Re: Spnego and Cas configuration

vincent . jaulin Mon, 02 Oct 2006 08:33:07 -0700

> I don't remember what is present in log and I don't have time right now.
> But do you have an HTTP 401 Response when you
> reach the login servlet ?
I have an HTTP 200 Response, and I get a "CAS is Unavailable" HTML page.


> You could also turn logs to debug.
Ok, it's done.
>
> Arnaud Lesueur
>


####################### Log
2006-10-02 16:53:09,703 INFO
[org.jasig.cas.ticket.proxy.support.Cas20ProxyHandler] - No
UniqueTicketIdGenerator specified for
org.jasig.cas.ticket.proxy.support.Cas20ProxyHandler.  Using
org.jasig.cas.util.DefaultUniqueTicketIdGenerator
2006-10-02 16:53:09,937 DEBUG
[org.jasig.cas.adaptors.spnego.authentication.handler.support.JCIFSConfig]
- initializing JCIFS config
2006-10-02 16:53:09,953 DEBUG
[org.jasig.cas.adaptors.spnego.authentication.handler.support.JCIFSConfig]
- jcifsServicePrincipal is set to HTTP/[EMAIL PROTECTED]
2006-10-02 16:53:09,953 DEBUG
[org.jasig.cas.adaptors.spnego.authentication.handler.support.JCIFSConfig]
- jcifsServicePassword is set to *****
2006-10-02 16:53:09,953 DEBUG
[org.jasig.cas.adaptors.spnego.authentication.handler.support.JCIFSConfig]
- kerberosRealm is set to :KEYPHRENE.COM
2006-10-02 16:53:09,953 DEBUG
[org.jasig.cas.adaptors.spnego.authentication.handler.support.JCIFSConfig]
- kerberosKdc is set to : 10.83.198.4
2006-10-02 16:53:09,953 DEBUG
[org.jasig.cas.adaptors.spnego.authentication.handler.support.JCIFSConfig]
- kerberosDebug is set to : true
2006-10-02 16:53:09,953 DEBUG
[org.jasig.cas.adaptors.spnego.authentication.handler.support.JCIFSConfig]
- jcifsKerberosEnable is set to false
2006-10-02 16:53:10,000 DEBUG
[org.jasig.cas.adaptors.spnego.authentication.handler.support.JCIFSConfig]
- configured login configuration path : /WEB-INF/login.conf
2006-10-02 16:53:10,640 INFO [org.jasig.cas.web.ServiceValidateController]
- No successView specified.  Using default of casServiceSuccessView
2006-10-02 16:53:10,640 INFO [org.jasig.cas.web.ServiceValidateController]
- No failureView specified.  Using default of casServiceFailureView
2006-10-02 16:53:10,656 INFO [org.jasig.cas.web.ServiceValidateController]
- No authentication specification class set.  Defaulting to
org.jasig.cas.validation.Cas20ProtocolValidationSpecification
2006-10-02 16:53:10,656 INFO [org.jasig.cas.web.ServiceValidateController]
- No successView specified.  Using default of casServiceSuccessView
2006-10-02 16:53:10,656 INFO [org.jasig.cas.web.ServiceValidateController]
- No failureView specified.  Using default of casServiceFailureView
2006-10-02 16:53:10,765 INFO
[org.jasig.cas.web.flow.AuthenticationViaFormAction] - FormObjectClass not
set.  Using default class of
org.jasig.cas.authentication.principal.UsernamePasswordCredentials with
formObjectName credentials and validator
org.jasig.cas.validation.UsernamePasswordCredentialsValidator.
2006-10-02 16:53:29,828 INFO
[org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] -
Starting cleaning of expired tickets from ticket registry at [Mon Oct 02
16:53:29 CEST 2006]
2006-10-02 16:53:29,828 INFO
[org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] - 0
found to be removed.  Removing now.
2006-10-02 16:53:29,828 INFO
[org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] -
Finished cleaning of expired tickets from ticket registry at [Mon Oct 02
16:53:29 CEST 2006]
2006-10-02 16:54:04,234 DEBUG
[org.jasig.cas.web.flow.AutomaticCookiePathSetterAction] - Action
'AutomaticCookiePathSetterAction' beginning execution
2006-10-02 16:54:04,234 INFO
[org.jasig.cas.web.flow.AutomaticCookiePathSetterAction] - Setting
ContextPath for cookies to: /cas
2006-10-02 16:54:04,234 DEBUG
[org.jasig.cas.web.flow.AutomaticCookiePathSetterAction] - Action
'AutomaticCookiePathSetterAction' completed execution; result is 'success'
2006-10-02 16:54:04,234 DEBUG
[org.jasig.cas.web.flow.TicketGrantingTicketExistsAction] - Action
'TicketGrantingTicketExistsAction' beginning execution
2006-10-02 16:54:04,234 DEBUG
[org.jasig.cas.web.flow.TicketGrantingTicketExistsAction] - Action
'TicketGrantingTicketExistsAction' completed execution; result is
'noTicketGrantingTicketExists'
2006-10-02 16:54:04,234 DEBUG
[org.jasig.cas.web.flow.GatewayRequestCheckAction] - Action
'GatewayRequestCheckAction' beginning execution
2006-10-02 16:54:04,234 DEBUG
[org.jasig.cas.web.flow.GatewayRequestCheckAction] - Action
'GatewayRequestCheckAction' completed execution; result is 'error'
2006-10-02 16:54:04,734 DEBUG
[org.jasig.cas.web.flow.AutomaticCookiePathSetterAction] - Action
'AutomaticCookiePathSetterAction' beginning execution
2006-10-02 16:54:04,734 DEBUG
[org.jasig.cas.web.flow.AutomaticCookiePathSetterAction] - Action
'AutomaticCookiePathSetterAction' completed execution; result is 'success'
2006-10-02 16:54:04,734 DEBUG
[org.jasig.cas.web.flow.TicketGrantingTicketExistsAction] - Action
'TicketGrantingTicketExistsAction' beginning execution
2006-10-02 16:54:04,734 DEBUG
[org.jasig.cas.web.flow.TicketGrantingTicketExistsAction] - Action
'TicketGrantingTicketExistsAction' completed execution; result is
'noTicketGrantingTicketExists'
2006-10-02 16:54:04,734 DEBUG
[org.jasig.cas.web.flow.GatewayRequestCheckAction] - Action
'GatewayRequestCheckAction' beginning execution
2006-10-02 16:54:04,750 DEBUG
[org.jasig.cas.web.flow.GatewayRequestCheckAction] - Action
'GatewayRequestCheckAction' completed execution; result is 'error'
#######################

My JCIFS configuration is certainly bad.

<bean name="jcifsConfig"
class="org.jasig.cas.adaptors.spnego.authentication.handler.support.JCIFSConfig">
          <property name="jcifsKerberosEnable" value="false" />
          <property name="jcifsServicePrincipal"
value="HTTP/[EMAIL PROTECTED]" />
          <property name="jcifsServicePassword" value="*******" />
          <property name="kerberosDebug" value="true" />
          <property name="kerberosRealm" value="KEYPHRENE.COM" />
          <property name="kerberosKdc" value="10.83.198.4" />
          <property name="loginConf" value="/WEB-INF/login.conf" />
        </bean>

In the first time, I would use only the NTLM handler.
But I don't understand the jcifsServicePrincipal parameter.
Can you explain me the pattern of jcifsServicePrincipal, what mean the
HTTP/ pattern?


Vincent Jaulin

_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas

Re: Spnego and Cas configuration

Reply via email to