1. Ahh, thanks a lot, are there any dedactic documents about learning how to
deal with CAS?
I searched around on the Web Site ja-sig but did'n understand yet what
proxying is for.
2. Please support examples for JavaWebStart scenarios, many people are
looking for this.
3. I think in my example below the first validation of the ticket takes
place in the web.xml configured
CASFilter. This is my quite usual scenario:
- Press a web Link to start a Java Web Start application
- Do CAS authentication by a CASFilter servletFilter (well documented)
- foreward to the webStartApp startpage
- start webstart Application
- validate the passed ticket argument -ticket = "ST-xxxoioieodiox"
(here the ticket is allready validated and therefore the answer from
TicketValidator.validate() is 'INVALID')
If access to the webStart application is exclusively restricted to the
website hosting it
and without any option to start it directly from the client (by icon)
then everything would be ok, no second validation would be required.
But WebStartApps usually can be started from local clients by icon.
So i have to present a local login screen that must do its own CAS
Validation (also ok).
But when called from the CASFilter, with already validated ticket,
i have to formulate an argument for bypassing another local login screen.
In this case, is validating by argument ticket != null then really
sufficient.
Is the no possibility for a caller to start the local WebStartApp and
passing any
parameter value for ticket != null?
4. May be im too novice user, but i think a complete exemple for this quite
usual case should be interesting
for quite a lot of CAS Users and future ones. I saw a lot of web posts in
different groups, but no answers.
5. If proxying ist the right usage for this, how is it done ?
Thanks a lot,
Markus
_____
Von: Scott Battaglia [mailto:[EMAIL PROTECTED]
Gesendet: Samstag, 20. Januar 2007 23:00
An: [EMAIL PROTECTED]; Yale CAS mailing list
Betreff: Re: CAS Java Client (Yale) - ServiceTicketValidator.validate()
allways returns INVALID_TICKET ticket 'ST-...' not recognized
If the application has received the ticket as an argument, it can validate
the ticket using the method you specified. However it can only do this *if*
you have not already validated the ticket. If whatever application
generated the webstart url validated the ticket already then you need to
obtain a new ticket (you probably want proxying then).
-Scott
On 1/19/07, Dr. M.Olbrich <[EMAIL PROTECTED]> wrote:
But what for are these CAS Client classes "ServiceTicketValidator" then ?
How can i validate a Ticket in a Java WebStart Application
that has received this ticket as an argument?
I saw a lot of posts about that about 3 years old.
Are there any news about that.
_____
Von: t ray [mailto:[EMAIL PROTECTED]
Gesendet: Freitag, 19. Januar 2007 01:41
An: [EMAIL PROTECTED]; [email protected]
Betreff: Re: CAS Java Client (Yale) - ServiceTicketValidator.validate()
allways returns INVALID_TICKET ticket 'ST-...' not recognized
FYI- I had a very similar problem recently and it turned out that I was
validating the ticket AND I had set up the filter in Tomcat. You need to do
only one of them. If the filter is set up under Tomcat, then the ticket that
your application receives has already been validated and is no longer
useful. I don't think you can pass around the same ticket like you are
planning to. Tickets are one time use only.
----- Original Message ----
From: Dr. M.Olbrich <[EMAIL PROTECTED]>
To: [email protected]
Sent: Thursday, January 18, 2007 12:41:25 AM
Subject: CAS Java Client (Yale) - ServiceTicketValidator.validate() allways
returns INVALID_TICKET ticket 'ST-...' not recognized
Hi CAS users and experts, (this is a beginners question),
i try to use Cas Java Client 2.1.1 and try to validate a given ticket in a
Java App. (should be a Test for JavaWebStart Apps)
I constructed a very simple dumb example, where the just received valid
ticket should again
be validated by ServiceTicketValidator.validate(); in a servlet, but it
allways returns INVALID_TICKET ticket 'ST-...' not recognized.
Where is my mistake please.
Later on i'd like to pass the ticket as argument to a WebStart App and let
the app call ServiceTicketValidator.validate().
best regards
Markus
########################################
My example servlet receives a valid ticket (this is the log from CAS)
########################################
2007-01-17 15:58:05,562 INFO
[org.jasig.cas.authentication.AuthenticationManagerImpl] -
<AuthenticationHandler:
org.jasig.cas.authentication.handler.support.SimpleTestUsernamePasswordAuthe
nticationHandler successfully authenticated the user which provided the
following credentials: ee>
2007-01-17 15:58:05,562 INFO
[org.jasig.cas.CentralAuthenticationServiceImpl] - <Granted service ticket
[ST-7-7yrg1yX9M6KSgGqQLwXlgZVGee4SXZ2EFox-20] for service [
<https://vwplan.wob.vw.vwg:8093/VISystem/vwplan_visystem_pruefgelaende_index
.jsp>
https://vwplan.wob.vw.vwg:8093/VISystem/vwplan_visystem_pruefgelaende_index.
jsp] for user [ee]>
########################################
This is the servlet code:
########################################
<html>
<head>
<p> ##### CAS Filter is set up in web.xml ####</p>
<p> ##### This Servlet itself is the serviceURL
("https://vwplan.wob.vw.vwg:8093/VISystem/vwplan_visystem_pruefgelaende_inde
x.jsp
<https://vwplan.wob.vw.vwg:8093/VISystem/vwplan_visystem_pruefgelaende_index
.jsp> ")
which is called after successful CAS Login Page
####</p>
</head>
<body>
<%
out.println("cas
user="+session.getAttribute("edu.yale.its.tp.cas.client.filter.user"));
out.println("<br><br>");
out.println("cas
receipt="+session.getAttribute("edu.yale.its.tp.cas.client.filter.receipt"))
;
out.println("<br><br>");
String ticket = request.getParameter("ticket");
out.println("cas ticket=#"+ticket+"#");
out.println("<br><br>");
if(ticket!=null) {
try {
edu.yale.its.tp.cas.client.ServiceTicketValidator sv = new
edu.yale.its.tp.cas.client.ServiceTicketValidator();
sv.setCasValidateUrl(" <https://vwplan.wob.vw.vwg:8093/cas/serviceValidate>
https://vwplan.wob.vw.vwg:8093/cas/serviceValidate";);
sv.setService("
<https://vwplan.wob.vw.vwg:8093/VISystem/vwplan_visystem_pruefgelaende_index
.jsp>
https://vwplan.wob.vw.vwg:8093/VISystem/vwplan_visystem_pruefgelaende_index.
jsp");
sv.setServiceTicket(ticket);
sv.validate();
out.println("My JSP... sv.validate()");
String xmlResponse = sv.getResponse();
if(sv.isAuthenticationSuccesful()) {
String user = sv.getUser();
out.println("... sv.isAuthenticationSuccesful() user ="+user);
} else {
throw new Exception(sv.getErrorCode()+" "+sv.getErrorMessage());
}
} catch (Exception exc) {
out.println(exc.getMessage());
}
}
%>
</body>
</html>
########################################
This is the output the servlet generates, where
ServiceTicketValidator.validate() allways returns INVALID_TICKET ticket
'ST-7-...' not recognized
########################################
cas user=ee
cas receipt=[edu.yale.its.tp.cas.client.CASReceipt userName=[ee]
casValidateUrl=[https://vwplan.wob.vw.vwg:8093/cas/serviceValidate]
proxyCallbackUrl=[null] pgtIou=[null]
casValidateUrl=[https://vwplan.wob.vw.vwg:8093/cas/serviceValidate
<https://vwplan.wob.vw.vwg:8093/cas/serviceValidate> ] proxyList=[[]]]
cas ticket=#ST-7-7yrg1yX9M6KSgGqQLwXlgZVGee4SXZ2EFox-20#
My JSP... sv.validate() INVALID_TICKET ticket
'ST-7-7yrg1yX9M6KSgGqQLwXlgZVGee4SXZ2EFox-20' not recognized
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
_____
Check out the all-new Yahoo! Mail beta
<http://us.rd.yahoo.com/evt=43257/*http://advision.webevents.yahoo.com/mailb
eta> - Fire up a more powerful email and get things done faster.
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
