We have an existing set of 5 applications that we are trying to CASisfy (4 Cold Fusion apps, and 1 Java app). The client would like to use the existing login screens. The login screens also have additional password management function besides just login, such as Change Password, Forgot Password, and Email System Admin.
The latest idea is to move these additional functions into the CAS implementation as JSP files. (They are currently implemented in Cold Fusion (*.cfm).) Is it possible to redirect the user back to the original application after doing some additional operations in CAS, besides just authenticating? For example, their password might expire, and they might need to create a new password. After that, they should be directed back to the original application. ________________________________ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Scott Battaglia Sent: Monday, September 24, 2007 2:19 PM To: Yale CAS mailing list Subject: Re: CAS Authentication Error Clifford, Can you confirm that the service url you sent on authentication request exactly matches the service url sent on ticket validation? Since you're using a version older than CAS 3.1, you'll need to check the access logs to confirm this (or attempt to discern it from the web.xml). -Scott On 9/24/07, Clifford Bryant <[EMAIL PROTECTED]> wrote: Hello, I am trying to implement CAS in a Cold Fusion app. The CAS servlet filter was added to the CF web.xml, and the casclient.jar was added to the CF WEB-INF/lib. The app redirects to the CAS login page, and it looks as though the authentication is valid. But, a servlet exception is thrown (See below.). 2007-09-24 11:46:56,447 INFO [org.jasig.cas.web.flow.AutomaticCookiePathSetterAction] - <Setting ContextPath for cookies to: /cas> 2007-09-24 11:47:10,345 INFO [org.jasig.cas.authentication.AuthenticationManagerImpl] - <AuthenticationHandler: com.rs.cas.authentication.RSCasAuthenticationHandler successfully authenticated the user which provided the following credentials: Admin100> 2007-09-24 11:47:10,370 INFO [org.jasig.cas.CentralAuthenticationServiceImpl] - <Granted service ticket [ST-2-9TslNwdujd739Sk7cVAXqPxBZS39dklt5wr-20] for service [http://rsdev01:8443/golddev/hmm/default.cfm] for user [Admin100]> SEVERE: Servlet.service() for servlet CfmServlet threw exception javax.servlet.ServletException: CAS authentication error: INVALID_SERVICE: ticket 'ST-2-9TslNwdujd739Sk7cVAXqPxBZS39dklt5wr-20' does not match supplied service at edu.yale.its.tp.cas.client.filter.CASFilter.getAuthenticatedUser(CASFilt er.java:220) at edu.yale.its.tp.cas.client.filter.CASFilter.doFilter(CASFilter.java:184) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Applica tionFilterChain.java:215) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilt erChain.java:188) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValv e.java:210) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValv e.java:174) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java :127) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java :117) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve. java:108) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:1 51) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:87 0) at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.proc essConnection(Http11BaseProtocol.java:665) at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint .java:528) at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollow erWorkerThread.java:81) at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool .java:685) at java.lang.Thread.run(Thread.java:534) Cliff Bryant This e-mail and any files transmitted with it are confidential and are intended solely for the use of the individual or entity to whom they are addressed. This communication may contain information that is protected from disclosure by applicable law. If you are not the intended recipient, or the employee or agent responsible for delivering this communication to the intended recipient, be advised that you have received this e-mail in error and any use, dissemination, forwarding, printing or copying of this e-mail is strictly prohibited. If you believe that you have received this e-mail in error, please immediately notify Edgewater Technology by telephone at (781) 246-3343 and delete the communication from all e-mail files. _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas -- -Scott Battaglia LinkedIn: http://www.linkedin.com/in/scottbattaglia This e-mail and any files transmitted with it are confidential and are intended solely for the use of the individual or entity to whom they are addressed. This communication may contain information that is protected from disclosure by applicable law. If you are not the intended recipient, or the employee or agent responsible for delivering this communication to the intended recipient, be advised that you have received this e-mail in error and any use, dissemination, forwarding, printing or copying of this e-mail is strictly prohibited. If you believe that you have received this e-mail in error, please immediately notify Edgewater Technology by telephone at (781) 246-3343 and delete the communication from all e-mail files.
_______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
