On Tue, Jun 3, 2008 at 5:14 PM, ktian <[EMAIL PROTECTED]> wrote: > > Hi Scott, > > Before I open a JIRA issue, I would like check the other couple of things. > > 1. Do I need to set up openSAML in CAS server, is there any configration of > SAML on server side?
It should be configured out of the box for SAML. > > 2. I did not see any failing validate a ticket in CAS server logs, may be > this because I did not set up logging properly in both server and client. > Can you please tell me how to config/setup log4j in both server and client > to log any exceptions ? I would recommend turning the logging the log4j.properties to DEBUG for org.jasig.cas Also, if you haven't try using CAS Client for Java 3.1.3-rc2 (its in the Maven2 repo on the JASIG servers). -Scott > > > Thanks, > > Kevin > > > > scott_battaglia wrote: > > > > If you look at the major and minor version it is 1.1. The OpenSAML > > library > > is also separate from the protocol so the numbers may not coincide. > > > > Can you open a JIRA issue for this? Because even though the response is > > technically correct its not getting parsed correctly on the client side. > > We > > also need to look at why you're getting this response. Anything in the > > CAS > > server logs about failing to validate a ticket or anything? > > > > -Scott > > > > On Tue, Jun 3, 2008 at 12:56 AM, ktian <[EMAIL PROTECTED]> wrote: > > > >> > >> I got the xml response as below, > >> > >> <?xml version="1.0" encoding="UTF-8"?><SOAP-ENV:Envelope > >> xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/ > >> "><SOAP-ENV:Header/><SOAP-ENV:Body><Response > >> xmlns="urn:oasis:names:tc:SAML:1.0:protocol" > >> xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" > >> xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol" > >> xmlns:xsd="http://www.w3.org/2001/XMLSchema"; > >> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; > >> IssueInstant="2008-06-03T04:44:57.143Z" MajorVersion="1" > MinorVersion="1" > >> Recipient="http://localhost:8084/WebApplication1/"; > >> ResponseID="_3b62bece2e8da1c10279db04882012ac"><Status><StatusCode > >> > >> > Value="samlp:Responder"></StatusCode><StatusMessage>Success</StatusMessage></Status></Response></SOAP-ENV:Body></SOAP-ENV:Envelope> > >> > >> But there is no attributes such as username, etc. Also it uses SAML 1.0 > >> instead of SAML 1.1. > >> It confuses me that I included the openSAML 1.1b.jar in my app, but got > >> SAML > >> 1.0 response. > >> Please help me out. > >> > >> Thanks, > >> > >> Kevin > >> > >> ------------------------------------------------------ > >> > >> scott_battaglia wrote: > >> > > >> > Kevin, > >> > > >> > If you can put the app through something like the Eclipse Debugger you > >> can > >> > set a breakpoint to grab the value. One of our open items is to add > >> more > >> > logging into the client, we unfortunately haven't gotten there yet. > >> > > >> > -Scott > >> > > >> > On Thu, May 29, 2008 at 11:35 PM, ktian <[EMAIL PROTECTED]> > >> wrote: > >> > > >> >> > >> >> Hi Scott, > >> >> > >> >> I tried CAS Client for Java 3.1.2, but it still fails. The exception > >> as > >> >> follow: > >> >> > >> >> > >> >> > >> > ---------------------------------------------------------------------------------- > >> >> exception > >> >> > >> >> javax.servlet.ServletException: org.opensaml.SAMLException: Success > >> >> > >> >> > >> >> > >> > org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(AbstractTicketValidationFilter.java:152) > >> >> > >> >> > >> >> > >> > org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(AuthenticationFilter.java:103) > >> >> > >> >> > >> >> root cause > >> >> > >> >> org.jasig.cas.client.validation.TicketValidationException: > >> >> org.opensaml.SAMLException: Success > >> >> > >> >> > >> >> > >> > org.jasig.cas.client.validation.Saml11TicketValidator.parseResponseFromServer(Saml11TicketValidator.java:93) > >> >> > >> >> > >> >> > >> > org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:165) > >> >> > >> >> > >> >> > >> > org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(AbstractTicketValidationFilter.java:129) > >> >> > >> >> > >> >> > >> > org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(AuthenticationFilter.java:103) > >> >> > >> >> > >> >> root cause > >> >> > >> >> org.opensaml.SAMLException: Success > >> >> org.opensaml.SAMLException.getInstance(Unknown Source) > >> >> org.opensaml.SAMLResponse.fromDOM(Unknown Source) > >> >> org.opensaml.SAMLResponse.<init>(Unknown Source) > >> >> > >> >> > >> >> > >> > org.jasig.cas.client.validation.Saml11TicketValidator.parseResponseFromServer(Saml11TicketValidator.java:48) > >> >> > >> >> > >> >> > >> > org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:165) > >> >> > >> >> > >> >> > >> > org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(AbstractTicketValidationFilter.java:129) > >> >> > >> >> > >> >> > >> > org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(AuthenticationFilter.java:103) > >> >> > >> >> > >> >> > >> >> > >> > --------------------------------------------------------------------------------------------- > >> >> Also do you know how to capture the XML response, which is the main > >> thing > >> >> I'm tring to retrieve using SAML filter? I want to retrieve the CAS > >> >> server > >> >> response. > >> >> > >> >> Many thanks, > >> >> > >> >> Kevin > >> >> > >> >> > >> >> > >> >> scott_battaglia wrote: > >> >> > > >> >> > Have you tried CAS Client for Java 3.1.2? If not, you can grab it > >> from > >> >> > the > >> >> > public Maven2 repo. If that still fails, can you open a ticket > >> (we're > >> >> > cutting RCs of CAS Client for Java 3.1.3 soon) pasting in the > >> exception > >> >> > and > >> >> > if you can capture the XML response too. > >> >> > Thanks > >> >> > -Scott > >> >> > > >> >> > On Thu, May 29, 2008 at 9:48 PM, ktian <[EMAIL PROTECTED]> > >> >> wrote: > >> >> > > >> >> >> > >> >> >> Hi, > >> >> >> > >> >> >> I have : > >> >> >> CAS Client version 3.1 > >> >> >> CAS Server version 3.2 > >> >> >> Server tomcat : 5.5.26 > >> >> >> > >> >> >> I've tried to get Saml11TicketValidationFilter working to retrieve > >> >> server > >> >> >> response, but I got Exception when CAS server returned a ticket: > >> >> >> > >> >> >> java.lang.NumberFormatException: For input string: "" > >> >> >> > >> >> >> > >> >> >> > >> >> > >> > java.lang.NumberFormatException.forInputString(NumberFormatException.java:48) > >> >> >> java.lang.Integer.parseInt(Integer.java:468) > >> >> >> java.lang.Integer.parseInt(Integer.java:497) > >> >> >> org.opensaml.SAMLResponse.fromDOM(Unknown Source) > >> >> >> org.opensaml.SAMLResponse.<init>(Unknown Source) > >> >> >> > >> >> >> > >> >> >> > >> >> > >> > org.jasig.cas.client.validation.Saml11TicketValidator.parseResponseFromServer(Saml11TicketValidator.java:46) > >> >> >> > >> >> >> > >> >> >> > >> >> > >> > org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:165) > >> >> >> > >> >> >> > >> >> >> > >> >> > >> > org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(AbstractTicketValidationFilter.java:129) > >> >> >> > >> >> >> > >> >> >> > >> >> > >> > org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(AuthenticationFilter.java:103) > >> >> >> > >> >> >> does anyone know how to solve this issue? > >> >> >> > >> >> >> Many Thanks, > >> >> >> > >> >> >> Kevin > >> >> >> > >> >> >> > >> >> >> > >> >> >> -- > >> >> >> View this message in context: > >> >> >> > >> >> > >> > http://www.nabble.com/retrieve-server-response-issue-tp17548571p17548571.html > >> >> >> Sent from the CAS Users mailing list archive at Nabble.com. > >> >> >> > >> >> >> _______________________________________________ > >> >> >> Yale CAS mailing list > >> >> >> [email protected] > >> >> >> http://tp.its.yale.edu/mailman/listinfo/cas > >> >> >> > >> >> > > >> >> > > >> >> > > >> >> > -- > >> >> > -Scott Battaglia > >> >> > PGP Public Key Id: 0x383733AA > >> >> > LinkedIn: http://www.linkedin.com/in/scottbattaglia > >> >> > > >> >> > _______________________________________________ > >> >> > Yale CAS mailing list > >> >> > [email protected] > >> >> > http://tp.its.yale.edu/mailman/listinfo/cas > >> >> > > >> >> > > >> >> > >> >> -- > >> >> View this message in context: > >> >> > >> > http://www.nabble.com/retrieve-server-response-issue-tp17548571p17550984.html > >> >> Sent from the CAS Users mailing list archive at Nabble.com. > >> >> > >> >> _______________________________________________ > >> >> Yale CAS mailing list > >> >> [email protected] > >> >> http://tp.its.yale.edu/mailman/listinfo/cas > >> >> > >> > > >> > > >> > > >> > -- > >> > -Scott Battaglia > >> > PGP Public Key Id: 0x383733AA > >> > LinkedIn: http://www.linkedin.com/in/scottbattaglia > >> > > >> > _______________________________________________ > >> > Yale CAS mailing list > >> > [email protected] > >> > http://tp.its.yale.edu/mailman/listinfo/cas > >> > > >> > > >> > >> -- > >> View this message in context: > >> > http://www.nabble.com/retrieve-server-response-issue-tp17548571p17616042.html > >> Sent from the CAS Users mailing list archive at Nabble.com. > >> > >> _______________________________________________ > >> Yale CAS mailing list > >> [email protected] > >> http://tp.its.yale.edu/mailman/listinfo/cas > >> > > > > > > > > -- > > -Scott Battaglia > > PGP Public Key Id: 0x383733AA > > LinkedIn: http://www.linkedin.com/in/scottbattaglia > > > > _______________________________________________ > > Yale CAS mailing list > > [email protected] > > http://tp.its.yale.edu/mailman/listinfo/cas > > > > > > -- > View this message in context: > http://www.nabble.com/retrieve-server-response-issue-tp17548571p17633857.html > Sent from the CAS Users mailing list archive at Nabble.com. > > _______________________________________________ > Yale CAS mailing list > [email protected] > http://tp.its.yale.edu/mailman/listinfo/cas > -- -Scott Battaglia PGP Public Key Id: 0x383733AA LinkedIn: http://www.linkedin.com/in/scottbattaglia
_______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
