After some more digging, it seems that the bug is in our perl client code, not in CAS.
The service url is quite interesting, something like: http://something/somewhere/?arg So when the service ticket comes back, it looks like http://something/somewhere/?arg&ticket=ST-blahblah Somehow mod_perl URI parser gets baffled because 'arg' is a key without any value. This starts a chain reaction of several issues down the path. Hopefully solving the URI parser issue will solve everything. Thanks Scott and others! :) On Thu, 2007-10-18 at 16:31 -0400, Scott Battaglia wrote: > If the redirect works with the stock CAS instance then something must > have changed when you made modifications. > > Anything besides the AuthenticationHandler? > > -Scott > > On 10/18/07, Ezra Nugroho <[EMAIL PROTECTED]> wrote: > > One more clue.. > > Instead of prepending ST with '&', the redirect-or uses '%26'. > So the > bug is that something encodes the variable separator. > > Thanks again. > Ezra > > On Thu, 2007-10-18 at 11:53 -0700, Ezra Nugroho wrote: > > Thank you Scott and Marat. > > > > > > I tried with the pre-built CAS 3.0.5 war file, and this > problem > > disappears. > > > > We build CAS from the source, and we add another > authenticator. This > > version has the issue. I guess I need to do a little more > digging > > then... > > > > I am not an expert with Spring and Spring webflow. > > Do you know what invokes the redirect rule in > login-webflow.xml ? > > > > I am not encoding the url before sending it. > > > > Thanks you! > > Ezra > > > > > > On Wed, 2007-10-17 at 23:06 -0400, Scott Battaglia wrote: > > > I tried it with CAS 3.1 (which uses a different mechanism) > and can > > > confirm that CAS 3.1 works. It also appears to work on > CAS 3.0.5 RC3 > > > (the closest version I had handy). I didn't see any JIRA > issues for > > > it either so no one else has reported it as something that > needs to be > > > fixed. > > > > > > Are you URL encoding your service parameter before sending > it? > > > > > > -Scott > > > -- > > > -Scott Battaglia > > > LinkedIn: http://www.linkedin.com/in/scottbattaglia > > > > > > On 10/17/07, Ezra Nugroho <[EMAIL PROTECTED]> > wrote: > > > > > > > > > After digging some more, I found that this issue > should have > > > been taken > > > cared of by the login-webflow.xml. > > > > > > I found the following snippets in my installation: > > > > > > > > > <!-- > > > The "redirect" end state allows > CAS to > > > properly end the workflow while still redirecting > > > the user back to the service > required. > > > --> > > > <end-state id="redirect" > view="externalRedirect: > > > > > ${externalContext.requestParameterMap['service']}${requestScope.ticket == > null ? '' : (externalContext.requestParameterMap['service'].indexOf('?') != > -1 ? '&' : '?') + 'ticket=' + requestScope.ticket}" /> > > > > > > > > > However, I am still having redirection problem in > my > > > deployment. > > > Can anyone find any issue with the statement? > > > Any idea why this rule misbehaves ? > > > > > > Does anyone have any similar issue with me? > > > > > > Does anyone confirm that you don't have this > issue? > > > What version of Cas do you use? > > > > > > Thank you all, > > > Ezra > > > > > > > > > > > > > > > On Tue, 2007-10-16 at 17:46 -0700, Ezra Nugroho > wrote: > > > > Halo CAS experts, > > > > > > > > > > > > Currently I am facing the following issue. > > > > > > > > Say http://service_url is a url of a casified > application. > > > > When a user logs in to the application using > CAS, CAS will > > > redirect to > > > > the http://service_url again while attaching the > service > > > ticket. > > > > > > > > Now if the original url has a GET variable (i.e. > > > > http://service_url?some_var), CAS fails to use > the correct > > > separator for > > > > the ST variable. CAS still uses '?' instead of > '&'. > > > > > > > > How can this be corrected? > > > > I scour through the code, and it seems that this > > > functionality is > > > > handled by Spring. Is it Spring bug? > > > > > > > > Btw, I am using cas-sever-3.0.5. > > > > > > > > > > > > Thank you, > > > > Ezra > > > > > > > > _______________________________________________ > > > > Yale CAS mailing list > > > > [email protected] > > > > http://tp.its.yale.edu/mailman/listinfo/cas > > > > > > > > > > _______________________________________________ > > > Yale CAS mailing list > > > [email protected] > > > http://tp.its.yale.edu/mailman/listinfo/cas > > > > > > > > > > > > > > > > _______________________________________________ > > Yale CAS mailing list > > [email protected] > > http://tp.its.yale.edu/mailman/listinfo/cas > > > > > > > -- > -Scott Battaglia > > LinkedIn: http://www.linkedin.com/in/scottbattaglia _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
