It seems that it is not
active:
<property name="authenticationHandlers">
<list>
<!--
| This is the authentication
handler that authenticates services by means of callback via SSL,
thereby validating
| a server side SSL certificate.
+-->
<!-- <bean
class="org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler"
/>
-->
<!--
| This is the authentication
handler declaration that every CAS deployer will need to change before
deploying CAS
| into production. The default
SimpleTestUsernamePasswordAuthenticationHandler authenticates
UsernamePasswordCredentials
| where the username equals the
password. You will need to replace this with an AuthenticationHandler
that implements your
| local authentication
strategy. You might accomplish this by coding a new such handler and
declaring
|
edu.someschool.its.cas.MySpecialHandler here, or you might use one of
the handlers provided in the adaptors modules.
+-->
<!--
<bean
class="org.jasig.cas.authentication.handler.support.SimpleTestUsernamePasswordAuthenticationHandler"
/>
-->
<bean
class="pl.umk.cas.authentication.handler.support.LDAPAuthenticationHandler"
/>
</list>
</property>
Maja
Scott Battaglia napisał(a):
By any chance did
you remove any
HttpBasedCredentialsAuthenticationHandler from the
deployerConfigContext.xml?
-Scott
On 9/22/06, Maja Wolniewicz <[EMAIL PROTECTED]
>
wrote:
But while running under
3.0.4
I'm geting a ticket with ST prefix as
well....
Maja
Henrik Genssen napisał(a):
Hi,
they changed the beginning of the tickets from the proxy-tickets from PT to ST and phpCAS does not deal with this correct.
You can change that back in CAS or fix phpCAS...
regards
Hinnack
reply to message:
date: 22.09.2006 10:58:07
from: "Maja Wolniewicz" <[EMAIL PROTECTED]>
to: [email protected]
subject: CAS 3.0.5 proxy problem
Recently I have installed a CAS server version 3.0.5.
All CASified applications acting as CAS client are running smoothly, but
unfortunately all proxy CAS applications refuse to work. We are using
phpCAS as CAS clients. First I thought that it is caused by the problem
in phpCAS libraries, you discussed on the list (on August, with the
subject 'proxy use'), but now I'm not sure...
I have a simple example:
<?php
include_once("./CAS/CAS.php");
include_once("./CAS/client.php");
phpCAS::setDebug("/tmp/mgw.log");
phpCAS::proxy(CAS_VERSION_2_0,'
login.umk.pl',8443,'');
phpCAS::forceAuthentication();
$username=phpCAS::getUser();
echo $username;
?>
which doesn't work with CAS 3.0.5.
After thorough investigations it appears that CAS server doesn't
response with proxy callback. It receives serviceValidate request with
pgtURL set,
but doesn't respond with URL callback. The callback URL is HTTPS and the
SSL certificate is valid (as the CAS protocol requires). The same
example running under the same Tomcat and CAS version 3.0.4 has no
problems at all.
In the catalina.out (under 3.0.5) I've found the following error, which
I suspect to be the culprit:
2006-09-21 16:21:25,489 INFO
[org.jasig.cas.authentication.AuthenticationManagerImpl] -
<AuthenticationHandler:
pl.umk.cas.authentication.handler.support.LDAPAuthenticationHandler
successfully authenticated the user which provided the following
credentials: [EMAIL PROTECTED]>
2006-09-21 16:21:25,491 INFO
[org.jasig.cas.CentralAuthenticationServiceImpl
] -
<Granted service ticket [ST-14-gz20yzZ74fejTqCUFJILgtSM94sGRfb4fbT-20]
for service [https://serwisy.umk.pl/mgw/mgw.php
] for user [[EMAIL PROTECTED]]>
2006-09-21 16:21:25,620 ERROR
[org.jasig.cas.web.ServiceValidateController] - <TicketException
generating ticket for: https://serwisy.umk.pl/mgw/mgw.php>
org.jasig.cas.ticket.TicketCreationException
:
error.authentication.credentials.unsupported
at
org.jasig.cas.CentralAuthenticationServiceImpl.delegateTicketGrantingTicket(CentralAuthenticationServiceImpl.java:215)
at
org.jasig.cas.web.ServiceValidateController.handleRequestInternal
(ServiceValidateController.java:159)
at
org.springframework.web.servlet.mvc.AbstractController.handleRequest(AbstractController.java:153)
at
org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter.handle
(SimpleControllerHandlerAdapter.java:45)
at
org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:798)
at
org.springframework.web.servlet.DispatcherServlet.doService
(DispatcherServlet.java:728)
...
Caused by: error.authentication.credentials.unsupported
at
org.jasig.cas.authentication.handler.UnsupportedCredentialsException.<clinit>(UnsupportedCredentialsException.java
:21)
at
org.jasig.cas.authentication.AuthenticationManagerImpl.authenticate(AuthenticationManagerImpl.java:108)
at
org.jasig.cas.CentralAuthenticationServiceImpl.delegateTicketGrantingTicket(
CentralAuthenticationServiceImpl.java
:194)
Is this known problem? When I change in my example the proxy call to the
client call the username is echoed correctly (under 3.0.5 version).
Maja
--
Maja Gorecka-Wolniewicz
[EMAIL PROTECTED]
http://www.umk.pl/~mgw
PGP key: http://www.umk.pl/~mgw/pgp_pub_key.asc
Uczelniane Centrum Information & Communication
Informatyczne Technology Centre
Uniwersytet Mikolaja Kopernika Nicolaus Copernicus University
Coll. Maximum, pl. Rapackiego 1, 87-100 Torun, Poland
tel.: +48 56-611-27-40 fax: +48 56-622-18-50 tel. kom.: +48-693032574
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
--
Maja Gorecka-Wolniewicz [EMAIL PROTECTED]
http://www.umk.pl/~mgw
PGP key: http://www.umk.pl/~mgw/pgp_pub_key.asc
Uczelniane Centrum Information & Communication
Informatyczne Technology Centre
Uniwersytet Mikolaja Kopernika Nicolaus Copernicus University
Coll. Maximum, pl. Rapackiego 1, 87-100 Torun, Poland
tel.: +48 56-611-27-40 fax: +48 56-622-18-50 tel. kom.: +48-693032574
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
--
Maja Gorecka-Wolniewicz [EMAIL PROTECTED]
http://www.umk.pl/~mgw
PGP key: http://www.umk.pl/~mgw/pgp_pub_key.asc
Uczelniane Centrum Information & Communication
Informatyczne Technology Centre
Uniwersytet Mikolaja Kopernika Nicolaus Copernicus University
Coll. Maximum, pl. Rapackiego 1, 87-100 Torun, Poland
tel.: +48 56-611-27-40 fax: +48 56-622-18-50 tel. kom.: +48-693032574
