The wrapper needs to be configured after: http://www.ja-sig.org/wiki/display/CASC/CAS+Client+for+Java+3.1
-Scott On Tue, May 20, 2008 at 1:20 PM, Edward Chen <[EMAIL PROTECTED]> wrote: > Hi Scott and Adam, > > It seems there is a little progress for my problem. I updated the > url-pattern as ( add "/Recruiting/* instead just /* ) > .... > <filter-mapping> > <filter-name>CAS HttpServletRequest Wrapper Filter</filter-name> > <url-pattern>/Recruiting/*</url-pattern> > </filter-mapping> > <filter-mapping> > <filter-name>CAS Validation Filter</filter-name> > <url-pattern>/Recruiting/*</url-pattern> > </filter-mapping> > .... > > Now I can open test.jsp after CAS login. But the test.jsp > <%=request.getRemoteUser()%> displayed null value. It's supposed > something (an user name). > > How to fix it? and I want to know if it indicates the error you talked > about. > > Edward > > > Scott Battaglia wrote: > > If both of the TicketValidators are returning no response there may be > > a configuration error on the client side with regards to the server > > endpoint. If you turn on DEBUG on the server and then try and log > > into the client, you should be able to see on the server any > > validation attempts. If you see no ticket validation attempts, then > > the client is most likely misconfigured. > > > > -Scott > > > > On Mon, May 19, 2008 at 8:30 PM, Adam Rybicki <[EMAIL PROTECTED] > > <mailto:[EMAIL PROTECTED]>> wrote: > > > > Edward, > > > > It's hard to tell what effect your cas.war file custom build may > > have on CAS itself. Let's assume for the time being, that this is > > fine. > > > > Did you have a chance to look inside the Tomcat logs as the error > > message was suggesting? Getting no response from CAS could be > > caused by a certificate error. I looked at > > AbstractCasProtocolUrlBasedTicketValidator, and it is possible > > that this class would return null on a communication error with > > CAS server. It logs the error and returns null. Can you locate > > the log file? I think that the CAS Client may be actually using > > the log file of your application. > > > > Adam > > > > Edward Chen wrote: > >> Hi Scott and other experts, > >> > >> Hi, > >> > >> Just a thought about this problem. I don't know if it will make a > >> difference. > >> > >> I think maybe the CAS in my tomcat is different. Why? > >> > >> I deployed my CAS to Tomcat by other method - our own build.xml. > >> > >> CAS 3.2.1 is built with Maven 2.0.9. <http://2.0.9.> I generate > cas.war not by Maven, > >> but by my build.xml > >> > >> The current problem seems to me that the CAS only talks itself and > not > >> react to any applications. That is why there is > >> > >> "...The CAS server returned no response...." when CAS linking to an > >> application. > >> > >> What do you think? > >> > >> Edward > >> > >> > >> Scott Battaglia wrote: > >> > >>> Edward, > >>> > >>> Can you try using the CAS 20 filter and see if that works? > >>> > >>> -Scott > >>> > >>> On Fri, May 16, 2008 at 11:52 PM, Edward Chen <[EMAIL > >>> PROTECTED]<mailto: > [EMAIL PROTECTED]> > >>> <mailto:[EMAIL PROTECTED]>> wrote: > >>> > >>> Here it's what I modify below. But it still doesn't work. I > have the > >>> following exception. Can you tell what 's wrong with it? > Anything > >>> wrong > >>> with my cas filter?? Please help--very urgent > >>> > >>> > >>> HTTP Status 500 - > >>> > >>> > ------------------------------------------------------------------------ > >>> > >>> *type* Exception report > >>> > >>> *message* > >>> > >>> *description* _The server encountered an internal error () that > >>> prevented it from fulfilling this request._ > >>> > >>> *exception* > >>> > >>> javax.servlet.ServletException: The CAS server returned no > response. > >>> > >>> > > org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(AbstractTicketValidationFilter.java:152) > >>> > >>> > > org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(AuthenticationFilter.java:103) > >>> > >>> *root cause* > >>> > >>> org.jasig.cas.client.validation.TicketValidationException: The > CAS > >>> server returned no response. > >>> > >>> > > org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:162) > >>> > >>> > > org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(AbstractTicketValidationFilter.java:129) > >>> > >>> > > org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(AuthenticationFilter.java:103) > >>> > >>> *note* _The full stack trace of the root cause is available in > the > >>> Apache Tomcat/5.5.25 logs._ > >>> > >>> > ------------------------------------------------------------------------ > >>> > >>> > >>> Apache Tomcat/5.5.25 > >>> > >>> > >>> > >>> .......... > >>> <filter> > >>> <filter-name>CAS Authentication Filter</filter-name> > >>> > >>> > <filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class> > >>> <init-param> > >>> <param-name>casServerLoginUrl</param-name> > >>> <param-value>https://casserver:8443/CAS/login > </param-value> > >>> </init-param> > >>> <init-param> > >>> <param-name>service</param-name> > >>> > >>> <param-value>http://casserver:8080/Recruiting/test.jsp > </param-value> > >>> </init-param> > >>> <init-param> > >>> <param-name>serverName</param-name> > >>> <param-value>casserver:8080</param-value> > >>> </init-param> > >>> </filter> > >>> > >>> <filter> > >>> <filter-name>CAS Validation Filter</filter-name> > >>> > >>> > <filter-class>org.jasig.cas.client.validation.Cas10TicketValidationFilter</filter-class> > >>> <init-param> > >>> <param-name>casUrlServerPrefix</param-name> > >>> <param-value>https://casserver:8443/CAS</param-value> > >>> </init-param> > >>> <init-param> > >>> <param-name>serverName</param-name> > >>> <param-value>casserver:8080</param-value> > >>> </init-param> > >>> </filter> > >>> > >>> <filter> > >>> <filter-name>CAS HttpServletRequest Wrapper > >>> Filter</filter-name> > >>> > >>> > <filter-class>org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filter-class> > >>> </filter> > >>> > >>> <filter-mapping> > >>> <filter-name>CAS Authentication Filter</filter-name> > >>> <url-pattern>/*</url-pattern> > >>> </filter-mapping> > >>> > >>> <filter-mapping> > >>> <filter-name>CAS Validation Filter</filter-name> > >>> <url-pattern>/*</url-pattern> > >>> </filter-mapping > > >>> > >>> <filter-mapping> > >>> <filter-name>CAS HttpServletRequest Wrapper > Filter</filter-name> > >>> <url-pattern>/*</url-pattern> > >>> </filter-mapping > > >>> ............. > >>> > >>> > >>> Edward > >>> > >>> Adam Rybicki wrote: > >>> > Scott's right, of course. The Thread Local filter is not > needed for > >>> > what you need. It becomes handy if you don't have access to > the > >>> > HttpServletRequest. > >>> > > >>> > Adam > >>> > > >>> > Scott Battaglia wrote: > >>> >> On Fri, May 16, 2008 at 7:32 PM, Adam Rybicki > >>> <[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> <mailto: > [EMAIL PROTECTED]> > >>> >> <mailto:[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>>> > wrote: > >>> >> > >>> >> Edward, > >>> >> > >>> >> Cross-posting to the wrong list (cas-dev) will not speed > up > >>> a reply. > >>> >> > >>> >> One thing you'll need is an additional filter. > Actually, > >>> two of > >>> >> them, I think. To make getRemoteUser() work, you'll > need them > >>> >> configured similar to this: > >>> >> > >>> >> <filter> > >>> >> <filter-name>CAS HttpServletRequest Wrapper > >>> Filter</filter-name> > >>> >> > >>> >> > >>> > <filter-class>org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filter-class> > >>> >> </filter> > >>> >> > >>> >> <filter> > >>> >> <filter-name>CAS Assertion Thread Local > >>> Filter</filter-name> > >>> >> > >>> >> > >>> > <filter-class>org.jasig.cas.client.util.AssertionThreadLocalFilter</filter-class> > >>> >> </filter> > >>> >> > >>> >> <filter-mapping> > >>> >> <filter-name>CAS HttpServletRequest Wrapper > >>> Filter</filter-name> > >>> >> > >>> >> <url-pattern>/*</url-pattern> > >>> >> </filter-mapping> > >>> >> > >>> >> <filter-mapping> > >>> >> <filter-name>CAS Assertion Thread Local > >>> Filter</filter-name> > >>> >> > >>> >> <url-pattern>/*</url-pattern> > >>> >> </filter-mapping> > >>> >> > >>> >> > >>> >> What concerns me is that, while you are using the JA-SIG > CAS > >>> >> Client, the exception message you included appears to > have come > >>> >> from the Yale CAS Filter. I don't think you need both. > >>> >> > >>> >> > >>> >> Adam beat me to it. But you are including the configuration > >>> for the > >>> >> JASIG CAS Client but an error message from the Yale CAS > client. > >>> >> That's impossible unless you have both of them configured, > which I > >>> >> don't think has ever been tried. I'd recommend just > sticking with > >>> >> one of them. If you merely wish to read the > request.getRemoteUser, > >>> >> you also won't need the ThreadLocal filter either. > >>> >> > >>> >> -Scott > >>> >> > >>> >> > >>> >> > >>> >> Adam > >>> >> > >>> >> Edward Chen wrote: > >>> >>> I installed CAS 3.2.1 and deployed successfully with > LDAP > >>> in my > >>> >>> Windows XP and Tomcat5.25. Now I want to link the > simple jsp > >>> >>> application in Tomcat to CAS. I modified the CAS filter > in > >>> >>> web.xml as bellow. If I comment out "CAS Validation > Filter", I > >>> >>> got redirected to CAS and passed CAS login and went > back > >>> to the > >>> >>> application. However, I got "null" value > >>> >>> (<%=request.getRemoteUser()%>) in my test.jsp. It > should be > >>> >>> supposed to have the CAS login username. If I don't > >>> comment out > >>> >>> "CAS Validation Filter", I got redirected to CAS and > >>> passed CAS > >>> >>> login. But when CAS went back to the application, it > >>> throws out > >>> >>> exception, something like "*exception* > >>> >>> javax.servlet.ServletException: Unable to validate > >>> >>> ProxyTicketValidator > >>> >>> [[edu.yale.its.tp.cas.client.ProxyTicketValidator > >>> >>> proxyList=[null] > >>> >>> [edu.yale.its.tp.cas.client.ServiceTicketValidator > ..... " It > >>> >>> seems to me that the validation doesn't work. What is > >>> wrong with > >>> >>> it? How to fix it? any recommendation?? any thing wrong > >>> with the > >>> >>> following CAS filter?? Very urgent help needed!!! > ........ > >>> >>> <filter> <filter-name>CAS Authentication > Filter</filter-name> > >>> >>> > >>> > <filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class> > >>> >>> <init-param> <param-name>casServerLoginUrl</param-name> > >>> >>> <param-value>https://xxxxxxxxx:8443/CAS/login > </param-value> > >>> >>> </init-param> <init-param> > <param-name>service</param-name> > >>> >>> > >>> <param-value>http://xxxxxxxxx:8080/Recruiting/test.jsp > </param-value> > >>> >>> </init-param> <init-param> > <param-name>serverName</param-name> > >>> >>> <param-value>xxxxxxx:8080/</param-value> </init-param> > >>> </filter> > >>> >>> <filter> <filter-name>CAS Validation > Filter</filter-name> > >>> >>> > >>> > <filter-class>org.jasig.cas.client.validation.Cas10TicketValidationFilter</filter-class> > >>> >>> <init-param> > <param-name>casUrlServerPrefix</param-name> > >>> >>> <param-value>https://xxxxxxx:8443/CAS</param-value> > >>> >>> </init-param> <init-param> > <param-name>serverName</param-name> > >>> >>> <param-value>xxxxxxxxxxx:8080/</param-value> > </init-param> > >>> >>> </filter> <filter-mapping> <filter-name>CAS > Authentication > >>> >>> Filter</filter-name> <url-pattern>/*</url-pattern> > >>> >>> </filter-mapping> <!--filter-mapping> <filter-name>CAS > >>> >>> Validation Filter</filter-name> > <url-pattern>/*</url-pattern> > >>> >>> </filter-mapping --> ................... > >>> >>> ______________________________ > >>> >>> _________________ > >>> >>> Yale CAS mailing list > >>> >>> [email protected] <mailto:[email protected]> > <mailto:[email protected]> > >>> <mailto:[email protected] <mailto:[email protected]>> > >>> >>> http://tp.its.yale.edu/mailman/listinfo/cas > >>> >> > >>> >> _______________________________________________ > >>> >> Yale CAS mailing list > >>> >> [email protected] <mailto:[email protected]> > <mailto:[email protected]> > >>> <mailto:[email protected] <mailto:[email protected]>> > >>> >> http://tp.its.yale.edu/mailman/listinfo/cas > >>> >> > >>> >> > >>> >> > >>> >> > >>> >> -- > >>> >> -Scott Battaglia > >>> >> PGP Public Key Id: 0x383733AA > >>> >> LinkedIn: http://www.linkedin.com/in/scottbattaglia > >>> >> > >>> > ------------------------------------------------------------------------ > >>> >> > >>> >> _______________________________________________ > >>> >> Yale CAS mailing list > >>> >> [email protected] <mailto:[email protected]> <mailto: > [email protected]> > >>> >> http://tp.its.yale.edu/mailman/listinfo/cas > >>> >> > >>> > _______________________________________________ > >>> > Yale CAS mailing list > >>> > [email protected] <mailto:[email protected]> <mailto: > [email protected]> > >>> > http://tp.its.yale.edu/mailman/listinfo/cas > >>> > > >>> > >>> _______________________________________________ > >>> Yale CAS mailing list > >>> [email protected] <mailto:[email protected]> <mailto: > [email protected]> > >>> http://tp.its.yale.edu/mailman/listinfo/cas > >>> > >>> > >>> > >>> > >>> -- > >>> -Scott Battaglia > >>> PGP Public Key Id: 0x383733AA > >>> LinkedIn: http://www.linkedin.com/in/scottbattaglia > >>> > ------------------------------------------------------------------------ > >>> > >>> _______________________________________________ > >>> Yale CAS mailing list > >>> [email protected] <mailto:[email protected]> > >>> http://tp.its.yale.edu/mailman/listinfo/cas > >>> > >>> > >> _______________________________________________ > >> Yale CAS mailing list > >> [email protected] <mailto:[email protected]> > >> http://tp.its.yale.edu/mailman/listinfo/cas > >> > >> > > > > _______________________________________________ > > Yale CAS mailing list > > [email protected] <mailto:[email protected]> > > http://tp.its.yale.edu/mailman/listinfo/cas > > > > > > > > > > -- > > -Scott Battaglia > > PGP Public Key Id: 0x383733AA > > LinkedIn: http://www.linkedin.com/in/scottbattaglia > > ------------------------------------------------------------------------ > > > > _______________________________________________ > > Yale CAS mailing list > > [email protected] > > http://tp.its.yale.edu/mailman/listinfo/cas > > > > _______________________________________________ > Yale CAS mailing list > [email protected] > http://tp.its.yale.edu/mailman/listinfo/cas > -- -Scott Battaglia PGP Public Key Id: 0x383733AA LinkedIn: http://www.linkedin.com/in/scottbattaglia
_______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
