Edward,
If you are getting a message that says "The CAS server returned no
response," the CAS Client jar file is accessible. The error message(s)
in your log files should be different now. What are they?
You keep saying that it's urgent, and you are asking for more help.
That's what this list is for. We will try to help you learn this, so
that you are able to troubleshoot problems like this by yourself.
However, all learning takes time. Perhaps if you need this fixed
urgently, you should consider hiring someone to solve this for you
quickly.
Adam
Edward Chen wrote:
Hi Adam,
I still have the same problem "...The CAS server returned no
response...." after I change to
<filter-mapping>
<filter-name>CAS Validation Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
from
<filter-mapping>
<filter-name>CAS Validation Filter</filter-name>
<url-pattern>/Recruiting/*</url-pattern>
</filter-mapping>
I think it should be <url-pattern>/*</url-pattern>. I think I am not
using the validation filter currently because of this
<url-pattern>/Recruiting/*</url-pattern>
I did integrate cas-client-core-3.1.1.jar into my web app. I thought I
did not. The log file I copied for you was from my workstation testing
machine and the cas and web application did work in my workstation
testing machine. However, when I deployed cas and web application to
server ( a linux machine), it becomes
"...The CAS server returned no response...." after cas login and
redirect to my web application.
In my workstation I use <url-pattern>/*</url-pattern>
How to fix it? cas server problem? client problem or filter problem or
others?
Please continue to help. It's still urgent.
Edward
Adam Rybicki wrote:
Edward,
As others have already confirmed, you must configure your CAS client
application to use the JA-SIG CAS Client library, which facilitates
communications with the CAS server. It is ultimately the CAS Client
library that will allow request.getRemoteUser() to return the username
of the authenticated user.
The logs you sent make this fairly clear. The log of the CAS server
clearly shows CAS issuing a service ticket for user "edwardc." It
appears that the server is working fine.
The log file from the client shows a clue to your problem. The client
is unable to load the CAS Client filters. The JA-SIG CAS Client
library (a jar file, which at least on my computer is called
"cas-client-core-3.1.1.jar") needs to be in your Web application's
classpath. As with any enterprise Java Web application, there is an
appropriate place to install this jar file. Since I see you are using
Tomcat, in your case this place should be something like
<tomcat_dir>/webapps/Recruiting/WEB-INF/lib.
Adam
Edward Chen wrote:
I am kind of understanding...
In order to display request.getRemoteUser() value in my test.jsp, I need
to integrate cas client 3.1.1 to my application, for Recruiting
application. The reason why my current test.jsp returns null value is
because I haven't integrate cas client 3.21 with my application, Is it
correct?
I am done with the server side configuration, right?
If so, how to integrate cas client 3.11 to my java/jsp application? do
you have an instruction?
Edward
Scott Battaglia wrote:
When CASifying an application, you integrate the CAS client with your
application. You don't integrate the CAS client with the CAS server
software. The CAS client library is what allows the application to
communicate with the CAS server.
You should be configuring the wrapper on YOUR application if you want
access to request.getRemoteUser().
-Scott
On Tue, May 20, 2008 at 11:22 PM, Edward Chen <[EMAIL PROTECTED]
<mailto:[EMAIL PROTECTED]>> wrote:
Adam and Scott,
It seems to me that I missing the client configuration. I tried to
locate HttpServletRequestWrapperFilter file but I don't find them
in my
cas 3.21 folder. So, I download "cas-client-3.1.1-release" and I find
HttpServletRequestWrapperFilter file in it. I wonder if I need to
integrate client into server. If yes, how to integrate
case-client-3.1.1? using maven? ??
I am stuck in this problem.
Edward
Adam Rybicki wrote:
> Edward,
>
> It's hard to tell what effect your cas.war file custom build may
have
> on CAS itself. Let's assume for the time being, that this is fine.
>
> Did you have a chance to look inside the Tomcat logs as the error
> message was suggesting? Getting no response from CAS could be
caused
> by a certificate error. I looked at
> AbstractCasProtocolUrlBasedTicketValidator, and it is possible that
> this class would return null on a communication error with CAS
> server. It logs the error and returns null. Can you locate the log
> file? I think that the CAS Client may be actually using the log
file
> of your application.
>
> Adam
>
> Edward Chen wrote:
>> Hi Scott and other experts,
>>
>> Hi,
>>
>> Just a thought about this problem. I don't know if it will make a
>> difference.
>>
>> I think maybe the CAS in my tomcat is different. Why?
>>
>> I deployed my CAS to Tomcat by other method - our own build.xml.
>>
>> CAS 3.2.1 is built with Maven 2.0.9. <http://2.0.9.> I generate
cas.war not by Maven,
>> but by my build.xml
>>
>> The current problem seems to me that the CAS only talks itself
and not
>> react to any applications. That is why there is
>>
>> "...The CAS server returned no response...." when CAS linking to an
>> application.
>>
>> What do you think?
>>
>> Edward
>>
>>
>> Scott Battaglia wrote:
>>
>>> Edward,
>>>
>>> Can you try using the CAS 20 filter and see if that works?
>>>
>>> -Scott
>>>
>>> On Fri, May 16, 2008 at 11:52 PM, Edward Chen
<[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>
>>> <mailto:[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>>> wrote:
>>>
>>> Here it's what I modify below. But it still doesn't work.
I have the
>>> following exception. Can you tell what 's wrong with it?
Anything
>>> wrong
>>> with my cas filter?? Please help--very urgent
>>>
>>>
>>> HTTP Status 500 -
>>>
>>>
------------------------------------------------------------------------
>>>
>>> *type* Exception report
>>>
>>> *message*
>>>
>>> *description* _The server encountered an internal error ()
that
>>> prevented it from fulfilling this request._
>>>
>>> *exception*
>>>
>>> javax.servlet.ServletException: The CAS server returned no
response.
>>>
>>>
org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(AbstractTicketValidationFilter.java:152)
>>>
>>>
org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(AuthenticationFilter.java:103)
>>>
>>> *root cause*
>>>
>>> org.jasig.cas.client.validation.TicketValidationException:
The CAS
>>> server returned no response.
>>>
>>>
org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:162)
>>>
>>>
org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(AbstractTicketValidationFilter.java:129)
>>>
>>>
org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(AuthenticationFilter.java:103)
>>>
>>> *note* _The full stack trace of the root cause is
available in the
>>> Apache Tomcat/5.5.25 logs._
>>>
>>>
------------------------------------------------------------------------
>>>
>>>
>>> Apache Tomcat/5.5.25
>>>
>>>
>>>
>>> ..........
>>> <filter>
>>> <filter-name>CAS Authentication Filter</filter-name>
>>>
>>>
<filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class>
>>> <init-param>
>>> <param-name>casServerLoginUrl</param-name>
>>>
<param-value>https://casserver:8443/CAS/login</param-value>
>>> </init-param>
>>> <init-param>
>>> <param-name>service</param-name>
>>>
>>>
<param-value>http://casserver:8080/Recruiting/test.jsp</param-value>
>>> </init-param>
>>> <init-param>
>>> <param-name>serverName</param-name>
>>> <param-value>casserver:8080</param-value>
>>> </init-param>
>>> </filter>
>>>
>>> <filter>
>>> <filter-name>CAS Validation Filter</filter-name>
>>>
>>>
<filter-class>org.jasig.cas.client.validation.Cas10TicketValidationFilter</filter-class>
>>> <init-param>
>>> <param-name>casUrlServerPrefix</param-name>
>>> <param-value>https://casserver:8443/CAS</param-value>
>>> </init-param>
>>> <init-param>
>>> <param-name>serverName</param-name>
>>> <param-value>casserver:8080</param-value>
>>> </init-param>
>>> </filter>
>>>
>>> <filter>
>>> <filter-name>CAS HttpServletRequest Wrapper
>>> Filter</filter-name>
>>>
>>>
<filter-class>org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filter-class>
>>> </filter>
>>>
>>> <filter-mapping>
>>> <filter-name>CAS Authentication Filter</filter-name>
>>> <url-pattern>/*</url-pattern>
>>> </filter-mapping>
>>>
>>> <filter-mapping>
>>> <filter-name>CAS Validation Filter</filter-name>
>>> <url-pattern>/*</url-pattern>
>>> </filter-mapping >
>>>
>>> <filter-mapping>
>>> <filter-name>CAS HttpServletRequest Wrapper
Filter</filter-name>
>>> <url-pattern>/*</url-pattern>
>>> </filter-mapping >
>>> .............
>>>
>>>
>>> Edward
>>>
>>> Adam Rybicki wrote:
>>> > Scott's right, of course. The Thread Local filter is
not needed for
>>> > what you need. It becomes handy if you don't have
access to the
>>> > HttpServletRequest.
>>> >
>>> > Adam
>>> >
>>> > Scott Battaglia wrote:
>>> >> On Fri, May 16, 2008 at 7:32 PM, Adam Rybicki
>>> <[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>
<mailto:[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>>
>>> >> <mailto:[EMAIL PROTECTED]
<mailto:[EMAIL PROTECTED]> <mailto:[EMAIL PROTECTED]
<mailto:[EMAIL PROTECTED]>>>> wrote:
>>> >>
>>> >> Edward,
>>> >>
>>> >> Cross-posting to the wrong list (cas-dev) will not
speed up
>>> a reply.
>>> >>
>>> >> One thing you'll need is an additional filter.
Actually,
>>> two of
>>> >> them, I think. To make getRemoteUser() work,
you'll need them
>>> >> configured similar to this:
>>> >>
>>> >> <filter>
>>> >> <filter-name>CAS HttpServletRequest Wrapper
>>> Filter</filter-name>
>>> >>
>>> >>
>>>
<filter-class>org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filter-class>
>>> >> </filter>
>>> >>
>>> >> <filter>
>>> >> <filter-name>CAS Assertion Thread Local
>>> Filter</filter-name>
>>> >>
>>> >>
>>>
<filter-class>org.jasig.cas.client.util.AssertionThreadLocalFilter</filter-class>
>>> >> </filter>
>>> >>
>>> >> <filter-mapping>
>>> >> <filter-name>CAS HttpServletRequest Wrapper
>>> Filter</filter-name>
>>> >>
>>> >> <url-pattern>/*</url-pattern>
>>> >> </filter-mapping>
>>> >>
>>> >> <filter-mapping>
>>> >> <filter-name>CAS Assertion Thread Local
>>> Filter</filter-name>
>>> >>
>>> >> <url-pattern>/*</url-pattern>
>>> >> </filter-mapping>
>>> >>
>>> >>
>>> >> What concerns me is that, while you are using the
JA-SIG CAS
>>> >> Client, the exception message you included appears
to have come
>>> >> from the Yale CAS Filter. I don't think you need both.
>>> >>
>>> >>
>>> >> Adam beat me to it. But you are including the
configuration
>>> for the
>>> >> JASIG CAS Client but an error message from the Yale CAS
client.
>>> >> That's impossible unless you have both of them
configured, which I
>>> >> don't think has ever been tried. I'd recommend just
sticking with
>>> >> one of them. If you merely wish to read the
request.getRemoteUser,
>>> >> you also won't need the ThreadLocal filter either.
>>> >>
>>> >> -Scott
>>> >>
>>> >>
>>> >>
>>> >> Adam
>>> >>
>>> >> Edward Chen wrote:
>>> >>> I installed CAS 3.2.1 and deployed successfully
with LDAP
>>> in my
>>> >>> Windows XP and Tomcat5.25. Now I want to link the
simple jsp
>>> >>> application in Tomcat to CAS. I modified the CAS
filter in
>>> >>> web.xml as bellow. If I comment out "CAS
Validation Filter", I
>>> >>> got redirected to CAS and passed CAS login and
went back
>>> to the
>>> >>> application. However, I got "null" value
>>> >>> (<%=request.getRemoteUser()%>) in my test.jsp. It
should be
>>> >>> supposed to have the CAS login username. If I don't
>>> comment out
>>> >>> "CAS Validation Filter", I got redirected to CAS and
>>> passed CAS
>>> >>> login. But when CAS went back to the application, it
>>> throws out
>>> >>> exception, something like "*exception*
>>> >>> javax.servlet.ServletException: Unable to validate
>>> >>> ProxyTicketValidator
>>> >>> [[edu.yale.its.tp.cas.client.ProxyTicketValidator
>>> >>> proxyList=[null]
>>> >>> [edu.yale.its.tp.cas.client.ServiceTicketValidator
..... " It
>>> >>> seems to me that the validation doesn't work. What is
>>> wrong with
>>> >>> it? How to fix it? any recommendation?? any thing
wrong
>>> with the
>>> >>> following CAS filter?? Very urgent help needed!!!
........
>>> >>> <filter> <filter-name>CAS Authentication
Filter</filter-name>
>>> >>>
>>>
<filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class>
>>> >>> <init-param>
<param-name>casServerLoginUrl</param-name>
>>> >>>
<param-value>https://xxxxxxxxx:8443/CAS/login</param-value>
>>> >>> </init-param> <init-param>
<param-name>service</param-name>
>>> >>>
>>>
<param-value>http://xxxxxxxxx:8080/Recruiting/test.jsp</param-value>
>>> >>> </init-param> <init-param>
<param-name>serverName</param-name>
>>> >>> <param-value>xxxxxxx:8080/</param-value> </init-param>
>>> </filter>
>>> >>> <filter> <filter-name>CAS Validation
Filter</filter-name>
>>> >>>
>>>
<filter-class>org.jasig.cas.client.validation.Cas10TicketValidationFilter</filter-class>
>>> >>> <init-param>
<param-name>casUrlServerPrefix</param-name>
>>> >>> <param-value>https://xxxxxxx:8443/CAS</param-value>
>>> >>> </init-param> <init-param>
<param-name>serverName</param-name>
>>> >>> <param-value>xxxxxxxxxxx:8080/</param-value>
</init-param>
>>> >>> </filter> <filter-mapping> <filter-name>CAS
Authentication
>>> >>> Filter</filter-name> <url-pattern>/*</url-pattern>
>>> >>> </filter-mapping> <!--filter-mapping> <filter-name>CAS
>>> >>> Validation Filter</filter-name>
<url-pattern>/*</url-pattern>
>>> >>> </filter-mapping --> ...................
>>> >>> ______________________________
>>> >>> _________________
>>> >>> Yale CAS mailing list
>>> >>> [email protected] <mailto:[email protected]>
<mailto:[email protected] <mailto:[email protected]>>
>>> <mailto:[email protected] <mailto:[email protected]>
<mailto:[email protected] <mailto:[email protected]>>>
>>> >>> http://tp.its.yale.edu/mailman/listinfo/cas
>>> >>
>>> >> _______________________________________________
>>> >> Yale CAS mailing list
>>> >> [email protected] <mailto:[email protected]>
<mailto:[email protected] <mailto:[email protected]>>
>>> <mailto:[email protected] <mailto:[email protected]>
<mailto:[email protected] <mailto:[email protected]>>>
>>> >> http://tp.its.yale.edu/mailman/listinfo/cas
>>> >>
>>> >>
>>> >>
>>> >>
>>> >> --
>>> >> -Scott Battaglia
>>> >> PGP Public Key Id: 0x383733AA
>>> >> LinkedIn: http://www.linkedin.com/in/scottbattaglia
>>> >>
>>>
------------------------------------------------------------------------
>>> >>
>>> >> _______________________________________________
>>> >> Yale CAS mailing list
>>> >> [email protected] <mailto:[email protected]>
<mailto:[email protected] <mailto:[email protected]>>
>>> >> http://tp.its.yale.edu/mailman/listinfo/cas
>>> >>
>>> > _______________________________________________
>>> > Yale CAS mailing list
>>> > [email protected] <mailto:[email protected]>
<mailto:[email protected] <mailto:[email protected]>>
>>> > http://tp.its.yale.edu/mailman/listinfo/cas
>>> >
>>>
>>> _______________________________________________
>>> Yale CAS mailing list
>>> [email protected] <mailto:[email protected]>
<mailto:[email protected] <mailto:[email protected]>>
>>> http://tp.its.yale.edu/mailman/listinfo/cas
>>>
>>>
>>>
>>>
>>> --
>>> -Scott Battaglia
>>> PGP Public Key Id: 0x383733AA
>>> LinkedIn: http://www.linkedin.com/in/scottbattaglia
>>>
------------------------------------------------------------------------
>>>
>>> _______________________________________________
>>> Yale CAS mailing list
>>> [email protected] <mailto:[email protected]>
>>> http://tp.its.yale.edu/mailman/listinfo/cas
>>>
>>>
>>
>> _______________________________________________
>> Yale CAS mailing list
>> [email protected] <mailto:[email protected]>
>> http://tp.its.yale.edu/mailman/listinfo/cas
>>
>>
> _______________________________________________
> Yale CAS mailing list
> [email protected] <mailto:[email protected]>
> http://tp.its.yale.edu/mailman/listinfo/cas
>
_______________________________________________
Yale CAS mailing list
[email protected] <mailto:[email protected]>
http://tp.its.yale.edu/mailman/listinfo/cas
--
-Scott Battaglia
PGP Public Key Id: 0x383733AA
LinkedIn: http://www.linkedin.com/in/scottbattaglia
------------------------------------------------------------------------
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
|
smime.p7s