Hi Scott,
I upgraded to CAS Client for java 3.1.3 rc2, but it does not help. I still
get the same exception.
Thanks,
Kevin
scott_battaglia wrote:
>
> Well you'll be happy to know I found what the problem is :-) I still have
> to look at the solution:
>
> [org.jasig.cas.web.view.Saml10FailureResponseView] - <Rendering view with
> name 'casSamlServiceFailureView' with model {code=INVALID_REQUEST,
> description='service' and 'ticket' parameters are both required} and
> static
> attributes {}>
>
> The description isn't accurate but what it means was it was not able to
> extract the service and or the artifact from the request. Try upgrading
> to
> CAS Client for Java 3.1.3 RC2 and see if it helps: CAS Client for Java
> 3.1.3
> RC2 is located in our Maven2 repository:
> http://developer.ja-sig.org/maven2
>
> If it doesn't help then that narrows down the problem. :-)
>
> Thanks
> -Scott
>
>
> On Thu, Jun 5, 2008 at 1:16 AM, ktian <[EMAIL PROTECTED]> wrote:
>
>>
>> Hi Scott,
>>
>> I got some debug logs here, see if they mean anything to you
>> ------------------------------------------------------------------
>> 2008-06-05 17:00:02,832 DEBUG
>> [org.jasig.cas.CentralAuthenticationServiceImpl] - <Attempting to create
>> TicketGrantingTicket for [EMAIL PROTECTED]>
>> 2008-06-05 17:00:05,402 INFO
>> [org.jasig.cas.authentication.AuthenticationManagerImpl] -
>> <AuthenticationHandler:
>> nz.co.trimble.cas.adaptors.generic.TrimbleAuthenticationHandler
>> successfully
>> authenticated the user which provided the following credentials:
>> [EMAIL PROTECTED]>
>> 2008-06-05 17:00:05,403 DEBUG
>> [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Added ticket
>> [TGT-2-KtmzHGm2yIIC3bNzbbNbundLfIbYksEjotEc6RMcTTFfj09Knx-cas] to
>> registry.>
>> 2008-06-05 17:00:05,403 DEBUG
>> [org.jasig.cas.web.support.CookieRetrievingCookieGenerator] - <Removed
>> cookie with name [CASPRIVACY]>
>> 2008-06-05 17:00:05,403 DEBUG
>> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Action
>> 'AuthenticationViaFormAction' completed execution; result is 'success'>
>> 2008-06-05 17:00:05,403 DEBUG
>> [org.jasig.cas.web.flow.SendTicketGrantingTicketAction] - <Action
>> 'SendTicketGrantingTicketAction' beginning execution>
>> 2008-06-05 17:00:05,404 DEBUG
>> [org.jasig.cas.web.support.CookieRetrievingCookieGenerator] - <Added
>> cookie
>> with name [CASTGC] and value
>> [TGT-2-KtmzHGm2yIIC3bNzbbNbundLfIbYksEjotEc6RMcTTFfj09Knx-cas]>
>> 2008-06-05 17:00:05,404 DEBUG
>> [org.jasig.cas.web.flow.SendTicketGrantingTicketAction] - <Action
>> 'SendTicketGrantingTicketAction' completed execution; result is
>> 'success'>
>> 2008-06-05 17:00:05,404 DEBUG
>> [org.jasig.cas.web.flow.GenerateServiceTicketAction] - <Action
>> 'GenerateServiceTicketAction' beginning execution>
>> 2008-06-05 17:00:05,404 DEBUG
>> [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Attempting to
>> retrieve ticket
>> [TGT-2-KtmzHGm2yIIC3bNzbbNbundLfIbYksEjotEc6RMcTTFfj09Knx-cas]>
>> 2008-06-05 17:00:05,404 DEBUG
>> [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Ticket
>> [TGT-2-KtmzHGm2yIIC3bNzbbNbundLfIbYksEjotEc6RMcTTFfj09Knx-cas] found in
>> registry.>
>> 2008-06-05 17:00:05,405 DEBUG
>> [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Added ticket
>> [ST-2-mkLsF7kDcVG9eZPmzOeQ-cas] to registry.>
>> 2008-06-05 17:00:05,405 INFO
>> [org.jasig.cas.CentralAuthenticationServiceImpl] - <Granted service
>> ticket
>> [ST-2-mkLsF7kDcVG9eZPmzOeQ-cas] for service
>> [http://localhost:8084/WebApplication1/] for user
>> [EMAIL PROTECTED]>
>> 2008-06-05 17:00:05,405 DEBUG
>> [org.jasig.cas.web.flow.GenerateServiceTicketAction] - <Action
>> 'GenerateServiceTicketAction' completed execution; result is 'success'>
>> 2008-06-05 17:00:06,500 DEBUG
>> [org.jasig.cas.web.support.SamlArgumentExtractor] - <Extractor generated
>> service for: http://localhost:8084/WebApplication1/>
>> 2008-06-05 17:00:06,500 DEBUG
>> [org.jasig.cas.web.view.Saml10FailureResponseView] - <Rendering view with
>> name 'casSamlServiceFailureView' with model {code=INVALID_REQUEST,
>> description='service' and 'ticket' parameters are both required} and
>> static
>> attributes {}>
>> 2008-06-05 17:00:06,500 DEBUG
>> [org.jasig.cas.web.support.SamlArgumentExtractor] - <Extractor generated
>> service for: http://localhost:8084/WebApplication1/>
>> -------------------------------------------------------------------
>>
>> Also let you know that we are using CAS server 3.2 (it's not on CAS 3.2.1
>> yet). Does this matter in this case?
>>
>> I did not find the CAS client for java 3.1.3 rc2, can you provide me a
>> link
>> for this updated?
>>
>> many thanks,
>>
>> Kevin
>>
>> ---------------------------------
>>
>>
>> scott_battaglia wrote:
>> >
>> > On Tue, Jun 3, 2008 at 5:14 PM, ktian <[EMAIL PROTECTED]> wrote:
>> >
>> >>
>> >> Hi Scott,
>> >>
>> >> Before I open a JIRA issue, I would like check the other couple of
>> >> things.
>> >>
>> >> 1. Do I need to set up openSAML in CAS server, is there any
>> configration
>> >> of
>> >> SAML on server side?
>> >
>> >
>> > It should be configured out of the box for SAML.
>> >
>> >>
>> >> 2. I did not see any failing validate a ticket in CAS server logs, may
>> be
>> >> this because I did not set up logging properly in both server and
>> client.
>> >> Can you please tell me how to config/setup log4j in both server and
>> >> client
>> >> to log any exceptions ?
>> >
>> >
>> > I would recommend turning the logging the log4j.properties to DEBUG for
>> > org.jasig.cas
>> >
>> > Also, if you haven't try using CAS Client for Java 3.1.3-rc2 (its in
>> the
>> > Maven2 repo on the JASIG servers).
>> >
>> > -Scott
>> >
>> >>
>> >>
>> >> Thanks,
>> >>
>> >> Kevin
>> >>
>> >>
>> >>
>> >> scott_battaglia wrote:
>> >> >
>> >> > If you look at the major and minor version it is 1.1. The OpenSAML
>> >> > library
>> >> > is also separate from the protocol so the numbers may not coincide.
>> >> >
>> >> > Can you open a JIRA issue for this? Because even though the
>> response
>> >> is
>> >> > technically correct its not getting parsed correctly on the client
>> >> side.
>> >> > We
>> >> > also need to look at why you're getting this response. Anything in
>> the
>> >> > CAS
>> >> > server logs about failing to validate a ticket or anything?
>> >> >
>> >> > -Scott
>> >> >
>> >> > On Tue, Jun 3, 2008 at 12:56 AM, ktian <[EMAIL PROTECTED]>
>> >> wrote:
>> >> >
>> >> >>
>> >> >> I got the xml response as below,
>> >> >>
>> >> >> <?xml version="1.0" encoding="UTF-8"?><SOAP-ENV:Envelope
>> >> >> xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/
>> >> >> "><SOAP-ENV:Header/><SOAP-ENV:Body><Response
>> >> >> xmlns="urn:oasis:names:tc:SAML:1.0:protocol"
>> >> >> xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"
>> >> >> xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol"
>> >> >> xmlns:xsd="http://www.w3.org/2001/XMLSchema";
>> >> >> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
>> >> >> IssueInstant="2008-06-03T04:44:57.143Z" MajorVersion="1"
>> >> MinorVersion="1"
>> >> >> Recipient="http://localhost:8084/WebApplication1/";
>> >> >> ResponseID="_3b62bece2e8da1c10279db04882012ac"><Status><StatusCode
>> >> >>
>> >> >>
>> >>
>> Value="samlp:Responder"></StatusCode><StatusMessage>Success</StatusMessage></Status></Response></SOAP-ENV:Body></SOAP-ENV:Envelope>
>> >> >>
>> >> >> But there is no attributes such as username, etc. Also it uses SAML
>> >> 1.0
>> >> >> instead of SAML 1.1.
>> >> >> It confuses me that I included the openSAML 1.1b.jar in my app, but
>> >> got
>> >> >> SAML
>> >> >> 1.0 response.
>> >> >> Please help me out.
>> >> >>
>> >> >> Thanks,
>> >> >>
>> >> >> Kevin
>> >> >>
>> >> >> ------------------------------------------------------
>> >> >>
>> >> >> scott_battaglia wrote:
>> >> >> >
>> >> >> > Kevin,
>> >> >> >
>> >> >> > If you can put the app through something like the Eclipse
>> Debugger
>> >> you
>> >> >> can
>> >> >> > set a breakpoint to grab the value. One of our open items is to
>> add
>> >> >> more
>> >> >> > logging into the client, we unfortunately haven't gotten there
>> yet.
>> >> >> >
>> >> >> > -Scott
>> >> >> >
>> >> >> > On Thu, May 29, 2008 at 11:35 PM, ktian
>> <[EMAIL PROTECTED]>
>> >> >> wrote:
>> >> >> >
>> >> >> >>
>> >> >> >> Hi Scott,
>> >> >> >>
>> >> >> >> I tried CAS Client for Java 3.1.2, but it still fails. The
>> >> exception
>> >> >> as
>> >> >> >> follow:
>> >> >> >>
>> >> >> >>
>> >> >> >>
>> >> >>
>> >>
>> ----------------------------------------------------------------------------------
>> >> >> >> exception
>> >> >> >>
>> >> >> >> javax.servlet.ServletException: org.opensaml.SAMLException:
>> Success
>> >> >> >>
>> >> >> >>
>> >> >> >>
>> >> >>
>> >>
>> org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(AbstractTicketValidationFilter.java:152)
>> >> >> >>
>> >> >> >>
>> >> >> >>
>> >> >>
>> >>
>> org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(AuthenticationFilter.java:103)
>> >> >> >>
>> >> >> >>
>> >> >> >> root cause
>> >> >> >>
>> >> >> >> org.jasig.cas.client.validation.TicketValidationException:
>> >> >> >> org.opensaml.SAMLException: Success
>> >> >> >>
>> >> >> >>
>> >> >> >>
>> >> >>
>> >>
>> org.jasig.cas.client.validation.Saml11TicketValidator.parseResponseFromServer(Saml11TicketValidator.java:93)
>> >> >> >>
>> >> >> >>
>> >> >> >>
>> >> >>
>> >>
>> org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:165)
>> >> >> >>
>> >> >> >>
>> >> >> >>
>> >> >>
>> >>
>> org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(AbstractTicketValidationFilter.java:129)
>> >> >> >>
>> >> >> >>
>> >> >> >>
>> >> >>
>> >>
>> org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(AuthenticationFilter.java:103)
>> >> >> >>
>> >> >> >>
>> >> >> >> root cause
>> >> >> >>
>> >> >> >> org.opensaml.SAMLException: Success
>> >> >> >> org.opensaml.SAMLException.getInstance(Unknown Source)
>> >> >> >> org.opensaml.SAMLResponse.fromDOM(Unknown Source)
>> >> >> >> org.opensaml.SAMLResponse.<init>(Unknown Source)
>> >> >> >>
>> >> >> >>
>> >> >> >>
>> >> >>
>> >>
>> org.jasig.cas.client.validation.Saml11TicketValidator.parseResponseFromServer(Saml11TicketValidator.java:48)
>> >> >> >>
>> >> >> >>
>> >> >> >>
>> >> >>
>> >>
>> org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:165)
>> >> >> >>
>> >> >> >>
>> >> >> >>
>> >> >>
>> >>
>> org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(AbstractTicketValidationFilter.java:129)
>> >> >> >>
>> >> >> >>
>> >> >> >>
>> >> >>
>> >>
>> org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(AuthenticationFilter.java:103)
>> >> >> >>
>> >> >> >>
>> >> >> >>
>> >> >> >>
>> >> >>
>> >>
>> ---------------------------------------------------------------------------------------------
>> >> >> >> Also do you know how to capture the XML response, which is the
>> main
>> >> >> thing
>> >> >> >> I'm tring to retrieve using SAML filter? I want to retrieve the
>> CAS
>> >> >> >> server
>> >> >> >> response.
>> >> >> >>
>> >> >> >> Many thanks,
>> >> >> >>
>> >> >> >> Kevin
>> >> >> >>
>> >> >> >>
>> >> >> >>
>> >> >> >> scott_battaglia wrote:
>> >> >> >> >
>> >> >> >> > Have you tried CAS Client for Java 3.1.2? If not, you can
>> grab
>> >> it
>> >> >> from
>> >> >> >> > the
>> >> >> >> > public Maven2 repo. If that still fails, can you open a
>> ticket
>> >> >> (we're
>> >> >> >> > cutting RCs of CAS Client for Java 3.1.3 soon) pasting in the
>> >> >> exception
>> >> >> >> > and
>> >> >> >> > if you can capture the XML response too.
>> >> >> >> > Thanks
>> >> >> >> > -Scott
>> >> >> >> >
>> >> >> >> > On Thu, May 29, 2008 at 9:48 PM, ktian <
>> [EMAIL PROTECTED]>
>> >> >> >> wrote:
>> >> >> >> >
>> >> >> >> >>
>> >> >> >> >> Hi,
>> >> >> >> >>
>> >> >> >> >> I have :
>> >> >> >> >> CAS Client version 3.1
>> >> >> >> >> CAS Server version 3.2
>> >> >> >> >> Server tomcat : 5.5.26
>> >> >> >> >>
>> >> >> >> >> I've tried to get Saml11TicketValidationFilter working to
>> >> retrieve
>> >> >> >> server
>> >> >> >> >> response, but I got Exception when CAS server returned a
>> ticket:
>> >> >> >> >>
>> >> >> >> >> java.lang.NumberFormatException: For input string: ""
>> >> >> >> >>
>> >> >> >> >>
>> >> >> >> >>
>> >> >> >>
>> >> >>
>> >>
>> java.lang.NumberFormatException.forInputString(NumberFormatException.java:48)
>> >> >> >> >> java.lang.Integer.parseInt(Integer.java:468)
>> >> >> >> >> java.lang.Integer.parseInt(Integer.java:497)
>> >> >> >> >> org.opensaml.SAMLResponse.fromDOM(Unknown Source)
>> >> >> >> >> org.opensaml.SAMLResponse.<init>(Unknown Source)
>> >> >> >> >>
>> >> >> >> >>
>> >> >> >> >>
>> >> >> >>
>> >> >>
>> >>
>> org.jasig.cas.client.validation.Saml11TicketValidator.parseResponseFromServer(Saml11TicketValidator.java:46)
>> >> >> >> >>
>> >> >> >> >>
>> >> >> >> >>
>> >> >> >>
>> >> >>
>> >>
>> org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:165)
>> >> >> >> >>
>> >> >> >> >>
>> >> >> >> >>
>> >> >> >>
>> >> >>
>> >>
>> org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(AbstractTicketValidationFilter.java:129)
>> >> >> >> >>
>> >> >> >> >>
>> >> >> >> >>
>> >> >> >>
>> >> >>
>> >>
>> org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(AuthenticationFilter.java:103)
>> >> >> >> >>
>> >> >> >> >> does anyone know how to solve this issue?
>> >> >> >> >>
>> >> >> >> >> Many Thanks,
>> >> >> >> >>
>> >> >> >> >> Kevin
>> >> >> >> >>
>> >> >> >> >>
>> >> >> >> >>
>> >> >> >> >> --
>> >> >> >> >> View this message in context:
>> >> >> >> >>
>> >> >> >>
>> >> >>
>> >>
>> http://www.nabble.com/retrieve-server-response-issue-tp17548571p17548571.html
>> >> >> >> >> Sent from the CAS Users mailing list archive at Nabble.com.
>> >> >> >> >>
>> >> >> >> >> _______________________________________________
>> >> >> >> >> Yale CAS mailing list
>> >> >> >> >> [email protected]
>> >> >> >> >> http://tp.its.yale.edu/mailman/listinfo/cas
>> >> >> >> >>
>> >> >> >> >
>> >> >> >> >
>> >> >> >> >
>> >> >> >> > --
>> >> >> >> > -Scott Battaglia
>> >> >> >> > PGP Public Key Id: 0x383733AA
>> >> >> >> > LinkedIn: http://www.linkedin.com/in/scottbattaglia
>> >> >> >> >
>> >> >> >> > _______________________________________________
>> >> >> >> > Yale CAS mailing list
>> >> >> >> > [email protected]
>> >> >> >> > http://tp.its.yale.edu/mailman/listinfo/cas
>> >> >> >> >
>> >> >> >> >
>> >> >> >>
>> >> >> >> --
>> >> >> >> View this message in context:
>> >> >> >>
>> >> >>
>> >>
>> http://www.nabble.com/retrieve-server-response-issue-tp17548571p17550984.html
>> >> >> >> Sent from the CAS Users mailing list archive at Nabble.com.
>> >> >> >>
>> >> >> >> _______________________________________________
>> >> >> >> Yale CAS mailing list
>> >> >> >> [email protected]
>> >> >> >> http://tp.its.yale.edu/mailman/listinfo/cas
>> >> >> >>
>> >> >> >
>> >> >> >
>> >> >> >
>> >> >> > --
>> >> >> > -Scott Battaglia
>> >> >> > PGP Public Key Id: 0x383733AA
>> >> >> > LinkedIn: http://www.linkedin.com/in/scottbattaglia
>> >> >> >
>> >> >> > _______________________________________________
>> >> >> > Yale CAS mailing list
>> >> >> > [email protected]
>> >> >> > http://tp.its.yale.edu/mailman/listinfo/cas
>> >> >> >
>> >> >> >
>> >> >>
>> >> >> --
>> >> >> View this message in context:
>> >> >>
>> >>
>> http://www.nabble.com/retrieve-server-response-issue-tp17548571p17616042.html
>> >> >> Sent from the CAS Users mailing list archive at Nabble.com.
>> >> >>
>> >> >> _______________________________________________
>> >> >> Yale CAS mailing list
>> >> >> [email protected]
>> >> >> http://tp.its.yale.edu/mailman/listinfo/cas
>> >> >>
>> >> >
>> >> >
>> >> >
>> >> > --
>> >> > -Scott Battaglia
>> >> > PGP Public Key Id: 0x383733AA
>> >> > LinkedIn: http://www.linkedin.com/in/scottbattaglia
>> >> >
>> >> > _______________________________________________
>> >> > Yale CAS mailing list
>> >> > [email protected]
>> >> > http://tp.its.yale.edu/mailman/listinfo/cas
>> >> >
>> >> >
>> >>
>> >> --
>> >> View this message in context:
>> >>
>> http://www.nabble.com/retrieve-server-response-issue-tp17548571p17633857.html
>> >> Sent from the CAS Users mailing list archive at Nabble.com.
>> >>
>> >> _______________________________________________
>> >> Yale CAS mailing list
>> >> [email protected]
>> >> http://tp.its.yale.edu/mailman/listinfo/cas
>> >>
>> >
>> >
>> >
>> > --
>> > -Scott Battaglia
>> > PGP Public Key Id: 0x383733AA
>> > LinkedIn: http://www.linkedin.com/in/scottbattaglia
>> >
>> > _______________________________________________
>> > Yale CAS mailing list
>> > [email protected]
>> > http://tp.its.yale.edu/mailman/listinfo/cas
>> >
>> >
>>
>> --
>> View this message in context:
>> http://www.nabble.com/retrieve-server-response-issue-tp17548571p17662311.html
>> Sent from the CAS Users mailing list archive at Nabble.com.
>>
>> _______________________________________________
>> Yale CAS mailing list
>> [email protected]
>> http://tp.its.yale.edu/mailman/listinfo/cas
>>
>
>
>
> --
> -Scott Battaglia
> PGP Public Key Id: 0x383733AA
> LinkedIn: http://www.linkedin.com/in/scottbattaglia
>
> _______________________________________________
> Yale CAS mailing list
> [email protected]
> http://tp.its.yale.edu/mailman/listinfo/cas
>
>
--
View this message in context:
http://www.nabble.com/retrieve-server-response-issue-tp17548571p17679380.html
Sent from the CAS Users mailing list archive at Nabble.com.
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
