Re: [cas-user] command-line phpCAS client

[Dmitriy Kopylenko]

That’s how it works - on successful authentication /v1/tickets resource returns 
HTTP 201 with the HTML snippet in the body (not very useful) and the TGT 
resource e.g. …/v1/tickets/{TGT}. in the HTTP Location header. You’d need to 
get that resource from the Location header to request STs.

Take a look here for some programmatic access examples: 
https://wiki.jasig.org/display/casum/restful+api 
<https://wiki.jasig.org/display/casum/restful+api>

Cheers,
D.

> On Jun 5, 2015, at 3:43 PM, Romov, Phil <pro...@harryfox.com> wrote:
> 
> Dmitriy,
> Actually, when I supply username, password, it gives me back HTML5 content, 
> saying Log In Successful…
> 
> But I was expecting some kind of json or easily parse-able content like 
> “Login success” or “Login fail”, not an entire <!doctype html> webpage
> 
> So while its working in theory, perhaps I have missed a setup somewhere?
> 
> I’m linking a screenshot of what I’m looking at.  (I suppose if I attach 
> images to the user group it will not work?)
> http://i.imgur.com/hsAX3vl.png
> 
> Please advise
> 
> Thanks
> Phil
> 
> 
> 
> From: Dmitriy Kopylenko <dkopyle...@unicon.net<mailto:dkopyle...@unicon.net>>
> Reply-To: "cas-user@lists.jasig.org<mailto:cas-user@lists.jasig.org>" 
> <cas-user@lists.jasig.org<mailto:cas-user@lists.jasig.org>>
> Date: Thursday, June 4, 2015 at 2:05 PM
> To: "cas-user@lists.jasig.org<mailto:cas-user@lists.jasig.org>" 
> <cas-user@lists.jasig.org<mailto:cas-user@lists.jasig.org>>
> Subject: Re: [cas-user] command-line phpCAS client
> 
> Did you POST to /v1/tickets with url encoded username, password ?
> 
> D.
> 
> On Jun 4, 2015, at 1:59 PM, Romov, Phil 
> <pro...@harryfox.com<mailto:pro...@harryfox.com>> wrote:
> 
> I have tried using Postman rest client, as well as a browser
> 
> Both ways the result is the same: the contents of /cas/login are served
> for a /cas/v1/tickets request
> 
> I suppose I could try sending POST to /cas/login directly, but I¹m not
> even sure if that is supported
> 
> Any guidance is welcome
> 
> Thanks
> Phil
> 
> On 6/4/15, 1:33 PM, "Dmitriy Kopylenko" 
> <dkopyle...@unicon.net<mailto:dkopyle...@unicon.net>> wrote:
> 
> Would you please provide an example of how you try to ³open² /v1/tickets
> resource?
> 
> Best,
> Dmitriy.
> 
> On Jun 4, 2015, at 1:22 PM, Romov, Phil 
> <pro...@harryfox.com<mailto:pro...@harryfox.com>> wrote:
> 
> So I¹ve followed
> http://jasig.github.io/cas/4.0.x/protocol/REST-Protocol.html and edited
> pom.xml and web.xml (the latter one in tomcat/webapps/cas/WEB-INF not in
> tomcat/conf, not sure if that matters)
> 
> But if I try to open /cas/v1/tickets for example it redirects me to
> /cas/login
> 
> What gives?
> 
> Thanks
> Phil
> 
> From: Aaron Grant 
> <asgr...@oakland.edu<mailto:asgr...@oakland.edu><mailto:asgr...@oakland.edu>>
> Reply-To: 
> "cas-user@lists.jasig.org<mailto:cas-user@lists.jasig.org><mailto:cas-user@lists.jasig.org>"
> <cas-user@lists.jasig.org<mailto:cas-user@lists.jasig.org><mailto:cas-user@lists.jasig.org>>
> Date: Thursday, June 4, 2015 at 10:23 AM
> To: 
> "cas-user@lists.jasig.org<mailto:cas-user@lists.jasig.org><mailto:cas-user@lists.jasig.org>"
> <cas-user@lists.jasig.org<mailto:cas-user@lists.jasig.org><mailto:cas-user@lists.jasig.org>>
> Subject: Re: [cas-user] command-line phpCAS client
> 
> I'd take a look at the CAS REST API. This might help you out. Note the
> warning on the documentation and protect yourself from any bruce force
> attacks in you enable this (i.e. add locking for multiple incorrect
> authentications).
> 
> http://jasig.github.io/cas/4.0.x/protocol/REST-Protocol.html
> 
> On Thu, Jun 4, 2015 at 10:00 AM, Romov, Phil
> <pro...@harryfox.com<mailto:pro...@harryfox.com><mailto:pro...@harryfox.com>> 
> wrote:
> Hi all,
> I want to make a small proof of concept app but first I want to make
> sure I¹m not completely off base
> 
> I¹ve been able to get phpCAS client working with code igniter, but
> that¹s a webapp
> 
> When I make a simple php cli app (using example_simple.php for
> starters, code pasted below) it gets as far as
> phpCAS::forceAuthentication() but then it gives me:
> (IP is blanked out by me)
> 
> <html><head><title>CAS Authentication
> wanted!</title></head><body><h1>CAS Authentication wanted!</h1><p>You
> should already have been redirected to the CAS server. Click <a
> href="https://##.##.##.##:8443/cas/login?service=http%3A%2F%2F%3A<https:/##.##.##.##:8443/cas/login?service=http%3A%2F%2F%3A>">here</
> a> to continue.</p><hr><address>phpCAS 1.3.3+ using server <a
> href="https://##.##.##.##:8443/cas/<https:/##.##.##.##:8443/cas/>">https://##.##.##.##:8443/cas/<https:/##.##.##.##:8443/cas/></a>
> (CAS 2.0)</a></address></body></html>imac-dd:cas promov$
> 
> Is it possible to make a command line sso app like this?  Should I be
> using REST instead?  Something else?
> 
> Thanks,
> Phil
> 
> 
> 
> <?php
> 
> 
> date_default_timezone_set('America/New_York');
> 
> 
> $cas_host = Œ##.##.##.##¹;  //actual IP blanked out in this email
> 
> $cas_port = 8443;
> 
> $cas_context = '/cas';
> 
> 
> require_once('phpCAS/CAS.php');
> 
> 
> phpCAS::setDebug();
> 
> 
> phpCas::client(CAS_VERSION_2_0, $cas_host, $cas_port, $cas_context);
> 
> 
> // DEBUG ONLY, do not use this toggle in production
> 
> phpCAS::setNoCasServerValidation();
> 
> 
> echo "Trying forceAuthentication()...\n";
> 
> phpCAS::forceAuthentication();
> 
> 
> echo "User:        ".phpCAS::getUser()."\n";
> 
> echo "CAS version: ".phpCAS::getVersion()."\n";
> 
> 
> // phpCAS::logout();
> 
> 
> Debug log:
> 
> 
> 8A31 .START (2015-06-04 09:55:30) phpCAS-1.3.3+ ******************
> [CAS.php:448]
> 
> 8A31 .=> phpCAS::client('2.0', Œ##.##.##.##', 8443, '/cas') [app.php:13]
> 
> 8A31 .|    => CAS_Client::__construct('2.0', false, Œ##.##.##.##',
> 8443, '/cas', true) [CAS.php:341]
> 
> 8A31 .|    |    Starting a new session 9aca782b40a475a5e184850ebff3303c
> [Client.php:906]
> 
> 8A31 .|    <= ''
> 
> 8A31 .<= ''
> 
> 8A31 .=> phpCAS::setNoCasServerValidation() [app.php:16]
> 
> 8A31 .|    You have configured no validation of the legitimacy of the
> cas server. This is not recommended for production use. [CAS.php:1563]
> 
> 8A31 .<= ''
> 
> 8A31 .=> phpCAS::forceAuthentication() [app.php:19]
> 
> 8A31 .|    => CAS_Client::forceAuthentication() [CAS.php:1025]
> 
> 8A31 .|    |    => CAS_Client::isAuthenticated() [Client.php:1248]
> 
> 8A31 .|    |    |    => CAS_Client::_wasPreviouslyAuthenticated()
> [Client.php:1359]
> 
> 8A31 .|    |    |    |    no user found [Client.php:1601]
> 
> 8A31 .|    |    |    <= false
> 
> 8A31 .|    |    |    no ticket found [Client.php:1460]
> 
> 8A31 .|    |    <= false
> 
> 8A31 .|    |    => CAS_Client::redirectToCas(false) [Client.php:1257]
> 
> 8A31 .|    |    |    => CAS_Client::getServerLoginURL(false, false)
> [Client.php:1622]
> 
> 8A31 .|    |    |    |    => CAS_Client::getURL() [Client.php:342]
> 
> 8A31 .|    |    |    |    |    Final URI: http://: [Client.php:3491]
> 
> 8A31 .|    |    |    |    <= 'http://:'
> 
> 8A31 .|    |    |    <=
> 'https://##.##.##.##:8443/cas/login?service=http%3A%2F%2F%3A'
> 
> 8A31 .|    |    |    Redirect to :
> https://##.##.##.##:8443/cas/login?service=http%3A%2F%2F%3A
> [Client.php:1629]
> 
> 8A31 .|    |    |    exit()
> 
> 8A31 .|    |    |    -
> 
> 8A31 .|    |    -
> 
> 8A31 .|    -
> 
> 
> --
> You are currently subscribed to
> cas-user@lists.jasig.org<mailto:cas-user@lists.jasig.org><mailto:cas-user@lists.jasig.org>
>  as:
> asgr...@oakland.edu<mailto:asgr...@oakland.edu><mailto:asgr...@oakland.edu>
> To unsubscribe, change settings or access archives, see
> http://www.ja-sig.org/wiki/display/JSG/cas-user
> 
> 
> 
> 
> --
> Aaron Grant
> Senior Applications Architect
> Oakland University - UTS<http://oakland.edu/uts>
> 
> 
> --
> You are currently subscribed to
> cas-user@lists.jasig.org<mailto:cas-user@lists.jasig.org><mailto:cas-user@lists.jasig.org>
>  as:
> pro...@harryfox.com<mailto:pro...@harryfox.com><mailto:pro...@harryfox.com>
> To unsubscribe, change settings or access archives, see
> http://www.ja-sig.org/wiki/display/JSG/cas-user
> 
> --
> You are currently subscribed to 
> cas-user@lists.jasig.org<mailto:cas-user@lists.jasig.org> as:
> dkopyle...@unicon.net<mailto:dkopyle...@unicon.net>
> To unsubscribe, change settings or access archives, see
> http://www.ja-sig.org/wiki/display/JSG/cas-user
> 
> 
> 
> --
> You are currently subscribed to 
> cas-user@lists.jasig.org<mailto:cas-user@lists.jasig.org> as:
> pro...@harryfox.com<mailto:pro...@harryfox.com>
> To unsubscribe, change settings or access archives, see
> http://www.ja-sig.org/wiki/display/JSG/cas-user
> 
> 
> 
> --
> You are currently subscribed to 
> cas-user@lists.jasig.org<mailto:cas-user@lists.jasig.org> as: 
> dkopyle...@unicon.net<mailto:dkopyle...@unicon.net>
> To unsubscribe, change settings or access archives, see 
> http://www.ja-sig.org/wiki/display/JSG/cas-user
> 
> 
> --
> You are currently subscribed to 
> cas-user@lists.jasig.org<mailto:cas-user@lists.jasig.org> as: 
> pro...@harryfox.com<mailto:pro...@harryfox.com>
> To unsubscribe, change settings or access archives, see 
> http://www.ja-sig.org/wiki/display/JSG/cas-user
> 
> -- 
> You are currently subscribed to cas-user@lists.jasig.org as: 
> dkopyle...@unicon.net
> To unsubscribe, change settings or access archives, see 
> http://www.ja-sig.org/wiki/display/JSG/cas-user


-- 
You are currently subscribed to cas-user@lists.jasig.org as: 
arch...@mail-archive.com
To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user