[cas-user] Service Ticket Validation / how do I get validation failures logged on the CAS server side?

Fri, 17 Jul 2015 11:39:01 -0700 

So I am trying to debug what happens when my CAS server cannot validate an ST.

I am modifying the request from the browser to my application and corrupting 
the ticket (ie I manipulate the value in ?ticket=xxxxx before sending to the 
application)

I see this on the application side:

type Exception report
message org.jasig.cas.client.validation.TicketValidationException: CAS Server 
could not validate ticket.
description The server encountered an internal error that prevented it from 
fulfilling this request.
exception
javax.servlet.ServletException: 
org.jasig.cas.client.validation.TicketValidationException: CAS Server could not 
validate ticket.
        
org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(AbstractTicketValidationFilter.java:194)
        
org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(AuthenticationFilter.java:116)
        edu.utah.attrrelease.SlowFilter.doFilter(SlowFilter.java:38)
root cause
org.jasig.cas.client.validation.TicketValidationException: CAS Server could not 
validate ticket.
        
org.jasig.cas.client.validation.Cas10TicketValidator.parseResponseFromServer(Cas10TicketValidator.java:45)
        
org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:217)
        
org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(AbstractTicketValidationFilter.java:169)
        
org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(AuthenticationFilter.java:116)
        edu.utah.attrrelease.SlowFilter.doFilter(SlowFilter.java:38)
note The full stack trace of the root cause is available in the Apache 
Tomcat/7.0.59 logs.

But I get nothing on the CAS server saying it failed to validate the ticket. I 
do get ticket validation success log messages. How can I fix this?

My log4j.xml on the CAS server has the following config:

<logger name="org.jasig.cas">
    <level value="WARN" />
  </logger>

  <logger name="org.jasig.cas.ticket.registry">
    <level value="DEBUG" />
  </logger>

  <logger name="org.jasig.cas.authentication">
    <level value="DEBUG" />
  </logger>

  <logger name="org.jasig.cas.util.HttpClient">
    <level value="WARN" />
  </logger>

  <logger name="org.jasig.cas.web.support">
    <level value="WARN" />
  </logger>

  <logger name="org.jasig.cas.web.ServiceValidateController">
    <level value="DEBUG" />
  </logger>

Thanks,

Bryan Wooten
Tel: (801)585-9323
Email: [email protected]<mailto:[email protected]>

[Identity & Access Management_combined centered]


-- 
You are currently subscribed to [email protected] as: 
[email protected]
To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user

Reply via email to