Scott Battaglia <[EMAIL PROTECTED]> writes: > > > Mark,I've gotten the following directions from Ryan, who has previously done > Google Apps integration. Please let me know which one works and I will > update the wiki to reflect it (or if you want to update it, feel free too ).
State of the Goog... Note: I saw a post on the list which sent me to the CAS bug tracker entry about adding a Google entry to the applicationContext.xml page. I've already added that line before I ran these tests. The openssl instructions were substantially what I was doing before, except I was trying to use 2048 bit keys. I tried again with 1024 bit keys (just in case), with the same results. With OpenSSL, neither RSA nor DSA keys worked, encoded in DER format (PEM was right out). I then used the KeyGen java class to generate the key pair, and that worked right off of the bat. CAS started up with no errors. I uploaded the public key to Google and put in the URL for CAS login. I enabled the SSO and saved the settings on the google admin page. Going to the URL for our google test domain properly redirects me to the CAS test server, which asks me for credentials. I login to CAS, but instead of redirecting me back to Gmail, I get the CAS "Log In Successful" page. Any ideas of what else to look for, or other debugging I should turn on? ==== log with tons of debugging on ==== 2007-06-29 15:19:30,287 DEBUG [org.jasig.cas.web.flow.InitialFlowSetupAction] - Action 'InitialFlowSetupAction' completed execution; result is 'success' 2007-06-29 15:19:30,288 DEBUG [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Action 'AuthenticationViaFormAction' beginning execution 2007-06-29 15:19:30,288 DEBUG [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Executing setupForm 2007-06-29 15:19:30,289 DEBUG [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Creating new form object with name 'credentials' 2007-06-29 15:19:30,289 DEBUG [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Creating new instance of form object class [class org.jasig.cas.authentication.principal.UsernamePasswordCredentials] 2007-06-29 15:19:30,290 DEBUG [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Putting form object of type [class org.jasig.cas.authentication.principal.UsernamePasswordCredentials] in scope Flow with name 'credentials' 2007-06-29 15:19:30,290 DEBUG [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Creating new form errors for object with name 'credentials' 2007-06-29 15:19:30,290 DEBUG [org.jasig.cas.web.flow.AuthenticationViaFormAction] - No property editor registrar set, no custom editors to register 2007-06-29 15:19:30,291 DEBUG [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Putting form errors instance in scope Flash 2007-06-29 15:19:30,291 DEBUG [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Action 'AuthenticationViaFormAction' completed execution; result is 'success' 2007-06-29 15:19:37,058 DEBUG [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Action 'AuthenticationViaFormAction' beginning execution 2007-06-29 15:19:37,059 DEBUG [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Executing bind 2007-06-29 15:19:37,060 DEBUG [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Found existing form object with name 'credentials' of type [class org.jasig.cas.authentication.principal.UsernamePasswordCredentials] in scope Flow 2007-06-29 15:19:37,060 DEBUG [org.jasig.cas.web.flow.AuthenticationViaFormAction] - No property editor registrar set, no custom editors to register 2007-06-29 15:19:37,083 DEBUG [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Binding allowed request parameters in map['lt' -> '_cF290B832-D888-8B09-205B-B541FF10E6B4_k929174E5-2CB5-9969-861E-937790087875', '_eventId' -> 'submit', 'password' -> '**********', 'RelayState' -> 'https://www.google.com/a/testmail.utsa.edu/ServiceLogin?service=mail&passive=true&rm=false&continue=http%3A%2F%2Fmail.google.com%2Fa%2Ftestmail.utsa.edu<mpl=default<mplcache=2', 'SAMLRequest' -> 'fZJNTxsxEIbvSP0Plu/7kVQqxcouSkGokWhZJUsPvQ3e2cSJP7YeO4F/j7MBAYdyHc/M+7yvZ3b5aDTboyflbMUneckZWuk6ZdcVv29vsu/8sv5yNiMwehDzGDZ2if8iUmBp0pIYHyoevRUOSJGwYJBEkGI1/3UrpnkpBu+Ck05ztriu+Lbvhp3Zmh30sAEL/WAQO2nkA7q17tFp6bbbXc/Zn1es6RFrQRRxYSmADalUludZ+S2bXrTTUkwuxNfzv5w1L0o/lD05+Azr4dRE4mfbNllzt2rHBXvVof+duiu+dokIc+kMZ3Mi9CHhXDlL0aBfod8riffL24pvQhhIFMXhcMjfhgooQgrKgNJ5DAQ5drEASUcvDRCpfdLoQRPyegxYjB79u2Q/dwCvTLx+U50V71bVLx939LO4bpxW8onNtXaHK48Qkn7wETm7cd5A+L/aJJ+MFdVl/dgqoqUBpeoVdpwV9Un144Wku3kG', 'username' -> '**********'] to form object with name 'credentials', pre-bind formObject toString = null 2007-06-29 15:19:37,084 DEBUG [org.jasig.cas.web.flow.AuthenticationViaFormAction] - (Any field is allowed) 2007-06-29 15:19:37,092 DEBUG [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Binding completed for form object with name 'credentials', post-bind formObject toString = ********** 2007-06-29 15:19:37,093 DEBUG [org.jasig.cas.web.flow.AuthenticationViaFormAction] - There are [0] errors, details: [] 2007-06-29 15:19:37,093 DEBUG [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Executing validation 2007-06-29 15:19:37,094 DEBUG [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Invoking validator [EMAIL PROTECTED] 2007-06-29 15:19:37,098 DEBUG [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Validation completed for form object 2007-06-29 15:19:37,099 DEBUG [org.jasig.cas.web.flow.AuthenticationViaFormAction] - There are [0] errors, details: [] 2007-06-29 15:19:37,099 DEBUG [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Putting form errors instance in scope Flash 2007-06-29 15:19:37,099 DEBUG [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Action 'AuthenticationViaFormAction' completed execution; result is 'success' 2007-06-29 15:19:37,100 DEBUG [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Action 'AuthenticationViaFormAction' beginning execution 2007-06-29 15:19:37,100 DEBUG [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Found existing form object with name 'credentials' of type [class org.jasig.cas.authentication.principal.UsernamePasswordCredentials] in scope Flow 2007-06-29 15:19:39,286 INFO [org.jasig.cas.authentication.AuthenticationManagerImpl] - AuthenticationHandler: org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler successfully authenticated the user which provided the following credentials: ********** 2007-06-29 15:19:39,305 DEBUG [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Action 'AuthenticationViaFormAction' completed execution; result is 'success' 2007-06-29 15:19:39,306 DEBUG [org.jasig.cas.web.flow.SendTicketGrantingTicketAction] - Action 'SendTicketGrantingTicketAction' beginning execution 2007-06-29 15:19:39,306 DEBUG [org.jasig.cas.web.flow.SendTicketGrantingTicketAction] - Action 'SendTicketGrantingTicketAction' completed execution; result is 'success' 2007-06-29 15:19:41,511 INFO [org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] - Starting cleaning of expired tickets from ticket registry at [Fri Jun 29 15:19:41 CDT 2007] 2007-06-29 15:19:41,513 INFO [org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] - 0 found to be removed. Removing now. 2007-06-29 15:19:41,514 INFO [org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] - Finished cleaning of expired tickets from ticket registry at [Fri Jun 29 15:19:41 CDT 2007] ---- Mark McCoy Enterprise Unix Group Office of Information Technology The University of Texas at San Antonio (210) 458-5871
_______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
