Cliff, If you modified the ServiceTicket timeout you could have a ServiceTicket last longer. If you do that then it is possible to modify the flow of the login process to do some other task before redirecting. Obviously, we don't recommend excessively long service ticket timeouts.
-Scott On 9/24/07, Clifford Bryant <[EMAIL PROTECTED]> wrote: > > We have an existing set of 5 applications that we are trying to CASisfy > (4 Cold Fusion apps, and 1 Java app). The client would like to use the > existing login screens. The login screens also have additional password > management function besides just login, such as Change Password, Forgot > Password, and Email System Admin. > > > > The latest idea is to move these additional functions into the CAS > implementation as JSP files. (They are currently implemented in Cold Fusion > (*.cfm).) Is it possible to redirect the user back to the original > application after doing some additional operations in CAS, besides just > authenticating? For example, their password might expire, and they might > need to create a new password. After that, they should be directed back to > the original application. > > > ------------------------------ > > *From:* [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] *On > Behalf Of *Scott Battaglia > *Sent:* Monday, September 24, 2007 2:19 PM > *To:* Yale CAS mailing list > *Subject:* Re: CAS Authentication Error > > > > Clifford, > > Can you confirm that the service url you sent on authentication request > exactly matches the service url sent on ticket validation? > > Since you're using a version older than CAS 3.1, you'll need to check the > access logs to confirm this (or attempt to discern it from the web.xml). > > -Scott > > On 9/24/07, *Clifford Bryant* <[EMAIL PROTECTED]> wrote: > > Hello, > > > > I am trying to implement CAS in a Cold Fusion app. The CAS servlet filter > was added to the CF web.xml, and the casclient.jar was added to the CF > WEB-INF/lib. The app redirects to the CAS login page, and it looks as > though the authentication is valid. But, a servlet exception is thrown (See > below.). > > > > 2007-09-24 11:46:56,447 INFO [ > org.jasig.cas.web.flow.AutomaticCookiePathSetterAction] - <Setting > ContextPath for cookies to: /cas> > > 2007-09-24 11:47:10,345 INFO [ > org.jasig.cas.authentication.AuthenticationManagerImpl] - > <AuthenticationHandler: > com.rs.cas.authentication.RSCasAuthenticationHandler successfully > authenticated the user which provided the following credentials: Admin100> > > 2007-09-24 11:47:10,370 INFO [ > org.jasig.cas.CentralAuthenticationServiceImpl] - <Granted service ticket > [ST-2-9TslNwdujd739Sk7cVAXqPxBZS39dklt5wr-20] for service [ > http://rsdev01:8443/golddev/hmm/default.cfm] for user [Admin100]> > > > > SEVERE: Servlet.service() for servlet CfmServlet threw exception > > javax.servlet.ServletException: CAS authentication error: INVALID_SERVICE: > ticket 'ST-2-9TslNwdujd739Sk7cVAXqPxBZS39dklt5wr-20' does not match supplied > service > > at > edu.yale.its.tp.cas.client.filter.CASFilter.getAuthenticatedUser( > CASFilter.java:220) > > at edu.yale.its.tp.cas.client.filter.CASFilter.doFilter( > CASFilter.java:184) > > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter( > ApplicationFilterChain.java:215) > > at org.apache.catalina.core.ApplicationFilterChain.doFilter( > ApplicationFilterChain.java:188) > > at org.apache.catalina.core.StandardWrapperValve.invoke( > StandardWrapperValve.java:210) > > at org.apache.catalina.core.StandardContextValve.invoke( > StandardContextValve.java:174) > > at org.apache.catalina.core.StandardHostValve.invoke( > StandardHostValve.java:127) > > at org.apache.catalina.valves.ErrorReportValve.invoke( > ErrorReportValve.java:117) > > at org.apache.catalina.core.StandardEngineValve.invoke( > StandardEngineValve.java:108) > > at org.apache.catalina.connector.CoyoteAdapter.service( > CoyoteAdapter.java:151) > > at org.apache.coyote.http11.Http11Processor.process( > Http11Processor.java:870) > > at > org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection > (Http11BaseProtocol.java:665) > > at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket( > PoolTcpEndpoint.java:528) > > at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt( > LeaderFollowerWorkerThread.java:81) > > at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run( > ThreadPool.java:685) > > at java.lang.Thread.run(Thread.java:534) > > > > Cliff Bryant > > > > This e-mail and any files transmitted with it are confidential and are > intended solely for the use of the individual or entity to whom they are > addressed. This communication may contain information that is protected from > disclosure by applicable law. If you are not the intended recipient, or the > employee or agent responsible for delivering this communication to the > intended recipient, be advised that you have received this e-mail in error > and any use, dissemination, forwarding, printing or copying of this e-mail is > strictly prohibited. If you believe that you have received this e-mail in > error, please immediately notify Edgewater Technology by telephone at (781) > 246-3343 and delete the communication from all e-mail files. > > > > > _______________________________________________ > Yale CAS mailing list > [email protected] > http://tp.its.yale.edu/mailman/listinfo/cas > > > > > -- > -Scott Battaglia > > LinkedIn: http://www.linkedin.com/in/scottbattaglia > > This e-mail and any files transmitted with it are confidential and are > intended solely for the use of the individual or entity to whom they are > addressed. This communication may contain information that is protected from > disclosure by applicable law. If you are not the intended recipient, or the > employee or agent responsible for delivering this communication to the > intended recipient, be advised that you have received this e-mail in error > and any use, dissemination, forwarding, printing or copying of this e-mail is > strictly prohibited. If you believe that you have received this e-mail in > error, please immediately notify Edgewater Technology by telephone at (781) > 246-3343 and delete the communication from all e-mail files. > > > _______________________________________________ > Yale CAS mailing list > [email protected] > http://tp.its.yale.edu/mailman/listinfo/cas > > -- -Scott Battaglia LinkedIn: http://www.linkedin.com/in/scottbattaglia
_______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
