In fact, this sounded so familiar, I realized I had wrote a shell script to do
exactly that.
It is attached as "service_validate_curl.txt".
Thanks,
Carl
----- Original Message -----
From: "waldbiec" <[email protected]>
To: "cas-user" <[email protected]>
Sent: Wednesday, August 26, 2015 2:09:29 PM
Subject: Re: [cas-user] CAS 2 protocol ticket validation issue
I forget whether the PHP CAS client DEBUG mode has a setting where you can see
the raw response. That would be the thing to see.
Otherwise, you make a cURL request with a valid TGC cookie to request an ST.
Once you have it, you can make a second cURL request to validate it and see the
response.
If your ST lifetimes are faily quick, you can do this by having the 2nd command
ready to go in another terminal an quickly pasting in the result.
Alternatively, you can have some kind of script parse the ST from the first
result and immediately execute the 2nd cURL.
Thanks,
Carl Waldbieser
ITS Systems Programmer
Lafayette College
----- Original Message -----
From: "Juan Quintanilla" <[email protected]>
To: "cas-user" <[email protected]>
Sent: Wednesday, August 26, 2015 1:42:10 PM
Subject: [cas-user] CAS 2 protocol ticket validation issue
Hi,
I'm running into an issue with ticketvalidation when using the cas2.0 protocol.
The client is phpcas 1.3.2, when I use the saml1 protocol no problem what so
ever but when I switch to the cas 2.0 protocol I encounter the following error:
4D11 .| | | | =>
CAS_AuthenticationException::__construct(CAS_Client, 'Ticket not validated',
'https://hostname/cas/login/serviceValidate?service=http%3A%2F%2Foestest%2Fcastest%2Fsimple_login.php&ticket=ST-23-AfzljX3nI9TSddUCgISF-hostname',
false, true, '') [Client.php:2783]
4D11 .| | | | | => CAS_Client::getURL()
[AuthenticationException.php:76]
4D11 .| | | | | <=
'http://oestest.fiu.edu/castest/simple_login.php'
4D11 .| | | | | CAS URL:
https://hostname/cas/login/serviceValidate?service=http%3A%2F%2Foestest%2Fcastest%2Fsimple_login.php&ticket=ST-23-AfzljX3nI9TSddUCgISF-hostname
[AuthenticationException.php:79]
4D11 .| | | | | Authentication failure: Ticket not validated
[AuthenticationException.php:80]
4D11 .| | | | | Reason: bad response from the CAS server
[AuthenticationException.php:85]
So wondering if anybody has encountered the problem, I'm running cas 3.4.7.
what logs can I enable on the server side to get more details about why it
might be failing validation.
Thanks!
___________________
Juan Quintanilla
UTS - Enterprise Group
305-348-6573
[email protected]<mailto:[email protected]>
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
#! /bin/sh
if [ -z "$1" ]; then
echo "Usage: $0 [TGT]" >&2
exit 1
fi
CAS_LOGIN=${CAS_LOGIN:-https://cas.lafayette.edu/cas/login}
SERVICE_VALIDATE=${SERVICE_VALIDATE:-https://cas.lafayette.edu/cas/serviceValidate}
SERVICE=${SERVICE:-'https://calendar.lafayette.edu'}
TGT="$1"
ST=$(curl -v --get --data service="$SERVICE" --cookie CASTGC="$TGT"
"$CAS_LOGIN" 2>&1 | \
grep -e '^< Location:' | grep -e ticket= | sed -e 's/^.*ticket=//' -e
's/\r//') && \
curl -v --get --data service="$SERVICE" --data ticket="$ST" "$SERVICE_VALIDATE"
