> Alex, > > It sounds like you didn¹t get all of the necessary JARs from the CAS Client > 3.1.1 release. Make sure to copy the following JARs from the CAS Client 3.1.1 > release into your application¹s /WEB-INF/lib/ directory: > > * cas-client-core-3.1.1.jar > * commons-logging-1.1.jar > * xmlsec-1.3.0.jar > > In configuring the validation filter, you noted a common obstacle for people: > the serverName and casServerUrlPrefix parameters. The serverName parameter > tells the CAS client, ³This is the URL of the application server I am > protecting; this will be used when requesting and validating service tickets². > The casServerUrlPrefix parameter tells the CAS client, ³This is the CAS server > I will refer unauthenticated users to and validate service tickets against². > > HTH, > A- > > > > > > From: [EMAIL PROTECTED] > To: [email protected] > Subject: RE: CAS basic questions > Date: Wed, 30 Jul 2008 21:17:18 +0000 > > Hi, > > Thank you for all the help. > > My CAS 1 for application B is working but I want to upgrade application B to > CAS 2 configuration > Here is what I did > (1). I downloaded cas-client-3.1.1 and extracted it to C:\, then I copied > cas-client-core-3.1.1.jar from C:\cas-client-3.1.1\modules to my application > B's WEB-INF\lib > I want to know if I copy the right file "cas-client-core-3.1.1.jar" to the > right place? > (2). I modified the filters in web.xml like below for application B > > ..... > <filter> > <filter-name>CAS Authentication Filter</filter-name> > > <filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter > -class> > <init-param> > <param-name>casServerLoginUrl</param-name> > <param-value>https://myhost.mycompany:8443/cas/login</param-value> > </init-param> > <init-param> > <param-name>service</param-name> > > <param-value>http://myhost.mycompany:8080/testme/test.jsp</param-value> > </init-param> > <init-param> > <param-name>serverName</param-name> > <param-value>myhost.mycompany:8080</param-value> > </init-param> > > </filter> > > > <filter> > <filter-name>CAS Validation Filter</filter-name> > <filter-class>org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidat > ionFilter</filter-class> > <init-param> > <param-name>casServerUrlPrefix</param-name> > <param-value>https://myhost.mycompany:8443/cas</param-value> > </init-param> > <init-param> > <param-name>serverName</param-name> > <param-value>http://myhost.mycompany:8080</param-value> > </init-param> > </filter> > > <filter> > <filter-name>CAS HttpServletRequest Wrapper Filter</filter-name> > > <filter-class>org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filte > r-class> > </filter> > > <filter-mapping> > <filter-name>CAS Authentication Filter</filter-name> > <url-pattern>/*</url-pattern> > </filter-mapping> > > <filter-mapping> > <filter-name>CAS Validation Filter</filter-name> > <url-pattern>/*</url-pattern> > </filter-mapping> > > <filter-mapping> > <filter-name>CAS HttpServletRequest Wrapper Filter</filter-name> > <url-pattern>/*</url-pattern> > </filter-mapping> > ...... > > After I re-start the Tomcat and run the application B again, I have the > following error message > > ... > *exception* > > java.lang.RuntimeException: Unable to create XMLReader > org.jasig.cas.client.util.XmlUtils.getXmlReader(XmlUtils.java:44) > org.jasig.cas.client.util.XmlUtils.getTextForElement(XmlUtils.java:116) > > org.jasig.cas.client.validation.Cas20ServiceTicketValidator.parseResponseFromS > erver(Cas20ServiceTicketValidator.java:61) > > org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(Abstr > actUrlBasedTicketValidator.java:165) > > org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(Abstra > ctTicketValidationFilter.java:129) > > org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(Authenticati > onFilter.java:103) > .... > > Do you know what it's wrong? > > My questions are > 1. I downloaded the right cas client and put it to the right place? > 2. my cas filters above are correct in web.xml? > 3. In CAS 1, I use "<param-name>casUrlServerPrefix</param-name>", it works. > But your website for CAS20 is "<param-name>casServerUrlPrefix</param-name>". > After I replaced my CAS 1's "casUrlServerPrefix" to "casServerUrlPrefix", my > application B in CAS 1 doesn't work. So, is it a spelling error in your site? > 4. In your website for CAS 20, you have > > <filter> > <filter-name>CAS Validation Filter</filter-name> > <filter-class>org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidat > ionFilter</filter-class> > <init-param> > <param-name>casServerUrlPrefix</param-name> > <param-value>https://battags.ad.ess.rutgers.edu:8443/cas</param-value> > </init-param> > <init-param> > <param-name>serverName</param-name> > <param-value>http://www.acme-client.com</param-value> > </init-param> > </filter> > > I got confused that the value of "serverNameserverName" is so different to the > value of "casServerUrlPrefix" > Why? Can you explain a bit more? What I think the value of "serverName" > should be something like "http://battags.ad.ess.rutgers.edu"; or > "http://battags.ad.ess.rutgers.edu:8080"; > > > Thanks, > > > Alex > > > > > > > Date: Wed, 30 Jul 2008 12:13:57 -0500 > Subject: Re: CAS basic questions > From: [EMAIL PROTECTED] > To: [EMAIL PROTECTED]; [email protected] > > Alex, > > Firstly, here are some useful URLs in the JA-SIG wiki documentation: > > JA-SIG CAS Client Home > http://www.ja-sig.org/wiki/display/CASC/ > > JA-SIG CAS 3.1 client > http://www.ja-sig.org/wiki/display/CASC/Configuring+the+JA-SIG+CAS+Client+for+ > Java+in+the+web.xml > > Yale CAS client > http://www.ja-sig.org/wiki/display/CASC/Yale+Java+Client > > For ³Hello World², you are using CAS 2.0 due to the /serviceValidate servlet > for the edu.yale.its.tp.cas.client.filter.validateUrl > For application B, you are using CAS 1.0 due to Cas10TicketValidationFilter > filter > > If you want to use CAS 2.0 with application B, which is using the JA-SIG CAS > client, then you will need to switch the validation filter to use the > org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter as > found on the JA-SIG CAS 3.1 client link above. > > HTH, > A- > > > On 7/30/08 11:50 AM, "Alex Johnson" <[EMAIL PROTECTED] > <http://hotmail.com/> > wrote: > >> >> Hi, >> >> Thank you for your quick answer. I want to ask a bit more about this. I want >> to know which CAS architecture ( CAS1 or CAS2) I am using in my setting. >> >> For "Hello World" application, the setting is exactly like the demo, and the >> web.xml is like below, the same as demo >> >> ..... >> <filter> >> <filter-name>CAS Filter</filter-name> >> <filter-class>edu.yale.its.tp.cas.client.filter.CASFilter</filter-class> >> <init-param> >> <param-name>edu.yale.its.tp.cas.client.filter.loginUrl</param-name> >> <param-value>https://compA:8443/cas/login</param-value> >> <https://compa:8443/cas/login%3C/param-value%3E> >> </init-param> >> <init-param> >> <param-name>edu.yale.its.tp.cas.client.filter.validateUrl</param-name> >> <param-value>https://compA:8443/cas/serviceValidate</param-value> >> <https://compa:8443/cas/serviceValidate%3C/param-value%3E> >> </init-param> >> <init-param> >> <param-name>edu.yale.its.tp.cas.client.filter.serverName</param-name> >> <param-value>compA:8080</param-value> >> </init-param> >> </filter> >> >> <filter-mapping> >> <filter-name>CAS Filter</filter-name> >> <url-pattern>/servlet/HelloWorldExample</url-pattern> >> </filter-mapping> >> ..... >> For the application B, in web.xml, it's like below >> >> ..... >> <filter> >> <filter-name>CAS Authentication Filter</filter-name> >> >> <filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filte >> r-class> >> <init-param> >> <param-name>casServerLoginUrl</param-name> >> <param-value>https://compA:8443/cas/login</param-value> >> <https://compa:8443/cas/login%3C/param-value%3E> >> </init-param> >> <init-param> >> <param-name>service</param-name> >> <param-value>http://compA:8080/testme/test.jsp</param-value> >> <http://compa:8080/testme/test.jsp%3C/param-value%3E> >> </init-param> >> <init-param> >> <param-name>serverName</param-name> >> <param-value>compA:8080</param-value> >> </init-param> >> </filter> >> >> <filter> >> <filter-name>CAS Validation Filter</filter-name> >> >> <filter-class>org.jasig.cas.client.validation.Cas10TicketValidationFilter</fi >> lter-class> >> <init-param> >> <param-name>casUrlServerPrefix</param-name> >> <param-value>https://compA:8443/cas</param-value> >> <https://compa:8443/cas%3C/param-value%3E> >> </init-param> >> <init-param> >> <param-name>serverName</param-name> >> <param-value>compA:8080</param-value> >> </init-param> >> </filter> >> >> <filter> >> <filter-name>CAS HttpServletRequest Wrapper Filter</filter-name> >> >> <filter-class>org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filt >> er-class> >> </filter> >> >> <filter-mapping> >> <filter-name>CAS Authentication Filter</filter-name> >> <url-pattern>/*</url-pattern> >> </filter-mapping> >> >> <filter-mapping> >> <filter-name>CAS Validation Filter</filter-name> >> <url-pattern>/*</url-pattern> >> </filter-mapping> >> >> <filter-mapping> >> <filter-name>CAS HttpServletRequest Wrapper Filter</filter-name> >> <url-pattern>/*</url-pattern> >> </filter-mapping> >> ...... >> >> So, based on above, am I using CAS 1 configuration or CAS 2 configuration for >> both applications-"Hello World" and B? Also, determine if using CAS 1 or CAS >> 2, it's based on the setting in web.xml? >> >> If I am using CAS 1, how can I change above (web.xml) to become CAS 2? >> >> Sorry for all the silly questions. >> >> Thanks, >> >> >> Alex >> >> >> >> >> >> >> Date: Wed, 30 Jul 2008 11:29:11 -0400 >> From: [EMAIL PROTECTED] <http://gmail.com/> >> To: [EMAIL PROTECTED] <http://louisfashionhouse.com/> ; >> [email protected] <http://tp.its.yale.edu/> >> Subject: Re: CAS basic questions >> >> >> On Wed, Jul 30, 2008 at 11:02 AM, Alex Johnson <[EMAIL PROTECTED] >> <http://hotmail.com/> > wrote: >>> Hi, >>> >>> I am a newbie here. I follow the link >>> http://www.ja-sig.org/wiki/display/CASUM/Demo >>> to set up CAS on the following envirment. >>> >>> Windows XP >>> Tomcat 5.5.23 >>> CAS client 2.1.1 >>> CAS 3.2.1 >>> >>> my http://mymachinename:8080/servlets-examples/servlet/HelloWorldExample >>> <http://mymachinename:8080/servlets-examples/servlet/HelloWorldExample> >>> works. It is redirected to CAS login page. After I input login, it is >>> redirected back to open "Hello World" >>> Then I go a step forward to put another simple Java application (B) into >>> Tomcat and pointed to the same CAS. It works too. I can open "Hello World" >>> application and no need to login CAS again to open another application (B), >>> or After I login into B, I don't need to login into CAS again for "Hello >>> World" application >>> >>> My question is >>> >>> 1. After I make these work, am I in CAS 1 or CAS 2? >> Well you're running CAS 3.2.1 and utilizing either the CAS1 or CAS2 protocol, >> depending on how you've configured your CAS client. >>> >>> 2. I am using CAS client 2.1.1 or CAS server 3.2.1, does it mean I am using >>> CAS 2? >> >> Using CAS 3.2.1 you have the optional of three protocols: CAS1, CAS2, SAML >> 1.1. Since you're using the Yale CAS Client 2.1.1, you're only supporting >> CAS 1 or CAS2 on the client side. Which one you are using depends on your >> configuration. Both will work fine. >> >> -Scott >> >>> >>> >>> Thanks, >>> >>> >>> Alex >>> >>> >>> >>> >>> _______________________________________________ >>> Yale CAS mailing list >>> [email protected] <http://tp.its.yale.edu/> >>> http://tp.its.yale.edu/mailman/listinfo/cas >>> >> >> >> >> _______________________________________________ >> Yale CAS mailing list >> [email protected] <http://tp.its.yale.edu/> >> http://tp.its.yale.edu/mailman/listinfo/cas
-- Andrew R. Feller, Analyst Information Technology Services 200 Fred Frey Building Louisiana State University Baton Rouge, LA 70803 (225) 578-3737 (Office) (225) 578-6400 (Fax)
_______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
