Thanks scot,
In CAS 3.0.3 it was enough to do those configurations to pass addtional
information to the client, but it looks to me it is not the case with CAS
3.2.1.1, there wasn't any confilict with my custom principal conflicting
with CAS services earlier 3.0.x.
But it looks to me now it is different, I can't understand why we preserve
the above feature in CAS 3.2.1.1. Any how one of the things which I observed
is SimplePrincipal is hard wired in top level classes like
CentralAuthenticationServiceImpl. Which was not the case in CAS 3.0.x, Any
how all are observations, these changes are for some reason.
We thougth there are two paths for us to proceed with CAS 3.2..1.1 with
regards to this
1) modify the SimplePrinical to have more properties similar to my Custom
Principal and with no other additional configuration.
2) change the deployerConfigContext.xml to have our own
RegisteredServiceImpl
As above no 2 is not clear as a easy approach we did add addtional setter
and getters for the SimplePrincipal, the result was there wasn't any errors
but did not pass additional attributes to the client apart from id, Do we
have to add the addtional attributes some where.
The best we like to have is above no 2, which is not clear for us, can you
pls elaborate it with a example. are you refereing to the following, can
you provide us a sample. What exactly the service you are refering here.
<bean
id="serviceRegistryDao"
class="org.jasig.cas.services.InMemoryServiceRegistryDaoImpl" />
What exactly do we have to do?
As I described in my previous mails the success service validae protocoal
jsp looks as follows with additional information
<%@ page session="false" %><%@ taglib prefix="c"
uri="http://java.sun.com/jsp/jstl/core"; %><%@ taglib
uri="http://java.sun.com/jsp/jstl/functions"; prefix="fn"
%><cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'>
<cas:authenticationSuccess>
<cas:user>${fn:escapeXml(assertion.chainedAuthentications[fn:length(assertion.chainedAuthentications)-1].principal.id)}</cas:user>
<cas:firstName>${fn:escapeXml(assertion.chainedAuthentications[fn:length(assertion.chainedAuthentications)-1].principal.firstName)}</cas:firstName>
<cas:middleName>${fn:escapeXml(assertion.chainedAuthentications[fn:length(assertion.chainedAuthentications)-1].principal.middleName)}</cas:middleName>
<cas:lastName>${fn:escapeXml(assertion.chainedAuthentications[fn:length(assertion.chainedAuthentications)-1].principal.lastName)}</cas:lastName>
<cas:displayName>${fn:escapeXml(assertion.chainedAuthentications[fn:length(assertion.chainedAuthentications)-1].principal.displayName)}</cas:displayName>
<cas:userType>${fn:escapeXml(assertion.chainedAuthentications[fn:length(assertion.chainedAuthentications)-1].principal.userType)}</cas:userType>
<c:if test="${not empty pgtIou}">
<cas:proxyGrantingTicket>${pgtIou}</cas:proxyGrantingTicket>
</c:if>
<c:if test="${fn:length(assertion.chainedAuthentications) > 1}">
<cas:proxies>
<c:forEach var="proxy" items="${assertion.chainedAuthentications}"
varStatus="loopStatus" begin="0"
end="${fn:length(assertion.chainedAuthentications)-2}" step="1">
<cas:proxy>${fn:escapeXml(proxy.principal.id)}</cas:proxy>
</c:forEach>
</cas:proxies>
</c:if>
</cas:authenticationSuccess>
</cas:serviceResponse>
scott_battaglia wrote:
>
> It looks like your custom principal is conflicting with the Services
> Management tool. You can basically tell CAS to ignore the Services
> Management tool by essentially reconfiguring the InMemoryServiceManagerDao
> (in the deployerConfigContext.xml).
>
> You'll need to add one RegisteredServiceImpl with a path pattern that
> matches all of your services (i.e. **/**) and then set the
> ignoreAttributes
> property to true.
>
> The Services Management tool exists to allow you to configure which
> services
> can see which attributes. Unfortunately its designed to work with the
> principals that exist with CAS.
>
> -Scott
>
> -Scott Battaglia
> PGP Public Key Id: 0x383733AA
> LinkedIn: http://www.linkedin.com/in/scottbattaglia
>
>
> On Tue, Aug 5, 2008 at 4:20 AM, Tracy12 <[EMAIL PROTECTED]> wrote:
>
>>
>> Yes I did the manual way and could produce what the error is,
>> I have my own JAASAuthHanlder and credential to principal resolvers also
>> my
>> own Principal extends from the pricipal,
>>
>> But it gives the follwoing exception, it tries to find attribtues in the
>> org.jasig.cas.authentication.principal.SimplePrincipal
>> instead of mine,
>>
>> I have defined Authhandlers and Resolvers in deployerConfigContext.xml
>> properly.
>>
>> Note:
>> ......
>>
>> My principal got more attributes than normal one and protocol jsps are
>> modified accordingly, this was working fine in CAS 3.0.x, is there any
>> change in the new version
>>
>>
>>
>> org.apache.jasper.JasperException: Exception in JSP:
>> /WEB-INF/view/jsp/protocol/2.0/casServiceValidationSuccess.jsp:4
>>
>> 1: <%@ page session="false" %><%@ taglib prefix="c"
>> uri="http://java.sun.com/jsp/jstl/core"; %><%@ taglib
>> uri="http://java.sun.com/jsp/jstl/functions"; prefix="fn"
>> %><cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'>
>> 2: <cas:authenticationSuccess>
>> 3:
>>
>> <cas:user>${fn:escapeXml(assertion.chainedAuthentications[fn:length(assertion.chainedAuthentications)-1].
>> principal.id)}</cas:user>
>> 4:
>>
>> <cas:firstName>${fn:escapeXml(assertion.chainedAuthentications[fn:length(assertion.chainedAuthentications)-1].principal.firstName)}</cas:firstName>
>> 5:
>>
>> <cas:middleName>${fn:escapeXml(assertion.chainedAuthentications[fn:length(assertion.chainedAuthentications)-1].principal.middleName)}</cas:middleName>
>> 6:
>>
>> <cas:lastName>${fn:escapeXml(assertion.chainedAuthentications[fn:length(assertion.chainedAuthentications)-1].principal.lastName)}</cas:lastName>
>> 7:
>>
>> <cas:displayName>${fn:escapeXml(assertion.chainedAuthentications[fn:length(assertion.chainedAuthentications)-1].principal.displayName)}</cas:displayName>
>>
>>
>> Stacktrace:
>>
>>
>> org.apache.jasper.servlet.JspServletWrapper.handleJspException(JspServletWrapper.java:451)
>>
>>
>> org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:355)
>>
>> org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:329)
>> org.apache.jasper.servlet.JspServlet.service(JspServlet.java:265)
>> javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
>>
>>
>> org.springframework.web.servlet.view.InternalResourceView.renderMergedOutputModel(InternalResourceView.java:171)
>>
>>
>> org.springframework.web.servlet.view.AbstractView.render(AbstractView.java:251)
>>
>>
>> org.springframework.web.servlet.DispatcherServlet.render(DispatcherServlet.java:1160)
>>
>>
>> org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:901)
>>
>>
>> org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:809)
>>
>>
>> org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:476)
>>
>>
>> org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:431)
>> javax.servlet.http.HttpServlet.service(HttpServlet.java:690)
>> javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
>>
>>
>> org.jasig.cas.web.init.SafeDispatcherServlet.service(SafeDispatcherServlet.java:115)
>>
>>
>> org.inspektr.common.web.ClientInfoThreadLocalFilter.doFilterInternal(ClientInfoThreadLocalFilter.java:48)
>>
>>
>> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:75)
>>
>> root cause
>>
>> javax.servlet.ServletException: Unable to find a value for "firstName" in
>> object of class "org.jasig.cas.authentication.principal.SimplePrincipal"
>> using operator "."
>>
>>
>> org.apache.jasper.runtime.PageContextImpl.doHandlePageException(PageContextImpl.java:841)
>>
>>
>> org.apache.jasper.runtime.PageContextImpl.handlePageException(PageContextImpl.java:774)
>>
>>
>> org.apache.jsp.WEB_002dINF.view.jsp.protocol._2_0.casServiceValidationSuccess_jsp._jspService(casServiceValidationSuccess_jsp.java:97)
>> org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:98)
>> javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
>>
>>
>> org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:331)
>>
>> org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:329)
>> org.apache.jasper.servlet.JspServlet.service(JspServlet.java:265)
>> javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
>>
>>
>> org.springframework.web.servlet.view.InternalResourceView.renderMergedOutputModel(InternalResourceView.java:171)
>>
>>
>> org.springframework.web.servlet.view.AbstractView.render(AbstractView.java:251)
>>
>>
>> org.springframework.web.servlet.DispatcherServlet.render(DispatcherServlet.java:1160)
>>
>>
>> org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:901)
>>
>>
>> org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:809)
>>
>>
>> org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:476)
>>
>>
>> org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:431)
>> javax.servlet.http.HttpServlet.service(HttpServlet.java:690)
>> javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
>>
>>
>> org.jasig.cas.web.init.SafeDispatcherServlet.service(SafeDispatcherServlet.java:115)
>>
>>
>> org.inspektr.common.web.ClientInfoThreadLocalFilter.doFilterInternal(ClientInfoThreadLocalFilter.java:48)
>>
>>
>> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:75)
>>
>> root cause
>>
>> javax.servlet.jsp.el.ELException: Unable to find a value for "firstName"
>> in
>> object of class "org.jasig.cas.authentication.principal.SimplePrincipal"
>> using operator "."
>> org.apache.commons.el.Logger.logError(Logger.java:481)
>> org.apache.commons.el.Logger.logError(Logger.java:498)
>> org.apache.commons.el.Logger.logError(Logger.java:611)
>> org.apache.commons.el.ArraySuffix.evaluate(ArraySuffix.java:340)
>> org.apache.commons.el.ComplexValue.evaluate(ComplexValue.java:145)
>>
>>
>> org.apache.commons.el.FunctionInvocation.evaluate(FunctionInvocation.java:163)
>>
>>
>> org.apache.commons.el.ExpressionEvaluatorImpl.evaluate(ExpressionEvaluatorImpl.java:263)
>>
>>
>> org.apache.commons.el.ExpressionEvaluatorImpl.evaluate(ExpressionEvaluatorImpl.java:190)
>>
>>
>> org.apache.jasper.runtime.PageContextImpl.proprietaryEvaluate(PageContextImpl.java:924)
>>
>>
>> org.apache.jsp.WEB_002dINF.view.jsp.protocol._2_0.casServiceValidationSuccess_jsp._jspService(casServiceValidationSuccess_jsp.java:67)
>> org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:98)
>> javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
>>
>>
>> org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:331)
>>
>> org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:329)
>> org.apache.jasper.servlet.JspServlet.service(JspServlet.java:265)
>> javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
>>
>>
>> org.springframework.web.servlet.view.InternalResourceView.renderMergedOutputModel(InternalResourceView.java:171)
>>
>>
>> org.springframework.web.servlet.view.AbstractView.render(AbstractView.java:251)
>>
>>
>> org.springframework.web.servlet.DispatcherServlet.render(DispatcherServlet.java:1160)
>>
>>
>> org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:901)
>>
>>
>> org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:809)
>>
>>
>> org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:476)
>>
>>
>> org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:431)
>> javax.servlet.http.HttpServlet.service(HttpServlet.java:690)
>> javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
>>
>>
>> org.jasig.cas.web.init.SafeDispatcherServlet.service(SafeDispatcherServlet.java:115)
>>
>>
>> org.inspektr.common.web.ClientInfoThreadLocalFilter.doFilterInternal(ClientInfoThreadLocalFilter.java:48)
>>
>>
>> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:75)
>>
>> note The full stack trace of the root cause is available in the Apache
>> Tomcat/5.5.25 logs.
>> Apache Tomcat/5.5.25
>>
>>
>> scott_battaglia wrote:
>> >
>> > If there really is an error then those log4j settings should have
>> worked.
>> > You can also try manually getting a ticket and then manually validating
>> it
>> > in the browser to see what the error is.
>> >
>> > 3.2.1.1 and 3.2.1 only differ in a couple JSP pages not used in the
>> > validation part.
>> >
>> > -Scott
>> >
>> >
>> >
>> > On Mon, Aug 4, 2008 at 10:09 PM, Tracy12 <[EMAIL PROTECTED]> wrote:
>> >
>> >>
>> >> Thanks Scott,
>> >>
>> >> Client side it throws the following exception, and to debug server
>> side
>> >> CAS
>> >> I changed the log4j.properties of
>> >> /cas-server-3.2.1.1/cas-server-webapp/src/main/webapp/WEB-INF/classes
>> >> as follows (last couple of entries), but still I can't see any log
>> error
>> >> in cas.log as well as catalina.out
>> >>
>> >> Am I doing something wrong., Can you let me know a specific location
>> to
>> >> track the error.?
>> >>
>> >> log4j.logger.org.springframework=DEBUG
>> >> log4j.logger.org.jasig=DEBUG
>> >>
>> >> log4j.logger.org.jasig.cas.web.flow=DEBUG
>> >> log4j.logger.org.jasig.cas.authentication=DEBUG
>> >> log4j.logger.org.jasig.cas.services=DEBUG
>> >>
>> >>
>> >>
>> >>
>> >>
>> >> Client Error
>> >>
>> >> java.io.IOException: Server returned HTTP response code: 500 for URL:
>> >>
>> >>
>> https://mymachine:8443/cas/serviceValidate?service=http%3A%2F%2Fmymachine%3A8080%2FuPortal%2FLogin&ticket=ST-1-sKehsbEf5Spajj7bKh5i-cas
>> >> at
>> >>
>> >>
>> sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1170)
>> >> at
>> >>
>> >>
>> com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnectionOldImpl.getInputStream(HttpsURLConnectionOldImpl.java:204)
>> >> at
>> edu.yale.its.tp.cas.util.SecureURL.retrieve(SecureURL.java:84)
>> >> at
>> >>
>> >>
>> edu.yale.its.tp.cas.client.ServiceTicketValidator.validate(ServiceTicketValidator.java:228)
>> >> at
>> >> edu.yale.its.tp.cas.client.CASReceipt.getReceipt(CASReceipt.java:64)
>> >> at
>> >>
>> >>
>> edu.yale.its.tp.cas.client.filter.CASValidateFilter.getAuthenticatedUser(CASValidateFilter.java:344)
>> >> at
>> >>
>> >>
>> edu.yale.its.tp.cas.client.filter.CASValidateFilter.doFilter(CASValidateFilter.java:289)
>> >> at
>> >>
>> >>
>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
>> >> at
>> >>
>> >>
>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
>> >> at
>> >>
>> >>
>> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
>> >> at
>> >>
>> >>
>> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:174)
>> >> at
>> >>
>> >>
>> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
>> >> at
>> >>
>> >>
>> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117)
>> >> at
>> >>
>> >>
>> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:108)
>> >> at
>> >>
>> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:151)
>> >>
>> >>
>> >> scott_battaglia wrote:
>> >> >
>> >> > You'll have to look in the CAS logs as to why there's a 500 error in
>> >> the
>> >> > server.
>> >> >
>> >> > -Scott
>> >> >
>> >> > -Scott Battaglia
>> >> > PGP Public Key Id: 0x383733AA
>> >> > LinkedIn: http://www.linkedin.com/in/scottbattaglia
>> >> >
>> >> >
>> >> > On Mon, Aug 4, 2008 at 8:45 PM, Tracy12 <[EMAIL PROTECTED]> wrote:
>> >> >
>> >> >>
>> >> >> I realized the reason for the invalid ticket is because I got the
>> >> >> firstURL
>> >> >> and did another hit basically I am trying to validate a ticket
>> twice,
>> >> >>
>> >> >> But the first exception I got was nothing related to invalid ticket
>> >> but
>> >> >> something else a I stated in previous email.
>> >> >>
>> >> >> The thing which I can't understand is I got uPortal 2.5.3 with Yale
>> >> CAS
>> >> >> Client workiing fine with CAS 3.0.x,
>> >> >>
>> >> >> but with the similar setup when I replace CAS 3.2.1.1 it throws the
>> >> above
>> >> >> exception for the serviceValidate.
>> >> >>
>> >> >> If CAS 3.2.1.1 is compatible with Yale CAS client 2.1, I dont need
>> to
>> >> do
>> >> >> any
>> >> >> configuration change in uPortal or Yale CAS client, isnt it?
>> >> >>
>> >> >> How Can I trouble shoot this more in the CAS 3.2.1.1
>> >> >>
>> >> >> Thanks
>> >> >>
>> >> >>
>> >> >>
>> >> >> scott_battaglia wrote:
>> >> >> >
>> >> >> > It usually just means the ticket can't be found ;-) That usually
>> >> >> occurs
>> >> >> > if
>> >> >> > for some reason the ticket id being passed in is wrong or you've
>> >> tried
>> >> >> to
>> >> >> > validate a ticket twice.
>> >> >> >
>> >> >> > -Scott
>> >> >> >
>> >> >> >
>> >> >> > On Mon, Aug 4, 2008 at 1:08 AM, Tracy12 <[EMAIL PROTECTED]>
>> wrote:
>> >> >> >
>> >> >> >>
>> >> >> >> Hi Scott,
>> >> >> >>
>> >> >> >> I started debugging from the yale cas client. It fails the
>> >> >> >> SecureURL.retrieve(url); statement of the validate method inside
>> >> the
>> >> >> >> ServiceTicketValidator.
>> >> >> >>
>> >> >> >> When I take a new browser instance and hit the above url which
>> is
>> >> used
>> >> >> in
>> >> >> >> SecureURL.retrieve(url). In the browser it comes with the
>> following
>> >> >> >> exception.
>> >> >> >>
>> >> >> >> url is something similar to this
>> >> >> >>
>> >> >> >>
>> >> >>
>> >>
>> https://mymachine:8443/cas/serviceValidate?service=http%3A%2F%2Fmymachine%3A8080%2FuPortal%2FLogin&ticket=ST-1-s2DXcqysNuwwc6C6xwUC-cas
>> >> >> >>
>> >> >> >> Is there any server configuration required in this new CAS
>> >> >> >> 3.2.1.1compared
>> >> >> >> to CAS 3.0.x
>> >> >> >>
>> >> >> >> I can't think this as a certificate issue as when new CAS
>> 3.2.1.1
>> >> is
>> >> >> >> replaced with CAS 3.0.x it works with yale cas client 2.x
>> >> >> >>
>> >> >> >> What exactly the reason for the following error
>> >> >> >>
>> >> >> >>
>> >> >> >>
>> >> >> >>
>> >> >> >> <cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'>
>> >> >> >> <cas:authenticationFailure code='INVALID_TICKET'>
>> >> >> >> ticket 'ST-1-s2DXcqysNuwwc6C6xwUC-cas' not
>> >> recognized
>> >> >> >> </cas:authenticationFailure>
>> >> >> >> </cas:serviceResponse>
>> >> >> >>
>> >> >> >>
>> >> >> >> scott_battaglia wrote:
>> >> >> >> >
>> >> >> >> > The Yale CAS Client works perfectly fine with the CAS
>> >> 3.2.1.1server
>> >> >> >> > release
>> >> >> >> > (unless there is some bug we don't know about ).
>> >> >> >> >
>> >> >> >> > -Scott
>> >> >> >> >
>> >> >> >> > -Scott Battaglia
>> >> >> >> > PGP Public Key Id: 0x383733AA
>> >> >> >> > LinkedIn: http://www.linkedin.com/in/scottbattaglia
>> >> >> >> >
>> >> >> >> >
>> >> >> >> > On Fri, Aug 1, 2008 at 1:59 AM, Tracy12 <[EMAIL PROTECTED]>
>> >> wrote:
>> >> >> >> >
>> >> >> >> >>
>> >> >> >> >> Even though, it doesnt support single log out, it should
>> support
>> >> >> >> things
>> >> >> >> >> like
>> >> >> >> >> serviceValidate isn't it?
>> >> >> >> >>
>> >> >> >> >> But I am getting the following exception, When I replace the
>> old
>> >> >> CAS
>> >> >> >> >> which
>> >> >> >> >> is 3.0.x it is working fine, which means it is nothing to do
>> >> with
>> >> >> the
>> >> >> >> >> certificates,
>> >> >> >> >>
>> >> >> >> >> We are using yale cas client 2.1 in the uPortal.
>> >> >> >> >>
>> >> >> >> >> Thanks
>> >> >> >> >>
>> >> >> >> >>
>> >> >> >> >>
>> >> >> >> >>
>> >> >> >> >> type Exception report
>> >> >> >> >>
>> >> >> >> >> message
>> >> >> >> >>
>> >> >> >> >> description The server encountered an internal error () that
>> >> >> prevented
>> >> >> >> it
>> >> >> >> >> from fulfilling this request.
>> >> >> >> >>
>> >> >> >> >> exception
>> >> >> >> >>
>> >> >> >> >> javax.servlet.ServletException: Unable to validate
>> >> >> >> ProxyTicketValidator
>> >> >> >> >> [[edu.yale.its.tp.cas.client.ProxyTicketValidator
>> >> proxyList=[null]
>> >> >> >> >> [edu.yale.its.tp.cas.client.ServiceTicketValidator
>> >> >> >> >> casValidateUrl=[https://mymachine:8443/cas/serviceValidate]
>> >> >> >> >> ticket=[ST-1-TWyPmOAR95g0fNryfZ1c-cas]
>> >> >> >> >> service=[http%3A%2F%2Fmymachine%3A8080%2FuPortal%2FLogin]
>> >> >> >> renew=false]]]
>> >> >> >> >>
>> >> >> >> >>
>> >> >> >> >>
>> >> >> >>
>> >> >>
>> >>
>> edu.yale.its.tp.cas.client.filter.CASValidateFilter.doFilter(CASValidateFilter.java:292)
>> >> >> >> >>
>> >> >> >> >> root cause
>> >> >> >> >>
>> >> >> >> >> edu.yale.its.tp.cas.client.CASAuthenticationException: Unable
>> to
>> >> >> >> validate
>> >> >> >> >> ProxyTicketValidator
>> >> >> [[edu.yale.its.tp.cas.client.ProxyTicketValidator
>> >> >> >> >> proxyList=[null]
>> >> [edu.yale.its.tp.cas.client.ServiceTicketValidator
>> >> >> >> >> casValidateUrl=[https://mymachine:8443/cas/serviceValidate]
>> >> >> >> >> ticket=[ST-1-TWyPmOAR95g0fNryfZ1c-cas]
>> >> >> >> >> service=[http%3A%2F%2Flalitha%3A8080%2FuPortal%2FLogin]
>> >> >> renew=false]]]
>> >> >> >> >>
>> >> >> >> >>
>> >> >>
>> edu.yale.its.tp.cas.client.CASReceipt.getReceipt(CASReceipt.java:57)
>> >> >> >> >>
>> >> >> >> >>
>> >> >> >> >>
>> >> >> >>
>> >> >>
>> >>
>> edu.yale.its.tp.cas.client.filter.CASValidateFilter.getAuthenticatedUser(CASValidateFilter.java:339)
>> >> >> >> >>
>> >> >> >> >>
>> >> >> >> >>
>> >> >> >>
>> >> >>
>> >>
>> edu.yale.its.tp.cas.client.filter.CASValidateFilter.doFilter(CASValidateFilter.java:289)
>> >> >> >> >>
>> >> >> >> >> root cause
>> >> >> >> >>
>> >> >> >> >> java.io.IOException: Server returned HTTP response code: 500
>> for
>> >> >> URL:
>> >> >> >> >>
>> >> >> >> >>
>> >> >> >>
>> >> >>
>> >>
>> https://mymachine:8443/cas/serviceValidate?service=http%3A%2F%2Fmymachine%3A8080%2FuPortal%2FLogin&ticket=ST-1-TWyPmOAR95g0fNryfZ1c-cas
>> >> >> >> >>
>> >> >> >> >>
>> >> >> >> >>
>> >> >> >>
>> >> >>
>> >>
>> sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1170)
>> >> >> >> >>
>> >> >> >> >>
>> >> >> >> >>
>> >> >> >>
>> >> >>
>> >>
>> com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnectionOldImpl.getInputStream(HttpsURLConnectionOldImpl.java:204)
>> >> >> >> >>
>> >> >> edu.yale.its.tp.cas.util.SecureURL.retrieve(SecureURL.java:84)
>> >> >> >> >>
>> >> >> >> >>
>> >> >> >> >>
>> >> >> >>
>> >> >>
>> >>
>> edu.yale.its.tp.cas.client.ServiceTicketValidator.validate(ServiceTicketValidator.java:216)
>> >> >> >> >>
>> >> >> >> >>
>> >> >>
>> edu.yale.its.tp.cas.client.CASReceipt.getReceipt(CASReceipt.java:55)
>> >> >> >> >>
>> >> >> >> >>
>> >> >> >> >>
>> >> >> >>
>> >> >>
>> >>
>> edu.yale.its.tp.cas.client.filter.CASValidateFilter.getAuthenticatedUser(CASValidateFilter.java:339)
>> >> >> >> >>
>> >> >> >> >>
>> >> >> >> >>
>> >> >> >>
>> >> >>
>> >>
>> edu.yale.its.tp.cas.client.filter.CASValidateFilter.doFilter(CASValidateFilter.java:289)
>> >> >> >> >>
>> >> >> >> >> note The full stack trace of the root cause is available in
>> the
>> >> >> Apache
>> >> >> >> >> Tomcat/5.5.25 logs.
>> >> >> >> >>
>> >> >> >> >>
>> >> >> >> >> John Sood wrote:
>> >> >> >> >> >
>> >> >> >> >> > No. Yale client does not support single signout.
>> >> >> >> >> >
>> >> >> >> >> > Tracy12 wrote:
>> >> >> >> >> >> With CAS 3.2.1.1 can't we use cas client 2.1 from yale.?
>> >> >> >> >> >>
>> >> >> >> >> >> Reason is within uPortal we have CAS client 2.1 with some
>> >> code
>> >> >> >> >> >> modifications,
>> >> >> >> >> >>
>> >> >> >> >> >> Is it a must that we need to use CAS Client 3.1.1 with CAS
>> >> >> 3.2.1.1
>> >> >> >> >> >>
>> >> >> >> >> >>
>> >> >> >> >> >>
>> >> >> >> >> >> John Sood wrote:
>> >> >> >> >> >>
>> >> >> >> >> >>> I am using the following at it works for me:
>> >> >> >> >> >>>
>> >> >> >> >> >>> CAS Server 3.2.1
>> >> >> >> >> >>> CAS Client 3.1.1
>> >> >> >> >> >>>
>> >> >> >> >> >>> Tracy12 wrote:
>> >> >> >> >> >>>
>> >> >> >> >> >>>> Hi,
>> >> >> >> >> >>>>
>> >> >> >> >> >>>> Does CAS 3.2.1.1 fully supports Single log out?
>> >> >> >> >> >>>>
>> >> >> >> >> >>>> Do I have to download some prior version?
>> >> >> >> >> >>>>
>> >> >> >> >> >>>> Reason for this question is I can remember some
>> discussions
>> >> >> going
>> >> >> >> on
>> >> >> >> >> >>>> with
>> >> >> >> >> >>>> regards to this, whether to download CAS 3.2.X
>> >> >> >> >> >>>>
>> >> >> >> >> >>>> or 3.1.X
>> >> >> >> >> >>>>
>> >> >> >> >> >>>> Pls confirm for us to download the proper version.
>> >> >> >> >> >>>>
>> >> >> >> >> >>>> Also let us know which casclient version should we
>> download
>> >> >> >> >> >>>> correspondent
>> >> >> >> >> >>>> to
>> >> >> >> >> >>>> the main CAS download.
>> >> >> >> >> >>>>
>> >> >> >> >> >>>> Thanks
>> >> >> >> >> >>>>
>> >> >> >> >> >>>>
>> >> >> >> >> >>>>
>> >> >> >> >> >>> _______________________________________________
>> >> >> >> >> >>> Yale CAS mailing list
>> >> >> >> >> >>> [email protected]
>> >> >> >> >> >>> http://tp.its.yale.edu/mailman/listinfo/cas
>> >> >> >> >> >>>
>> >> >> >> >> >>>
>> >> >> >> >> >>>
>> >> >> >> >> >>
>> >> >> >> >> >>
>> >> >> >> >> >
>> >> >> >> >> >
>> >> >> >> >> > _______________________________________________
>> >> >> >> >> > Yale CAS mailing list
>> >> >> >> >> > [email protected]
>> >> >> >> >> > http://tp.its.yale.edu/mailman/listinfo/cas
>> >> >> >> >> >
>> >> >> >> >> >
>> >> >> >> >>
>> >> >> >> >> --
>> >> >> >> >> View this message in context:
>> >> >> >> >>
>> >> >> >>
>> >> >>
>> >>
>> http://www.nabble.com/Single-Log-Out---which-version-tp18746114p18768662.html
>> >> >> >> >> Sent from the CAS Users mailing list archive at Nabble.com.
>> >> >> >> >>
>> >> >> >> >> _______________________________________________
>> >> >> >> >> Yale CAS mailing list
>> >> >> >> >> [email protected]
>> >> >> >> >> http://tp.its.yale.edu/mailman/listinfo/cas
>> >> >> >> >>
>> >> >> >> >
>> >> >> >> > _______________________________________________
>> >> >> >> > Yale CAS mailing list
>> >> >> >> > [email protected]
>> >> >> >> > http://tp.its.yale.edu/mailman/listinfo/cas
>> >> >> >> >
>> >> >> >> >
>> >> >> >>
>> >> >> >> --
>> >> >> >> View this message in context:
>> >> >> >>
>> >> >>
>> >>
>> http://www.nabble.com/Single-Log-Out---which-version-tp18746114p18805727.html
>> >> >> >> Sent from the CAS Users mailing list archive at Nabble.com.
>> >> >> >>
>> >> >> >> _______________________________________________
>> >> >> >> Yale CAS mailing list
>> >> >> >> [email protected]
>> >> >> >> http://tp.its.yale.edu/mailman/listinfo/cas
>> >> >> >>
>> >> >> >
>> >> >> > _______________________________________________
>> >> >> > Yale CAS mailing list
>> >> >> > [email protected]
>> >> >> > http://tp.its.yale.edu/mailman/listinfo/cas
>> >> >> >
>> >> >> >
>> >> >>
>> >> >> --
>> >> >> View this message in context:
>> >> >>
>> >>
>> http://www.nabble.com/Single-Log-Out---which-version-tp18746114p18822609.html
>> >> >> Sent from the CAS Users mailing list archive at Nabble.com.
>> >> >>
>> >> >> _______________________________________________
>> >> >> Yale CAS mailing list
>> >> >> [email protected]
>> >> >> http://tp.its.yale.edu/mailman/listinfo/cas
>> >> >>
>> >> >
>> >> > _______________________________________________
>> >> > Yale CAS mailing list
>> >> > [email protected]
>> >> > http://tp.its.yale.edu/mailman/listinfo/cas
>> >> >
>> >> >
>> >>
>> >> --
>> >> View this message in context:
>> >>
>> http://www.nabble.com/Single-Log-Out---which-version-tp18746114p18823313.html
>> >> Sent from the CAS Users mailing list archive at Nabble.com.
>> >>
>> >> _______________________________________________
>> >> Yale CAS mailing list
>> >> [email protected]
>> >> http://tp.its.yale.edu/mailman/listinfo/cas
>> >>
>> >
>> > _______________________________________________
>> > Yale CAS mailing list
>> > [email protected]
>> > http://tp.its.yale.edu/mailman/listinfo/cas
>> >
>> >
>>
>> --
>> View this message in context:
>> http://www.nabble.com/Single-Log-Out---which-version-tp18746114p18826587.html
>> Sent from the CAS Users mailing list archive at Nabble.com.
>>
>> _______________________________________________
>> Yale CAS mailing list
>> [email protected]
>> http://tp.its.yale.edu/mailman/listinfo/cas
>>
>
> _______________________________________________
> Yale CAS mailing list
> [email protected]
> http://tp.its.yale.edu/mailman/listinfo/cas
>
>
--
View this message in context:
http://www.nabble.com/Single-Log-Out---which-version-tp18746114p18844212.html
Sent from the CAS Users mailing list archive at Nabble.com.
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
