Well you'll be happy to know I found what the problem is :-) I still have
to look at the solution:
[org.jasig.cas.web.view.Saml10FailureResponseView] - <Rendering view with
name 'casSamlServiceFailureView' with model {code=INVALID_REQUEST,
description='service' and 'ticket' parameters are both required} and static
attributes {}>
The description isn't accurate but what it means was it was not able to
extract the service and or the artifact from the request. Try upgrading to
CAS Client for Java 3.1.3 RC2 and see if it helps: CAS Client for Java 3.1.3
RC2 is located in our Maven2 repository: http://developer.ja-sig.org/maven2
If it doesn't help then that narrows down the problem. :-)
Thanks
-Scott
On Thu, Jun 5, 2008 at 1:16 AM, ktian <[EMAIL PROTECTED]> wrote:
>
> Hi Scott,
>
> I got some debug logs here, see if they mean anything to you
> ------------------------------------------------------------------
> 2008-06-05 17:00:02,832 DEBUG
> [org.jasig.cas.CentralAuthenticationServiceImpl] - <Attempting to create
> TicketGrantingTicket for [EMAIL PROTECTED]>
> 2008-06-05 17:00:05,402 INFO
> [org.jasig.cas.authentication.AuthenticationManagerImpl] -
> <AuthenticationHandler:
> nz.co.trimble.cas.adaptors.generic.TrimbleAuthenticationHandler
> successfully
> authenticated the user which provided the following credentials:
> [EMAIL PROTECTED]>
> 2008-06-05 17:00:05,403 DEBUG
> [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Added ticket
> [TGT-2-KtmzHGm2yIIC3bNzbbNbundLfIbYksEjotEc6RMcTTFfj09Knx-cas] to
> registry.>
> 2008-06-05 17:00:05,403 DEBUG
> [org.jasig.cas.web.support.CookieRetrievingCookieGenerator] - <Removed
> cookie with name [CASPRIVACY]>
> 2008-06-05 17:00:05,403 DEBUG
> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Action
> 'AuthenticationViaFormAction' completed execution; result is 'success'>
> 2008-06-05 17:00:05,403 DEBUG
> [org.jasig.cas.web.flow.SendTicketGrantingTicketAction] - <Action
> 'SendTicketGrantingTicketAction' beginning execution>
> 2008-06-05 17:00:05,404 DEBUG
> [org.jasig.cas.web.support.CookieRetrievingCookieGenerator] - <Added cookie
> with name [CASTGC] and value
> [TGT-2-KtmzHGm2yIIC3bNzbbNbundLfIbYksEjotEc6RMcTTFfj09Knx-cas]>
> 2008-06-05 17:00:05,404 DEBUG
> [org.jasig.cas.web.flow.SendTicketGrantingTicketAction] - <Action
> 'SendTicketGrantingTicketAction' completed execution; result is 'success'>
> 2008-06-05 17:00:05,404 DEBUG
> [org.jasig.cas.web.flow.GenerateServiceTicketAction] - <Action
> 'GenerateServiceTicketAction' beginning execution>
> 2008-06-05 17:00:05,404 DEBUG
> [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Attempting to
> retrieve ticket
> [TGT-2-KtmzHGm2yIIC3bNzbbNbundLfIbYksEjotEc6RMcTTFfj09Knx-cas]>
> 2008-06-05 17:00:05,404 DEBUG
> [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Ticket
> [TGT-2-KtmzHGm2yIIC3bNzbbNbundLfIbYksEjotEc6RMcTTFfj09Knx-cas] found in
> registry.>
> 2008-06-05 17:00:05,405 DEBUG
> [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Added ticket
> [ST-2-mkLsF7kDcVG9eZPmzOeQ-cas] to registry.>
> 2008-06-05 17:00:05,405 INFO
> [org.jasig.cas.CentralAuthenticationServiceImpl] - <Granted service ticket
> [ST-2-mkLsF7kDcVG9eZPmzOeQ-cas] for service
> [http://localhost:8084/WebApplication1/] for user
> [EMAIL PROTECTED]>
> 2008-06-05 17:00:05,405 DEBUG
> [org.jasig.cas.web.flow.GenerateServiceTicketAction] - <Action
> 'GenerateServiceTicketAction' completed execution; result is 'success'>
> 2008-06-05 17:00:06,500 DEBUG
> [org.jasig.cas.web.support.SamlArgumentExtractor] - <Extractor generated
> service for: http://localhost:8084/WebApplication1/>
> 2008-06-05 17:00:06,500 DEBUG
> [org.jasig.cas.web.view.Saml10FailureResponseView] - <Rendering view with
> name 'casSamlServiceFailureView' with model {code=INVALID_REQUEST,
> description='service' and 'ticket' parameters are both required} and static
> attributes {}>
> 2008-06-05 17:00:06,500 DEBUG
> [org.jasig.cas.web.support.SamlArgumentExtractor] - <Extractor generated
> service for: http://localhost:8084/WebApplication1/>
> -------------------------------------------------------------------
>
> Also let you know that we are using CAS server 3.2 (it's not on CAS 3.2.1
> yet). Does this matter in this case?
>
> I did not find the CAS client for java 3.1.3 rc2, can you provide me a link
> for this updated?
>
> many thanks,
>
> Kevin
>
> ---------------------------------
>
>
> scott_battaglia wrote:
> >
> > On Tue, Jun 3, 2008 at 5:14 PM, ktian <[EMAIL PROTECTED]> wrote:
> >
> >>
> >> Hi Scott,
> >>
> >> Before I open a JIRA issue, I would like check the other couple of
> >> things.
> >>
> >> 1. Do I need to set up openSAML in CAS server, is there any configration
> >> of
> >> SAML on server side?
> >
> >
> > It should be configured out of the box for SAML.
> >
> >>
> >> 2. I did not see any failing validate a ticket in CAS server logs, may
> be
> >> this because I did not set up logging properly in both server and
> client.
> >> Can you please tell me how to config/setup log4j in both server and
> >> client
> >> to log any exceptions ?
> >
> >
> > I would recommend turning the logging the log4j.properties to DEBUG for
> > org.jasig.cas
> >
> > Also, if you haven't try using CAS Client for Java 3.1.3-rc2 (its in the
> > Maven2 repo on the JASIG servers).
> >
> > -Scott
> >
> >>
> >>
> >> Thanks,
> >>
> >> Kevin
> >>
> >>
> >>
> >> scott_battaglia wrote:
> >> >
> >> > If you look at the major and minor version it is 1.1. The OpenSAML
> >> > library
> >> > is also separate from the protocol so the numbers may not coincide.
> >> >
> >> > Can you open a JIRA issue for this? Because even though the response
> >> is
> >> > technically correct its not getting parsed correctly on the client
> >> side.
> >> > We
> >> > also need to look at why you're getting this response. Anything in
> the
> >> > CAS
> >> > server logs about failing to validate a ticket or anything?
> >> >
> >> > -Scott
> >> >
> >> > On Tue, Jun 3, 2008 at 12:56 AM, ktian <[EMAIL PROTECTED]>
> >> wrote:
> >> >
> >> >>
> >> >> I got the xml response as below,
> >> >>
> >> >> <?xml version="1.0" encoding="UTF-8"?><SOAP-ENV:Envelope
> >> >> xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/
> >> >> "><SOAP-ENV:Header/><SOAP-ENV:Body><Response
> >> >> xmlns="urn:oasis:names:tc:SAML:1.0:protocol"
> >> >> xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"
> >> >> xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol"
> >> >> xmlns:xsd="http://www.w3.org/2001/XMLSchema";
> >> >> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
> >> >> IssueInstant="2008-06-03T04:44:57.143Z" MajorVersion="1"
> >> MinorVersion="1"
> >> >> Recipient="http://localhost:8084/WebApplication1/";
> >> >> ResponseID="_3b62bece2e8da1c10279db04882012ac"><Status><StatusCode
> >> >>
> >> >>
> >>
> Value="samlp:Responder"></StatusCode><StatusMessage>Success</StatusMessage></Status></Response></SOAP-ENV:Body></SOAP-ENV:Envelope>
> >> >>
> >> >> But there is no attributes such as username, etc. Also it uses SAML
> >> 1.0
> >> >> instead of SAML 1.1.
> >> >> It confuses me that I included the openSAML 1.1b.jar in my app, but
> >> got
> >> >> SAML
> >> >> 1.0 response.
> >> >> Please help me out.
> >> >>
> >> >> Thanks,
> >> >>
> >> >> Kevin
> >> >>
> >> >> ------------------------------------------------------
> >> >>
> >> >> scott_battaglia wrote:
> >> >> >
> >> >> > Kevin,
> >> >> >
> >> >> > If you can put the app through something like the Eclipse Debugger
> >> you
> >> >> can
> >> >> > set a breakpoint to grab the value. One of our open items is to
> add
> >> >> more
> >> >> > logging into the client, we unfortunately haven't gotten there yet.
> >> >> >
> >> >> > -Scott
> >> >> >
> >> >> > On Thu, May 29, 2008 at 11:35 PM, ktian <[EMAIL PROTECTED]>
> >> >> wrote:
> >> >> >
> >> >> >>
> >> >> >> Hi Scott,
> >> >> >>
> >> >> >> I tried CAS Client for Java 3.1.2, but it still fails. The
> >> exception
> >> >> as
> >> >> >> follow:
> >> >> >>
> >> >> >>
> >> >> >>
> >> >>
> >>
> ----------------------------------------------------------------------------------
> >> >> >> exception
> >> >> >>
> >> >> >> javax.servlet.ServletException: org.opensaml.SAMLException:
> Success
> >> >> >>
> >> >> >>
> >> >> >>
> >> >>
> >>
> org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(AbstractTicketValidationFilter.java:152)
> >> >> >>
> >> >> >>
> >> >> >>
> >> >>
> >>
> org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(AuthenticationFilter.java:103)
> >> >> >>
> >> >> >>
> >> >> >> root cause
> >> >> >>
> >> >> >> org.jasig.cas.client.validation.TicketValidationException:
> >> >> >> org.opensaml.SAMLException: Success
> >> >> >>
> >> >> >>
> >> >> >>
> >> >>
> >>
> org.jasig.cas.client.validation.Saml11TicketValidator.parseResponseFromServer(Saml11TicketValidator.java:93)
> >> >> >>
> >> >> >>
> >> >> >>
> >> >>
> >>
> org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:165)
> >> >> >>
> >> >> >>
> >> >> >>
> >> >>
> >>
> org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(AbstractTicketValidationFilter.java:129)
> >> >> >>
> >> >> >>
> >> >> >>
> >> >>
> >>
> org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(AuthenticationFilter.java:103)
> >> >> >>
> >> >> >>
> >> >> >> root cause
> >> >> >>
> >> >> >> org.opensaml.SAMLException: Success
> >> >> >> org.opensaml.SAMLException.getInstance(Unknown Source)
> >> >> >> org.opensaml.SAMLResponse.fromDOM(Unknown Source)
> >> >> >> org.opensaml.SAMLResponse.<init>(Unknown Source)
> >> >> >>
> >> >> >>
> >> >> >>
> >> >>
> >>
> org.jasig.cas.client.validation.Saml11TicketValidator.parseResponseFromServer(Saml11TicketValidator.java:48)
> >> >> >>
> >> >> >>
> >> >> >>
> >> >>
> >>
> org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:165)
> >> >> >>
> >> >> >>
> >> >> >>
> >> >>
> >>
> org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(AbstractTicketValidationFilter.java:129)
> >> >> >>
> >> >> >>
> >> >> >>
> >> >>
> >>
> org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(AuthenticationFilter.java:103)
> >> >> >>
> >> >> >>
> >> >> >>
> >> >> >>
> >> >>
> >>
> ---------------------------------------------------------------------------------------------
> >> >> >> Also do you know how to capture the XML response, which is the
> main
> >> >> thing
> >> >> >> I'm tring to retrieve using SAML filter? I want to retrieve the
> CAS
> >> >> >> server
> >> >> >> response.
> >> >> >>
> >> >> >> Many thanks,
> >> >> >>
> >> >> >> Kevin
> >> >> >>
> >> >> >>
> >> >> >>
> >> >> >> scott_battaglia wrote:
> >> >> >> >
> >> >> >> > Have you tried CAS Client for Java 3.1.2? If not, you can grab
> >> it
> >> >> from
> >> >> >> > the
> >> >> >> > public Maven2 repo. If that still fails, can you open a ticket
> >> >> (we're
> >> >> >> > cutting RCs of CAS Client for Java 3.1.3 soon) pasting in the
> >> >> exception
> >> >> >> > and
> >> >> >> > if you can capture the XML response too.
> >> >> >> > Thanks
> >> >> >> > -Scott
> >> >> >> >
> >> >> >> > On Thu, May 29, 2008 at 9:48 PM, ktian <
> [EMAIL PROTECTED]>
> >> >> >> wrote:
> >> >> >> >
> >> >> >> >>
> >> >> >> >> Hi,
> >> >> >> >>
> >> >> >> >> I have :
> >> >> >> >> CAS Client version 3.1
> >> >> >> >> CAS Server version 3.2
> >> >> >> >> Server tomcat : 5.5.26
> >> >> >> >>
> >> >> >> >> I've tried to get Saml11TicketValidationFilter working to
> >> retrieve
> >> >> >> server
> >> >> >> >> response, but I got Exception when CAS server returned a
> ticket:
> >> >> >> >>
> >> >> >> >> java.lang.NumberFormatException: For input string: ""
> >> >> >> >>
> >> >> >> >>
> >> >> >> >>
> >> >> >>
> >> >>
> >>
> java.lang.NumberFormatException.forInputString(NumberFormatException.java:48)
> >> >> >> >> java.lang.Integer.parseInt(Integer.java:468)
> >> >> >> >> java.lang.Integer.parseInt(Integer.java:497)
> >> >> >> >> org.opensaml.SAMLResponse.fromDOM(Unknown Source)
> >> >> >> >> org.opensaml.SAMLResponse.<init>(Unknown Source)
> >> >> >> >>
> >> >> >> >>
> >> >> >> >>
> >> >> >>
> >> >>
> >>
> org.jasig.cas.client.validation.Saml11TicketValidator.parseResponseFromServer(Saml11TicketValidator.java:46)
> >> >> >> >>
> >> >> >> >>
> >> >> >> >>
> >> >> >>
> >> >>
> >>
> org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:165)
> >> >> >> >>
> >> >> >> >>
> >> >> >> >>
> >> >> >>
> >> >>
> >>
> org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(AbstractTicketValidationFilter.java:129)
> >> >> >> >>
> >> >> >> >>
> >> >> >> >>
> >> >> >>
> >> >>
> >>
> org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(AuthenticationFilter.java:103)
> >> >> >> >>
> >> >> >> >> does anyone know how to solve this issue?
> >> >> >> >>
> >> >> >> >> Many Thanks,
> >> >> >> >>
> >> >> >> >> Kevin
> >> >> >> >>
> >> >> >> >>
> >> >> >> >>
> >> >> >> >> --
> >> >> >> >> View this message in context:
> >> >> >> >>
> >> >> >>
> >> >>
> >>
> http://www.nabble.com/retrieve-server-response-issue-tp17548571p17548571.html
> >> >> >> >> Sent from the CAS Users mailing list archive at Nabble.com.
> >> >> >> >>
> >> >> >> >> _______________________________________________
> >> >> >> >> Yale CAS mailing list
> >> >> >> >> [email protected]
> >> >> >> >> http://tp.its.yale.edu/mailman/listinfo/cas
> >> >> >> >>
> >> >> >> >
> >> >> >> >
> >> >> >> >
> >> >> >> > --
> >> >> >> > -Scott Battaglia
> >> >> >> > PGP Public Key Id: 0x383733AA
> >> >> >> > LinkedIn: http://www.linkedin.com/in/scottbattaglia
> >> >> >> >
> >> >> >> > _______________________________________________
> >> >> >> > Yale CAS mailing list
> >> >> >> > [email protected]
> >> >> >> > http://tp.its.yale.edu/mailman/listinfo/cas
> >> >> >> >
> >> >> >> >
> >> >> >>
> >> >> >> --
> >> >> >> View this message in context:
> >> >> >>
> >> >>
> >>
> http://www.nabble.com/retrieve-server-response-issue-tp17548571p17550984.html
> >> >> >> Sent from the CAS Users mailing list archive at Nabble.com.
> >> >> >>
> >> >> >> _______________________________________________
> >> >> >> Yale CAS mailing list
> >> >> >> [email protected]
> >> >> >> http://tp.its.yale.edu/mailman/listinfo/cas
> >> >> >>
> >> >> >
> >> >> >
> >> >> >
> >> >> > --
> >> >> > -Scott Battaglia
> >> >> > PGP Public Key Id: 0x383733AA
> >> >> > LinkedIn: http://www.linkedin.com/in/scottbattaglia
> >> >> >
> >> >> > _______________________________________________
> >> >> > Yale CAS mailing list
> >> >> > [email protected]
> >> >> > http://tp.its.yale.edu/mailman/listinfo/cas
> >> >> >
> >> >> >
> >> >>
> >> >> --
> >> >> View this message in context:
> >> >>
> >>
> http://www.nabble.com/retrieve-server-response-issue-tp17548571p17616042.html
> >> >> Sent from the CAS Users mailing list archive at Nabble.com.
> >> >>
> >> >> _______________________________________________
> >> >> Yale CAS mailing list
> >> >> [email protected]
> >> >> http://tp.its.yale.edu/mailman/listinfo/cas
> >> >>
> >> >
> >> >
> >> >
> >> > --
> >> > -Scott Battaglia
> >> > PGP Public Key Id: 0x383733AA
> >> > LinkedIn: http://www.linkedin.com/in/scottbattaglia
> >> >
> >> > _______________________________________________
> >> > Yale CAS mailing list
> >> > [email protected]
> >> > http://tp.its.yale.edu/mailman/listinfo/cas
> >> >
> >> >
> >>
> >> --
> >> View this message in context:
> >>
> http://www.nabble.com/retrieve-server-response-issue-tp17548571p17633857.html
> >> Sent from the CAS Users mailing list archive at Nabble.com.
> >>
> >> _______________________________________________
> >> Yale CAS mailing list
> >> [email protected]
> >> http://tp.its.yale.edu/mailman/listinfo/cas
> >>
> >
> >
> >
> > --
> > -Scott Battaglia
> > PGP Public Key Id: 0x383733AA
> > LinkedIn: http://www.linkedin.com/in/scottbattaglia
> >
> > _______________________________________________
> > Yale CAS mailing list
> > [email protected]
> > http://tp.its.yale.edu/mailman/listinfo/cas
> >
> >
>
> --
> View this message in context:
> http://www.nabble.com/retrieve-server-response-issue-tp17548571p17662311.html
> Sent from the CAS Users mailing list archive at Nabble.com.
>
> _______________________________________________
> Yale CAS mailing list
> [email protected]
> http://tp.its.yale.edu/mailman/listinfo/cas
>
--
-Scott Battaglia
PGP Public Key Id: 0x383733AA
LinkedIn: http://www.linkedin.com/in/scottbattaglia
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
