Hi Scott, I have followed your instructions and updated JVM to : java version "1.6.0_02" Java(TM) SE Runtime Environment (build 1.6.0_02-b05) Java HotSpot(TM) Server VM (build 1.6.0_02-b05, mixed mode)
Now I get the following error: java.lang.RuntimeException: Error signing SAML element: http://www.w3.org/2000/09/xmldsig#enveloped-signature algorithm and DOM mechanism not available org.jasig.cas.util.SamlUtils.signSamlElement(SamlUtils.java:165) org.jasig.cas.util.SamlUtils.signSamlResponse(SamlUtils.java:79) org.jasig.cas.authentication.principal.GoogleAccountsService.getResponse(GoogleAccountsService.java:131) org.jasig.cas.web.flow.DynamicRedirectViewSelector.makeEntrySelection(DynamicRedirectViewSelector.java:42) org.springframework.webflow.engine.EndState.doEnter(EndState.java:138) org.springframework.webflow.engine.State.enter(State.java:200) org.springframework.webflow.engine.Transition.execute(Transition.java:229) org.springframework.webflow.engine.DecisionState.doEnter(DecisionState.java:58) org.springframework.webflow.engine.State.enter(State.java:200) org.springframework.webflow.engine.Transition.execute(Transition.java:229) org.springframework.webflow.engine.TransitionableState.onEvent(TransitionableState.java:112) org.springframework.webflow.engine.Flow.onEvent(Flow.java:572) org.springframework.webflow.engine.impl.RequestControlContextImpl.signalEvent(RequestControlContextImpl.java:208) org.springframework.webflow.engine.ActionState.doEnter(ActionState.java:185) org.springframework.webflow.engine.State.enter(State.java:200) org.springframework.webflow.engine.Transition.execute(Transition.java:229) org.springframework.webflow.engine.DecisionState.doEnter(DecisionState.java:58) org.springframework.webflow.engine.State.enter(State.java:200) org.springframework.webflow.engine.Transition.execute(Transition.java:229) org.springframework.webflow.engine.DecisionState.doEnter(DecisionState.java:58) org.springframework.webflow.engine.State.enter(State.java:200) org.springframework.webflow.engine.Transition.execute(Transition.java:229) org.springframework.webflow.engine.DecisionState.doEnter(DecisionState.java:58) org.springframework.webflow.engine.State.enter(State.java:200) org.springframework.webflow.engine.Transition.execute(Transition.java:229) org.springframework.webflow.engine.TransitionableState.onEvent(TransitionableState.java:112) org.springframework.webflow.engine.Flow.onEvent(Flow.java:572) org.springframework.webflow.engine.impl.RequestControlContextImpl.signalEvent(RequestControlContextImpl.java:208) org.springframework.webflow.engine.ActionState.doEnter(ActionState.java:185) org.springframework.webflow.engine.State.enter(State.java:200) org.springframework.webflow.engine.Flow.start(Flow.java:557) org.springframework.webflow.engine.impl.RequestControlContextImpl.start(RequestControlContextImpl.java:196) org.springframework.webflow.engine.impl.FlowExecutionImpl.start(FlowExecutionImpl.java:189) org.springframework.webflow.executor.FlowExecutorImpl.launch(FlowExecutorImpl.java:206) org.springframework.webflow.executor.support.FlowRequestHandler.handleFlowRequest(FlowRequestHandler.java:131) org.springframework.webflow.executor.mvc.FlowController.handleRequestInternal(FlowController.java:172) org.springframework.web.servlet.mvc.AbstractController.handleRequest(AbstractController.java:153) org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter.handle(SimpleControllerHandlerAdapter.java:48) org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:857) org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:792) org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:475) org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:430) javax.servlet.http.HttpServlet.service(HttpServlet.java:689) javax.servlet.http.HttpServlet.service(HttpServlet.java:802) Thank you, Angel Quintana org.jasig.cas.web.init.SafeDispatcherServlet.service(SafeDispatcherServlet.java:115) ----- Original Message ---- From: Scott Battaglia <[EMAIL PROTECTED]> To: Yale CAS mailing list <[email protected]> Sent: Friday, October 5, 2007 6:54:20 PM Subject: Re: SAML 2.0 (Google Accounts Integration) Which combination of OS/JVM are you using? Linux, Unix, etc. variants lack the proper Sun classes if using a JVM before 1.6. On Windows, it seems like JVM 1.5 Update 8 or higher has them. -Scott On 10/5/07, Angel Q <[EMAIL PROTECTED]> wrote: ok :) whith cas/login I get this error: I assume the class is missing... right? thanks java.lang.NoClassDefFoundError: com/sun/org/apache/xml/internal/security/utils/UnsyncBufferedOutputStream org.jcp.xml.dsig.internal.dom.DOMXMLSignatureFactory.newReference(DOMXMLSignatureFactory.java :58) org.jasig.cas.util.SamlUtils.signSamlElement(SamlUtils.java:110) org.jasig.cas.util.SamlUtils.signSamlResponse(SamlUtils.java:79) org.jasig.cas.authentication.principal.GoogleAccountsService.getResponse(GoogleAccountsService.java :131) org.jasig.cas.web.flow.DynamicRedirectViewSelector.makeEntrySelection(DynamicRedirectViewSelector.java:42) org.springframework.webflow.engine.EndState.doEnter(EndState.java:138) org.springframework.webflow.engine.State.enter(State.java:200) org.springframework.webflow.engine.Transition.execute(Transition.java:229) org.springframework.webflow.engine.DecisionState.doEnter(DecisionState.java :58) org.springframework.webflow.engine.State.enter(State.java:200) org.springframework.webflow.engine.Transition.execute(Transition.java:229) org.springframework.webflow.engine.TransitionableState.onEvent(TransitionableState.java :112) org.springframework.webflow.engine.Flow.onEvent(Flow.java:572) org.springframework.webflow.engine.impl.RequestControlContextImpl.signalEvent(RequestControlContextImpl.java:208) org.springframework.webflow.engine.ActionState.doEnter (ActionState.java:185) org.springframework.webflow.engine.State.enter(State.java:200) org.springframework.webflow.engine.Transition.execute(Transition.java:229) org.springframework.webflow.engine.DecisionState.doEnter(DecisionState.java:58) org.springframework.webflow.engine.State.enter(State.java:200) org.springframework.webflow.engine.Transition.execute(Transition.java :229) org.springframework.webflow.engine.TransitionableState.onEvent(TransitionableState.java:112) org.springframework.webflow.engine.Flow.onEvent(Flow.java:572) org.springframework.webflow.engine.impl.RequestControlContextImpl.signalEvent (RequestControlContextImpl.java:208) org.springframework.webflow.engine.ActionState.doEnter(ActionState.java:185) org.springframework.webflow.engine.State.enter(State.java:200) org.springframework.webflow.engine.Transition.execute (Transition.java:229) org.springframework.webflow.engine.TransitionableState.onEvent(TransitionableState.java:112) org.springframework.webflow.engine.Flow.onEvent(Flow.java:572) org.springframework.webflow.engine.impl.RequestControlContextImpl.signalEvent(RequestControlContextImpl.java:208) org.springframework.webflow.engine.ActionState.doEnter(ActionState.java:185) org.springframework.webflow.engine.State.enter (State.java:200) org.springframework.webflow.engine.Transition.execute(Transition.java:229) org.springframework.webflow.engine.TransitionableState.onEvent(TransitionableState.java:112) org.springframework.webflow.engine.Flow.onEvent (Flow.java:572) org.springframework.webflow.engine.impl.RequestControlContextImpl.signalEvent(RequestControlContextImpl.java:208) org.springframework.webflow.engine.ActionState.doEnter(ActionState.java:185) org.springframework.webflow.engine.State.enter (State.java:200) org.springframework.webflow.engine.Transition.execute(Transition.java:229) org.springframework.webflow.engine.TransitionableState.onEvent(TransitionableState.java:112) org.springframework.webflow.engine.Flow.onEvent(Flow.java:572) org.springframework.webflow.engine.impl.RequestControlContextImpl.signalEvent(RequestControlContextImpl.java:208) org.springframework.webflow.engine.impl.FlowExecutionImpl.signalEvent (FlowExecutionImpl.java:214) org.springframework.webflow.executor.FlowExecutorImpl.resume(FlowExecutorImpl.java:245) org.springframework.webflow.executor.support.FlowRequestHandler.handleFlowRequest(FlowRequestHandler.java :115) org.springframework.webflow.executor.mvc.FlowController.handleRequestInternal(FlowController.java:172) org.springframework.web.servlet.mvc.AbstractController.handleRequest(AbstractController.java:153) org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter.handle (SimpleControllerHandlerAdapter.java:48) org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:857) org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:792) org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:475) org.springframework.web.servlet.FrameworkServlet.doPost (FrameworkServlet.java:440) javax.servlet.http.HttpServlet.service(HttpServlet.java:709) javax.servlet.http.HttpServlet.service(HttpServlet.java:802) org.jasig.cas.web.init.SafeDispatcherServlet.service (SafeDispatcherServlet.java:115) ----- Original Message ---- From: Scott Battaglia < [EMAIL PROTECTED]> To: Yale CAS mailing list <[email protected]> Sent: Friday, October 5, 2007 3:53:31 PM Subject: Re: SAML 2.0 (Google Accounts Integration) A SAMLRequest should only go to the /login page. Its a request to login. If you've correctly configured the GoogleAccountsArgumentExtractor it should recognize the SAMLRequest. -Scott On 10/5/07, Angel Q <[EMAIL PROTECTED]> wrote: following up my previous message: I have checked with all these different options: /login /validate /serviceValidate /samlValidate /proxy /proxyValidate /CentralAuthenticationService none of them work, some state that I have parameters missing. As an example I get this error on the samlValidate option: 2007-10-05 13:37:26,385 ERROR [org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/cas].[cas]] - Servlet.service() para servlet cas lanzó excepción java.lang.NullPointerException at org.jasig.cas.web.view.Saml10FailureResponseView.renderMergedOutputModel(Saml10FailureResponseView.java:38) at org.springframework.web.servlet.view.AbstractView.render(AbstractView.java:243) at org.springframework.web.servlet.DispatcherServlet.render (DispatcherServlet.java:1141) at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:878) at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java :792) at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:475) at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:430) at javax.servlet.http.HttpServlet.service(HttpServlet.java:689) at javax.servlet.http.HttpServlet.service(HttpServlet.java:802) at org.jasig.cas.web.init.SafeDispatcherServlet.service(SafeDispatcherServlet.java :115) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105) at org.apache.catalina.core.StandardEngineValve.invoke (StandardEngineValve.java:107) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869) at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664) at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527) at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80) at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684) at java.lang.Thread.run (Thread.java:595) Tnaks a lot Angel Quintana ----- Original Message ---- From: Angel Q < [EMAIL PROTECTED]> To: Yale CAS mailing list <[email protected]> Sent: Friday, October 5, 2007 3:15:05 PM Subject: Re: SAML 2.0 (Google Accounts Integration) Hi Scott, Thanks for your reply. Where should the SAMLRequest be sent to from the google site? I was sending it to my sites login page, but it maybe wrong.... from the flow in here: http://code.google.com/apis/apps/sso/saml_workflow_vertical.gif where should the step 4 be ? where do I receive the SALMRequest on my cas installation? Is there an automated way to register users? as is now I am preaty sure I have them syncronized. Thanks a lot Angel ----- Original Message ---- From: Scott Battaglia <[EMAIL PROTECTED]> To: Yale CAS mailing list < [email protected]> Sent: Friday, October 5, 2007 2:38:30 PM Subject: Re: SAML 2.0 (Google Accounts Integration) I believe its the responsibility of you (or your organization) to synchronize your user repository with Google Apps internal database. Other than that once you've integrated CAS and Google Apps together it should work. -Scott On 10/4/07, Angel Q < [EMAIL PROTECTED]> wrote: Hi Scott, Thanks for our time and patience :) But then, how do I inform google the username and password for the login? I've seen that on the org.jasig.cas.web.support.GoogleAccountsArgumentExtractorBut I do not see anywhere how to feed that info to the process. If I have prevously logged in onto google I get access to it's tools (as in https://www.google.com/a/psosamldemo.net/acs) and the whole flow works fine (login, logout and password change page). So, what I think I am only missing is telling google who the user is. in http://code.google.com/apis/apps/sso/saml_reference_implementation_web.html it would be: [EMAIL PROTECTED] Thank you so much. Angel ----- Original Message ---- From: Scott Battaglia < [EMAIL PROTECTED]> To: Yale CAS mailing list < [email protected]> Sent: Thursday, October 4, 2007 9:41:12 PM Subject: Re: SAML 2.0 (Google Accounts Integration) My comments are in-line. On 10/4/07, Angel Q <[EMAIL PROTECTED] > wrote: Hi Scott, I realize my previous email did not have enough info on my status, I will try again: I gave been through the SAML 2.0 (Google Accounts Integration) and works aparently fine, but what I need now is to store the google account data and generate the session in google apps. I'm not sure what google account data you mean, nor what session you need. Integrating Google Apps and CAS together can be accomplished on the page provided. There is some configuration that needs to be done in Google Apps (the links on the page provided previously detail that). Google Apps manages its own session once it receives the authentication information from CAS. cas-servlet.xml and the google account are configured but I feel I am missing the info on where to generate the google ticket (session). If someone goes to Google Apps and tries to log in it should redirect them to CAS and then the normal flow occurs. Also, what about "/cas/services/manage.html"? is this necessary? what is it for exactly? I had some trouble until I found out it was "/cas/services/j_acegi_cas_security_check" what I had to have as the 1st entry LOL This is an optional tool for controlling access to CAS for various services. -Scott Thanks a lot!! Angel ----- Original Message ---- From: Scott Battaglia < [EMAIL PROTECTED]> To: Yale CAS mailing list <[email protected]> Sent: Thursday, October 4, 2007 3:28:35 PM Subject: Re: SAML 2.0 (Google Accounts Integration) We have documentation here: http://www.ja-sig.org/wiki/display/CASUM/SAML+2.0+%28Google+Accounts+Integration%29 Hope that helps. -Scott On 10/4/07, Angel Q < [EMAIL PROTECTED]> wrote: Hello there, I have done everything I have found on the docs to connect my CAS server to Google Apps, but I dont know how to proceed from this point. Status: CAS server setup and fed from LDAP CAS Services Management Open and wntries created. (where can I get more info on this area) Login to my site works, but, how can I define the values for Google, or where can I add what so the google apps session is started? http://www.ja-sig.org/wiki/display/CASUM/Home Thanks a lot, Angel PS: Please make it for dummies :) Yahoo! oneSearch: Finally, mobile search that gives answers, not web links. _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas -- -Scott Battaglia LinkedIn: http://www.linkedin.com/in/scottbattaglia Looking for a deal? Find great prices on flights and hotels with Yahoo! FareChase. _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas -- -Scott Battaglia LinkedIn: http://www.linkedin.com/in/scottbattaglia Fussy? Opinionated? Impossible to please? Perfect. Join Yahoo!'s user panel and lay it on us. _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas -- -Scott Battaglia LinkedIn: http://www.linkedin.com/in/scottbattaglia Moody friends. Drama queens. Your life? Nope! - their life, your story. Play Sims Stories at Yahoo! Games. Need a vacation? Get great deals to amazing places on Yahoo! Travel. _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas -- -Scott Battaglia LinkedIn: http://www.linkedin.com/in/scottbattaglia Be a better Heartthrob. Get better relationship answers from someone who knows. Yahoo! Answers - Check it out. _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas -- -Scott Battaglia LinkedIn: http://www.linkedin.com/in/scottbattaglia ____________________________________________________________________________________ Fussy? Opinionated? Impossible to please? Perfect. Join Yahoo!'s user panel and lay it on us. http://surveylink.yahoo.com/gmrs/yahoo_panel_invite.asp?a=7
_______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
