >>>>I'm essentially in the same boat as >>>>http://stackoverflow.com/questions/24387170/whats-the-easiest-way-to >>>>-de >>>>b >>>>u >>>>g >>>>-jasig-cas-when-using-jdbc-and-oracle >>>> >>>>(except I'm in mysql not oracle) >>>> >>>>Are there any other logs to look at, flags to enable more logs? >>>>Please point me in the right direction >>>> >>>>Thanks >>>>Phil >>>> >>>>-- >>>>You are currently subscribed to >>>>[email protected]<mailto:[email protected]> as: >>>>[email protected]<mailto:[email protected]> To unsubscribe, >>>>change settings or access archives, see >>>>http://www.ja-sig.org/wiki/display/JSG/cas-user >>>> >>>> >>>>-- >>>>You are currently subscribed to >>>>[email protected]<mailto:[email protected]> as: >>>>[email protected]<mailto:[email protected]> >>>>To unsubscribe, change settings or access archives, see >>>>http://www.ja-sig.org/wiki/display/JSG/cas-user >>> >>> >>>-- >>>You are currently subscribed to >>>[email protected]<mailto:[email protected]> as: >>>[email protected]<mailto:[email protected]> >>>To unsubscribe, change settings or access archives, see >>>http://www.ja-sig.org/wiki/display/JSG/cas-user >>> >>> >>> >>>-- >>>You are currently subscribed to >>>[email protected]<mailto:[email protected]> as: >>>[email protected]<mailto:[email protected]> >>>To unsubscribe, change settings or access archives, see >>>http://www.ja-sig.org/wiki/display/JSG/cas-user >>> >>>-- >>>You are currently subscribed to [email protected] as: >>>[email protected] >>>To unsubscribe, change settings or access archives, see >>>http://www.ja-sig.org/wiki/display/JSG/cas-user >> >> >>-- >>You are currently subscribed to [email protected] as: >>[email protected] >>To unsubscribe, change settings or access archives, see >>http://www.ja-sig.org/wiki/display/JSG/cas-user >> >>-- >>You are currently subscribed to [email protected] as: >>[email protected] >>To unsubscribe, change settings or access archives, see >>http://www.ja-sig.org/wiki/display/JSG/cas-user >> > > >-- >You are currently subscribed to [email protected] as: >[email protected] >To unsubscribe, change settings or access archives, see >http://www.ja-sig.org/wiki/display/JSG/cas-user > >-- >You are currently subscribed to [email protected] as: >[email protected] >To unsubscribe, change settings or access archives, see >http://www.ja-sig.org/wiki/display/JSG/cas-user > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
