Try putting the validation filter before the authentication filter in the web.xml mapping. I may have erroneously not taken proxy callback into account when writing up the documentation for the filters (everything else should work the same).
-Scott On Wed, Apr 30, 2008 at 10:56 AM, iversion <[EMAIL PROTECTED]> wrote: > > The following is the log that cas client start to validate the service > ticket: > > DEBUG Cas20ProxyReceivingTicketValidationFilter: - Attempting to validate > ticket: ST-5-7PFf2IQWQeeoJtgL9Kob-cas > DEBUG CommonUtils: - serviceUrl generated: http://allenpc:5000/um/ > DEBUG Cas20ServiceTicketValidator: - contruct > url: > https://allenpc:8443/cas/serviceValidate?service=http%3A%2F%2Fallenpc%3A5000%2Fum%2F&ticket=ST-5-7PFf2IQWQeeoJtgL9Kob-cas&pgtUrl=https%3A%2F%2Fallenpc%3A8483%2Fum%2FproxyCallback > DEBUG AuthenticationFilter: - no ticket and no assertion found > > and the following log shows that AuthenticationFilter generate the > redirect > url for the url http://allenpc:5000/um/proxyCallback and , this make me > confused: > > DEBUG CommonUtils: - serviceUrl generated: > http://allenpc:5000/um/proxyCallback > DEBUG AuthenticationFilter: - redirecting to > " > https://allenpc:8443/cas/login?service=http%3A%2F%2Fallenpc%3A5000%2Fum%2FproxyCallback > " > > another url (why the url turn up? from cas server?) come while the service > ticket is validated: > > DEBUG AuthenticationFilter: - no ticket and no assertion found > DEBUG CommonUtils: - serviceUrl generated: > > http://allenpc:5000/um/proxyCallback?pgtIou=PGTIOU-3-pNyOpweaQQusHIedPPip-cas&pgtId=TGT-5-nbSLmFpoo7QKtYNMgOCxYTOmTJ2EX9myP3csIV5ekuZaO2fJxO-cas > > the following redirecting seem not working: > DEBUG AuthenticationFilter: - redirecting to > " > https://allenpc:8443/cas/login?service=http%3A%2F%2Fallenpc%3A5000%2Fum%2FproxyCallback%3FpgtIou%3DPGTIOU-3-pNyOpweaQQusHIedPPip-cas%26pgtId%3DTGT-5-nbSLmFpoo7QKtYNMgOCxYTOmTJ2EX9myP3csIV5ekuZaO2fJxO-cas > " > > According to the cas architecture 2.0 document, cas server will sent a > request containing pgtIou and pgtId to client, but the client cannot get > the > pgtId and pgtIou after receiving the reponse of cas: > <cas:serviceResponse> > <cas:authenticationSuccess> > <cas:user>NetID</cas:user> > <cas:proxyGrantingTicket>PGTIOU</cas:proxyGrantingTicket> > </cas:authenticationSuccess> > </cas:serviceResponse> > > > scott_battaglia wrote: > > > > You should check your CAS server logs to see if the proxy callback > failed. > > That's the only reason you wouldn't receive the pgtIou and pgt (well, as > > long as there's no bug in the code ;-)). > > > > -Scott > > > > > > -- > View this message in context: > http://www.nabble.com/About-the-cas-proxy-configuration-tp16977892p16984579.html > Sent from the CAS Users mailing list archive at Nabble.com. > > _______________________________________________ > Yale CAS mailing list > [email protected] > http://tp.its.yale.edu/mailman/listinfo/cas > -- -Scott Battaglia PGP Public Key Id: 0x383733AA LinkedIn: http://www.linkedin.com/in/scottbattaglia
_______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
