Scott,
You have been refering to a attribute called 'ignoreAttributes' in all your
replies, I can't see a attribute with that name in
org.jasig.cas.services.RegisteredServiceImpl,
Because of that when I have the configuration stated by you it fails with
this exception, even can't start CAS app
Caused by: org.springframework.beans.factory.BeanCreationException: Error
creating bean with name 'org.jasig.cas.services.RegisteredServiceImpl#7ae6d'
defined in ServletContext resource [/WEB-INF/deployerConfigContext.xml]:
Initialization of bean failed; nested exception is
org.springframework.beans.InvalidPropertyException: Invalid property
'ignoreAttributes' of bean class
[org.jasig.cas.services.RegisteredServiceImpl]: No property
'ignoreAttributes' found
at
org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:445)
at
org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory$1.run(AbstractAutowireCapableBeanFactory.java:383)
at java.security.AccessController.doPrivileged(Native Method)
at
org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:353)
at
org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveInnerBean(BeanDefinitionValueResolver.java:219)
... 58 more
Caused by: org.springframework.beans.InvalidPropertyException: Invalid
property 'ignoreAttributes' of bean class
[org.jasig.cas.services.RegisteredServiceImpl]: No property
'ignoreAttributes' found
at
org.springframework.beans.BeanWrapperImpl.convertForProperty(BeanWrapperImpl.java:377)
at
org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.convertForProperty(AbstractAutowireCapableBeanFactory.java:1211)
scott_battaglia wrote:
>
> It would be something like this (this may not be exact as I didn't
> validate
> it):
>
> <bean class="org.jasig.cas.services.InMemoryServiceRegistryDaoImpl "
> id="servicesRegistryDao">
> <property name="registeredServices">
> <list>
> <bean class="org.jasig.cas.services.RegisteredServiceImpl">
> <property name="ignoreAttributes" value="true" />
> <property name="id" value="1" />
> <property name="serviceId" value="**/**" />
> </bean>
> </list>
> </bean>
>
>
> -Scott Battaglia
> PGP Public Key Id: 0x383733AA
> LinkedIn: http://www.linkedin.com/in/scottbattaglia
>
>
> On Wed, Aug 6, 2008 at 8:10 AM, Scott Battaglia
> <[EMAIL PROTECTED]>wrote:
>
>> On Wed, Aug 6, 2008 at 12:40 AM, Tracy12 <[EMAIL PROTECTED]> wrote:
>>
>>>
>>> Thanks scot,
>>>
>>> In CAS 3.0.3 it was enough to do those configurations to pass addtional
>>> information to the client, but it looks to me it is not the case with
>>> CAS
>>> 3.2.1.1, there wasn't any confilict with my custom principal
>>> conflicting
>>> with CAS services earlier 3.0.x.
>>>
>>> But it looks to me now it is different, I can't understand why we
>>> preserve
>>> the above feature in CAS 3.2.1.1. Any how one of the things which I
>>> observed
>>> is SimplePrincipal is hard wired in top level classes like
>>> CentralAuthenticationServiceImpl. Which was not the case in CAS 3.0.x,
>>> Any
>>> how all are observations, these changes are for some reason.
>>
>> I believe I've already explained in my previous email that the principal
>> is
>> used in conjunction with the Services Management tool to limit the
>> attributes returned to services. In order for it to be used it has to
>> have
>> a concrete implementation it can construct.
>>
>>
>>>
>>>
>>> We thougth there are two paths for us to proceed with CAS 3.2..1.1 with
>>> regards to this
>>>
>>> 1) modify the SimplePrinical to have more properties similar to my
>>> Custom
>>> Principal and with no other additional configuration.
>>
>>
>> That's not going to work. They won't be copied over.
>>
>>
>>>
>>>
>>> 2) change the deployerConfigContext.xml to have our own
>>> RegisteredServiceImpl
>>>
>>> As above no 2 is not clear as a easy approach we did add addtional
>>> setter
>>> and getters for the SimplePrincipal, the result was there wasn't any
>>> errors
>>> but did not pass additional attributes to the client apart from id, Do
>>> we
>>> have to add the addtional attributes some where.
>>
>> I'm pretty sure adding a default RegisteredServicesImpl to the registry
>> in
>> configuration that basically says "please ignore attributes and just pass
>> the principal along" is the easier of the two options.
>>
>>>
>>>
>>> The best we like to have is above no 2, which is not clear for us, can
>>> you
>>> pls elaborate it with a example. are you refereing to the following,
>>> can
>>> you provide us a sample. What exactly the service you are refering here.
>>>
>>> <bean
>>> id="serviceRegistryDao"
>>>
>>> class="org.jasig.cas.services.InMemoryServiceRegistryDaoImpl" />
>>>
>>> What exactly do we have to do?
>>
>>
>> What you really should be doing is not using custom principals now that
>> we
>> have support for attributes as a map on the Principal and populating that
>> map. And then configuring in the Services Management tool the default
>> list
>> of attributes to send back to every application. But if you're not going
>> to
>> do that then you should configure the InMemoryServiceRegistryDaoImpl to
>> have
>> one RegisteredServiceImpl added to it (via the XML configuration) that
>> sets
>> the ignoreAttributes property to true and is set to cover all of your
>> services.
>>
>>
>>
>>> As I described in my previous mails the success service validae
>>> protocoal
>>> jsp looks as follows with additional information
>>
>>
>> What it looks like doesn't matter if you're not going to configure the
>> CAS
>> server to ignore the Services Management tool.
>>
>> -Scott
>>
>>>
>>>
>>> <%@ page session="false" %><%@ taglib prefix="c"
>>> uri="http://java.sun.com/jsp/jstl/core"; %><%@ taglib
>>> uri="http://java.sun.com/jsp/jstl/functions"; prefix="fn"
>>> %><cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'>
>>> <cas:authenticationSuccess>
>>>
>>>
>>> <cas:user>${fn:escapeXml(assertion.chainedAuthentications[fn:length(assertion.chainedAuthentications)-1].
>>> principal.id)}</cas:user>
>>>
>>>
>>> <cas:firstName>${fn:escapeXml(assertion.chainedAuthentications[fn:length(assertion.chainedAuthentications)-1].principal.firstName)}</cas:firstName>
>>>
>>>
>>> <cas:middleName>${fn:escapeXml(assertion.chainedAuthentications[fn:length(assertion.chainedAuthentications)-1].principal.middleName)}</cas:middleName>
>>>
>>>
>>> <cas:lastName>${fn:escapeXml(assertion.chainedAuthentications[fn:length(assertion.chainedAuthentications)-1].principal.lastName)}</cas:lastName>
>>>
>>>
>>> <cas:displayName>${fn:escapeXml(assertion.chainedAuthentications[fn:length(assertion.chainedAuthentications)-1].principal.displayName)}</cas:displayName>
>>>
>>>
>>> <cas:userType>${fn:escapeXml(assertion.chainedAuthentications[fn:length(assertion.chainedAuthentications)-1].principal.userType)}</cas:userType>
>>>
>>> <c:if test="${not empty pgtIou}">
>>>
>>> <cas:proxyGrantingTicket>${pgtIou}</cas:proxyGrantingTicket>
>>> </c:if>
>>> <c:if test="${fn:length(assertion.chainedAuthentications) > 1}">
>>> <cas:proxies>
>>> <c:forEach var="proxy" items="${assertion.chainedAuthentications}"
>>> varStatus="loopStatus" begin="0"
>>> end="${fn:length(assertion.chainedAuthentications)-2}" step="1">
>>> <cas:proxy>${fn:escapeXml(proxy.principal.id
>>> )}</cas:proxy>
>>> </c:forEach>
>>> </cas:proxies>
>>> </c:if>
>>> </cas:authenticationSuccess>
>>> </cas:serviceResponse>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>> scott_battaglia wrote:
>>> >
>>> > It looks like your custom principal is conflicting with the Services
>>> > Management tool. You can basically tell CAS to ignore the Services
>>> > Management tool by essentially reconfiguring the
>>> InMemoryServiceManagerDao
>>> > (in the deployerConfigContext.xml).
>>> >
>>> > You'll need to add one RegisteredServiceImpl with a path pattern that
>>> > matches all of your services (i.e. **/**) and then set the
>>> > ignoreAttributes
>>> > property to true.
>>> >
>>> > The Services Management tool exists to allow you to configure which
>>> > services
>>> > can see which attributes. Unfortunately its designed to work with the
>>> > principals that exist with CAS.
>>> >
>>> > -Scott
>>> >
>>> > -Scott Battaglia
>>> > PGP Public Key Id: 0x383733AA
>>> > LinkedIn: http://www.linkedin.com/in/scottbattaglia
>>> >
>>> >
>>> > On Tue, Aug 5, 2008 at 4:20 AM, Tracy12 <[EMAIL PROTECTED]> wrote:
>>> >
>>> >>
>>> >> Yes I did the manual way and could produce what the error is,
>>> >> I have my own JAASAuthHanlder and credential to principal resolvers
>>> also
>>> >> my
>>> >> own Principal extends from the pricipal,
>>> >>
>>> >> But it gives the follwoing exception, it tries to find attribtues in
>>> the
>>> >> org.jasig.cas.authentication.principal.SimplePrincipal
>>> >> instead of mine,
>>> >>
>>> >> I have defined Authhandlers and Resolvers in
>>> deployerConfigContext.xml
>>> >> properly.
>>> >>
>>> >> Note:
>>> >> ......
>>> >>
>>> >> My principal got more attributes than normal one and protocol jsps
>>> are
>>> >> modified accordingly, this was working fine in CAS 3.0.x, is there
>>> any
>>> >> change in the new version
>>> >>
>>> >>
>>> >>
>>> >> org.apache.jasper.JasperException: Exception in JSP:
>>> >> /WEB-INF/view/jsp/protocol/2.0/casServiceValidationSuccess.jsp:4
>>> >>
>>> >> 1: <%@ page session="false" %><%@ taglib prefix="c"
>>> >> uri="http://java.sun.com/jsp/jstl/core"; %><%@ taglib
>>> >> uri="http://java.sun.com/jsp/jstl/functions"; prefix="fn"
>>> >> %><cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'>
>>> >> 2: <cas:authenticationSuccess>
>>> >> 3:
>>> >>
>>> >>
>>> <cas:user>${fn:escapeXml(assertion.chainedAuthentications[fn:length(assertion.chainedAuthentications)-1].
>>> >> principal.id)}</cas:user>
>>> >> 4:
>>> >>
>>> >>
>>> <cas:firstName>${fn:escapeXml(assertion.chainedAuthentications[fn:length(assertion.chainedAuthentications)-1].principal.firstName)}</cas:firstName>
>>> >> 5:
>>> >>
>>> >>
>>> <cas:middleName>${fn:escapeXml(assertion.chainedAuthentications[fn:length(assertion.chainedAuthentications)-1].principal.middleName)}</cas:middleName>
>>> >> 6:
>>> >>
>>> >>
>>> <cas:lastName>${fn:escapeXml(assertion.chainedAuthentications[fn:length(assertion.chainedAuthentications)-1].principal.lastName)}</cas:lastName>
>>> >> 7:
>>> >>
>>> >>
>>> <cas:displayName>${fn:escapeXml(assertion.chainedAuthentications[fn:length(assertion.chainedAuthentications)-1].principal.displayName)}</cas:displayName>
>>> >>
>>> >>
>>> >> Stacktrace:
>>> >>
>>> >>
>>> >>
>>> org.apache.jasper.servlet.JspServletWrapper.handleJspException(JspServletWrapper.java:451)
>>> >>
>>> >>
>>> >>
>>> org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:355)
>>> >>
>>> >>
>>>
>>> org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:329)
>>> >>
>>> org.apache.jasper.servlet.JspServlet.service(JspServlet.java:265)
>>> >> javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
>>> >>
>>> >>
>>> >>
>>> org.springframework.web.servlet.view.InternalResourceView.renderMergedOutputModel(InternalResourceView.java:171)
>>> >>
>>> >>
>>> >>
>>> org.springframework.web.servlet.view.AbstractView.render(AbstractView.java:251)
>>> >>
>>> >>
>>> >>
>>> org.springframework.web.servlet.DispatcherServlet.render(DispatcherServlet.java:1160)
>>> >>
>>> >>
>>> >>
>>> org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:901)
>>> >>
>>> >>
>>> >>
>>> org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:809)
>>> >>
>>> >>
>>> >>
>>> org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:476)
>>> >>
>>> >>
>>> >>
>>> org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:431)
>>> >> javax.servlet.http.HttpServlet.service(HttpServlet.java:690)
>>> >> javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
>>> >>
>>> >>
>>> >>
>>> org.jasig.cas.web.init.SafeDispatcherServlet.service(SafeDispatcherServlet.java:115)
>>> >>
>>> >>
>>> >>
>>> org.inspektr.common.web.ClientInfoThreadLocalFilter.doFilterInternal(ClientInfoThreadLocalFilter.java:48)
>>> >>
>>> >>
>>> >>
>>> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:75)
>>> >>
>>> >> root cause
>>> >>
>>> >> javax.servlet.ServletException: Unable to find a value for
>>> "firstName"
>>> in
>>> >> object of class
>>> "org.jasig.cas.authentication.principal.SimplePrincipal"
>>> >> using operator "."
>>> >>
>>> >>
>>> >>
>>> org.apache.jasper.runtime.PageContextImpl.doHandlePageException(PageContextImpl.java:841)
>>> >>
>>> >>
>>> >>
>>> org.apache.jasper.runtime.PageContextImpl.handlePageException(PageContextImpl.java:774)
>>> >>
>>> >>
>>> >>
>>> org.apache.jsp.WEB_002dINF.view.jsp.protocol._2_0.casServiceValidationSuccess_jsp._jspService(casServiceValidationSuccess_jsp.java:97)
>>> >>
>>> org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:98)
>>> >> javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
>>> >>
>>> >>
>>> >>
>>> org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:331)
>>> >>
>>> >>
>>>
>>> org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:329)
>>> >>
>>> org.apache.jasper.servlet.JspServlet.service(JspServlet.java:265)
>>> >> javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
>>> >>
>>> >>
>>> >>
>>> org.springframework.web.servlet.view.InternalResourceView.renderMergedOutputModel(InternalResourceView.java:171)
>>> >>
>>> >>
>>> >>
>>> org.springframework.web.servlet.view.AbstractView.render(AbstractView.java:251)
>>> >>
>>> >>
>>> >>
>>> org.springframework.web.servlet.DispatcherServlet.render(DispatcherServlet.java:1160)
>>> >>
>>> >>
>>> >>
>>> org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:901)
>>> >>
>>> >>
>>> >>
>>> org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:809)
>>> >>
>>> >>
>>> >>
>>> org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:476)
>>> >>
>>> >>
>>> >>
>>> org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:431)
>>> >> javax.servlet.http.HttpServlet.service(HttpServlet.java:690)
>>> >> javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
>>> >>
>>> >>
>>> >>
>>> org.jasig.cas.web.init.SafeDispatcherServlet.service(SafeDispatcherServlet.java:115)
>>> >>
>>> >>
>>> >>
>>> org.inspektr.common.web.ClientInfoThreadLocalFilter.doFilterInternal(ClientInfoThreadLocalFilter.java:48)
>>> >>
>>> >>
>>> >>
>>> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:75)
>>> >>
>>> >> root cause
>>> >>
>>> >> javax.servlet.jsp.el.ELException: Unable to find a value for
>>> "firstName"
>>> >> in
>>> >> object of class
>>> "org.jasig.cas.authentication.principal.SimplePrincipal"
>>> >> using operator "."
>>> >> org.apache.commons.el.Logger.logError(Logger.java:481)
>>> >> org.apache.commons.el.Logger.logError(Logger.java:498)
>>> >> org.apache.commons.el.Logger.logError(Logger.java:611)
>>> >>
>>> org.apache.commons.el.ArraySuffix.evaluate(ArraySuffix.java:340)
>>> >>
>>> org.apache.commons.el.ComplexValue.evaluate(ComplexValue.java:145)
>>> >>
>>> >>
>>> >>
>>> org.apache.commons.el.FunctionInvocation.evaluate(FunctionInvocation.java:163)
>>> >>
>>> >>
>>> >>
>>> org.apache.commons.el.ExpressionEvaluatorImpl.evaluate(ExpressionEvaluatorImpl.java:263)
>>> >>
>>> >>
>>> >>
>>> org.apache.commons.el.ExpressionEvaluatorImpl.evaluate(ExpressionEvaluatorImpl.java:190)
>>> >>
>>> >>
>>> >>
>>> org.apache.jasper.runtime.PageContextImpl.proprietaryEvaluate(PageContextImpl.java:924)
>>> >>
>>> >>
>>> >>
>>> org.apache.jsp.WEB_002dINF.view.jsp.protocol._2_0.casServiceValidationSuccess_jsp._jspService(casServiceValidationSuccess_jsp.java:67)
>>> >>
>>> org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:98)
>>> >> javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
>>> >>
>>> >>
>>> >>
>>> org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:331)
>>> >>
>>> >>
>>>
>>> org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:329)
>>> >>
>>> org.apache.jasper.servlet.JspServlet.service(JspServlet.java:265)
>>> >> javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
>>> >>
>>> >>
>>> >>
>>> org.springframework.web.servlet.view.InternalResourceView.renderMergedOutputModel(InternalResourceView.java:171)
>>> >>
>>> >>
>>> >>
>>> org.springframework.web.servlet.view.AbstractView.render(AbstractView.java:251)
>>> >>
>>> >>
>>> >>
>>> org.springframework.web.servlet.DispatcherServlet.render(DispatcherServlet.java:1160)
>>> >>
>>> >>
>>> >>
>>> org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:901)
>>> >>
>>> >>
>>> >>
>>> org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:809)
>>> >>
>>> >>
>>> >>
>>> org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:476)
>>> >>
>>> >>
>>> >>
>>> org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:431)
>>> >> javax.servlet.http.HttpServlet.service(HttpServlet.java:690)
>>> >> javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
>>> >>
>>> >>
>>> >>
>>> org.jasig.cas.web.init.SafeDispatcherServlet.service(SafeDispatcherServlet.java:115)
>>> >>
>>> >>
>>> >>
>>> org.inspektr.common.web.ClientInfoThreadLocalFilter.doFilterInternal(ClientInfoThreadLocalFilter.java:48)
>>> >>
>>> >>
>>> >>
>>> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:75)
>>> >>
>>> >> note The full stack trace of the root cause is available in the
>>> Apache
>>> >> Tomcat/5.5.25 logs.
>>> >> Apache Tomcat/5.5.25
>>> >>
>>> >>
>>> >> scott_battaglia wrote:
>>> >> >
>>> >> > If there really is an error then those log4j settings should have
>>> >> worked.
>>> >> > You can also try manually getting a ticket and then manually
>>> validating
>>> >> it
>>> >> > in the browser to see what the error is.
>>> >> >
>>> >> > 3.2.1.1 and 3.2.1 only differ in a couple JSP pages not used in the
>>> >> > validation part.
>>> >> >
>>> >> > -Scott
>>> >> >
>>> >> >
>>> >> >
>>> >> > On Mon, Aug 4, 2008 at 10:09 PM, Tracy12 <[EMAIL PROTECTED]>
>>> wrote:
>>> >> >
>>> >> >>
>>> >> >> Thanks Scott,
>>> >> >>
>>> >> >> Client side it throws the following exception, and to debug server
>>> >> side
>>> >> >> CAS
>>> >> >> I changed the log4j.properties of
>>> >> >>
>>> /cas-server-3.2.1.1/cas-server-webapp/src/main/webapp/WEB-INF/classes
>>> >> >> as follows (last couple of entries), but still I can't see any
>>> log
>>> >> error
>>> >> >> in cas.log as well as catalina.out
>>> >> >>
>>> >> >> Am I doing something wrong., Can you let me know a specific
>>> location
>>> >> to
>>> >> >> track the error.?
>>> >> >>
>>> >> >> log4j.logger.org.springframework=DEBUG
>>> >> >> log4j.logger.org.jasig=DEBUG
>>> >> >>
>>> >> >> log4j.logger.org.jasig.cas.web.flow=DEBUG
>>> >> >> log4j.logger.org.jasig.cas.authentication=DEBUG
>>> >> >> log4j.logger.org.jasig.cas.services=DEBUG
>>> >> >>
>>> >> >>
>>> >> >>
>>> >> >>
>>> >> >>
>>> >> >> Client Error
>>> >> >>
>>> >> >> java.io.IOException: Server returned HTTP response code: 500 for
>>> URL:
>>> >> >>
>>> >> >>
>>> >>
>>> https://mymachine:8443/cas/serviceValidate?service=http%3A%2F%2Fmymachine%3A8080%2FuPortal%2FLogin&ticket=ST-1-sKehsbEf5Spajj7bKh5i-cas
>>> >> >> at
>>> >> >>
>>> >> >>
>>> >>
>>> sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1170)
>>> >> >> at
>>> >> >>
>>> >> >>
>>> >>
>>> com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnectionOldImpl.getInputStream(HttpsURLConnectionOldImpl.java:204)
>>> >> >> at
>>> >> edu.yale.its.tp.cas.util.SecureURL.retrieve(SecureURL.java:84)
>>> >> >> at
>>> >> >>
>>> >> >>
>>> >>
>>> edu.yale.its.tp.cas.client.ServiceTicketValidator.validate(ServiceTicketValidator.java:228)
>>> >> >> at
>>> >> >>
>>> edu.yale.its.tp.cas.client.CASReceipt.getReceipt(CASReceipt.java:64)
>>> >> >> at
>>> >> >>
>>> >> >>
>>> >>
>>> edu.yale.its.tp.cas.client.filter.CASValidateFilter.getAuthenticatedUser(CASValidateFilter.java:344)
>>> >> >> at
>>> >> >>
>>> >> >>
>>> >>
>>> edu.yale.its.tp.cas.client.filter.CASValidateFilter.doFilter(CASValidateFilter.java:289)
>>> >> >> at
>>> >> >>
>>> >> >>
>>> >>
>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
>>> >> >> at
>>> >> >>
>>> >> >>
>>> >>
>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
>>> >> >> at
>>> >> >>
>>> >> >>
>>> >>
>>> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
>>> >> >> at
>>> >> >>
>>> >> >>
>>> >>
>>> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:174)
>>> >> >> at
>>> >> >>
>>> >> >>
>>> >>
>>> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
>>> >> >> at
>>> >> >>
>>> >> >>
>>> >>
>>> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117)
>>> >> >> at
>>> >> >>
>>> >> >>
>>> >>
>>> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:108)
>>> >> >> at
>>> >> >>
>>> >>
>>> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:151)
>>> >> >>
>>> >> >>
>>> >> >> scott_battaglia wrote:
>>> >> >> >
>>> >> >> > You'll have to look in the CAS logs as to why there's a 500
>>> error
>>> in
>>> >> >> the
>>> >> >> > server.
>>> >> >> >
>>> >> >> > -Scott
>>> >> >> >
>>> >> >> > -Scott Battaglia
>>> >> >> > PGP Public Key Id: 0x383733AA
>>> >> >> > LinkedIn: http://www.linkedin.com/in/scottbattaglia
>>> >> >> >
>>> >> >> >
>>> >> >> > On Mon, Aug 4, 2008 at 8:45 PM, Tracy12 <[EMAIL PROTECTED]>
>>> wrote:
>>> >> >> >
>>> >> >> >>
>>> >> >> >> I realized the reason for the invalid ticket is because I got
>>> the
>>> >> >> >> firstURL
>>> >> >> >> and did another hit basically I am trying to validate a ticket
>>> >> twice,
>>> >> >> >>
>>> >> >> >> But the first exception I got was nothing related to invalid
>>> ticket
>>> >> >> but
>>> >> >> >> something else a I stated in previous email.
>>> >> >> >>
>>> >> >> >> The thing which I can't understand is I got uPortal 2.5.3 with
>>> Yale
>>> >> >> CAS
>>> >> >> >> Client workiing fine with CAS 3.0.x,
>>> >> >> >>
>>> >> >> >> but with the similar setup when I replace CAS 3.2.1.1 it throws
>>> the
>>> >> >> above
>>> >> >> >> exception for the serviceValidate.
>>> >> >> >>
>>> >> >> >> If CAS 3.2.1.1 is compatible with Yale CAS client 2.1, I dont
>>> need
>>> >> to
>>> >> >> do
>>> >> >> >> any
>>> >> >> >> configuration change in uPortal or Yale CAS client, isnt it?
>>> >> >> >>
>>> >> >> >> How Can I trouble shoot this more in the CAS 3.2.1.1
>>> >> >> >>
>>> >> >> >> Thanks
>>> >> >> >>
>>> >> >> >>
>>> >> >> >>
>>> >> >> >> scott_battaglia wrote:
>>> >> >> >> >
>>> >> >> >> > It usually just means the ticket can't be found ;-) That
>>> usually
>>> >> >> >> occurs
>>> >> >> >> > if
>>> >> >> >> > for some reason the ticket id being passed in is wrong or
>>> you've
>>> >> >> tried
>>> >> >> >> to
>>> >> >> >> > validate a ticket twice.
>>> >> >> >> >
>>> >> >> >> > -Scott
>>> >> >> >> >
>>> >> >> >> >
>>> >> >> >> > On Mon, Aug 4, 2008 at 1:08 AM, Tracy12 <[EMAIL PROTECTED]>
>>> >> wrote:
>>> >> >> >> >
>>> >> >> >> >>
>>> >> >> >> >> Hi Scott,
>>> >> >> >> >>
>>> >> >> >> >> I started debugging from the yale cas client. It fails the
>>> >> >> >> >> SecureURL.retrieve(url); statement of the validate method
>>> inside
>>> >> >> the
>>> >> >> >> >> ServiceTicketValidator.
>>> >> >> >> >>
>>> >> >> >> >> When I take a new browser instance and hit the above url
>>> which
>>> >> is
>>> >> >> used
>>> >> >> >> in
>>> >> >> >> >> SecureURL.retrieve(url). In the browser it comes with the
>>> >> following
>>> >> >> >> >> exception.
>>> >> >> >> >>
>>> >> >> >> >> url is something similar to this
>>> >> >> >> >>
>>> >> >> >> >>
>>> >> >> >>
>>> >> >>
>>> >>
>>> https://mymachine:8443/cas/serviceValidate?service=http%3A%2F%2Fmymachine%3A8080%2FuPortal%2FLogin&ticket=ST-1-s2DXcqysNuwwc6C6xwUC-cas
>>> >> >> >> >>
>>> >> >> >> >> Is there any server configuration required in this new CAS
>>> >> >> >> >> 3.2.1.1compared
>>> >> >> >> >> to CAS 3.0.x
>>> >> >> >> >>
>>> >> >> >> >> I can't think this as a certificate issue as when new CAS
>>> >> 3.2.1.1
>>> >> >> is
>>> >> >> >> >> replaced with CAS 3.0.x it works with yale cas client 2.x
>>> >> >> >> >>
>>> >> >> >> >> What exactly the reason for the following error
>>> >> >> >> >>
>>> >> >> >> >>
>>> >> >> >> >>
>>> >> >> >> >>
>>> >> >> >> >> <cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'>
>>> >> >> >> >> <cas:authenticationFailure code='INVALID_TICKET'>
>>> >> >> >> >> ticket 'ST-1-s2DXcqysNuwwc6C6xwUC-cas' not
>>> >> >> recognized
>>> >> >> >> >> </cas:authenticationFailure>
>>> >> >> >> >> </cas:serviceResponse>
>>> >> >> >> >>
>>> >> >> >> >>
>>> >> >> >> >> scott_battaglia wrote:
>>> >> >> >> >> >
>>> >> >> >> >> > The Yale CAS Client works perfectly fine with the CAS
>>> >> >> 3.2.1.1server
>>> >> >> >> >> > release
>>> >> >> >> >> > (unless there is some bug we don't know about ).
>>> >> >> >> >> >
>>> >> >> >> >> > -Scott
>>> >> >> >> >> >
>>> >> >> >> >> > -Scott Battaglia
>>> >> >> >> >> > PGP Public Key Id: 0x383733AA
>>> >> >> >> >> > LinkedIn: http://www.linkedin.com/in/scottbattaglia
>>> >> >> >> >> >
>>> >> >> >> >> >
>>> >> >> >> >> > On Fri, Aug 1, 2008 at 1:59 AM, Tracy12
>>> <[EMAIL PROTECTED]
>>> >
>>> >> >> wrote:
>>> >> >> >> >> >
>>> >> >> >> >> >>
>>> >> >> >> >> >> Even though, it doesnt support single log out, it should
>>> >> support
>>> >> >> >> >> things
>>> >> >> >> >> >> like
>>> >> >> >> >> >> serviceValidate isn't it?
>>> >> >> >> >> >>
>>> >> >> >> >> >> But I am getting the following exception, When I replace
>>> the
>>> >> old
>>> >> >> >> CAS
>>> >> >> >> >> >> which
>>> >> >> >> >> >> is 3.0.x it is working fine, which means it is nothing to
>>> do
>>> >> >> with
>>> >> >> >> the
>>> >> >> >> >> >> certificates,
>>> >> >> >> >> >>
>>> >> >> >> >> >> We are using yale cas client 2.1 in the uPortal.
>>> >> >> >> >> >>
>>> >> >> >> >> >> Thanks
>>> >> >> >> >> >>
>>> >> >> >> >> >>
>>> >> >> >> >> >>
>>> >> >> >> >> >>
>>> >> >> >> >> >> type Exception report
>>> >> >> >> >> >>
>>> >> >> >> >> >> message
>>> >> >> >> >> >>
>>> >> >> >> >> >> description The server encountered an internal error ()
>>> that
>>> >> >> >> prevented
>>> >> >> >> >> it
>>> >> >> >> >> >> from fulfilling this request.
>>> >> >> >> >> >>
>>> >> >> >> >> >> exception
>>> >> >> >> >> >>
>>> >> >> >> >> >> javax.servlet.ServletException: Unable to validate
>>> >> >> >> >> ProxyTicketValidator
>>> >> >> >> >> >> [[edu.yale.its.tp.cas.client.ProxyTicketValidator
>>> >> >> proxyList=[null]
>>> >> >> >> >> >> [edu.yale.its.tp.cas.client.ServiceTicketValidator
>>> >> >> >> >> >>
>>> casValidateUrl=[https://mymachine:8443/cas/serviceValidate
>>> ]
>>> >> >> >> >> >> ticket=[ST-1-TWyPmOAR95g0fNryfZ1c-cas]
>>> >> >> >> >> >> service=[http%3A%2F%2Fmymachine%3A8080%2FuPortal%2FLogin]
>>> >> >> >> >> renew=false]]]
>>> >> >> >> >> >>
>>> >> >> >> >> >>
>>> >> >> >> >> >>
>>> >> >> >> >>
>>> >> >> >>
>>> >> >>
>>> >>
>>> edu.yale.its.tp.cas.client.filter.CASValidateFilter.doFilter(CASValidateFilter.java:292)
>>> >> >> >> >> >>
>>> >> >> >> >> >> root cause
>>> >> >> >> >> >>
>>> >> >> >> >> >> edu.yale.its.tp.cas.client.CASAuthenticationException:
>>> Unable
>>> >> to
>>> >> >> >> >> validate
>>> >> >> >> >> >> ProxyTicketValidator
>>> >> >> >> [[edu.yale.its.tp.cas.client.ProxyTicketValidator
>>> >> >> >> >> >> proxyList=[null]
>>> >> >> [edu.yale.its.tp.cas.client.ServiceTicketValidator
>>> >> >> >> >> >>
>>> casValidateUrl=[https://mymachine:8443/cas/serviceValidate
>>> ]
>>> >> >> >> >> >> ticket=[ST-1-TWyPmOAR95g0fNryfZ1c-cas]
>>> >> >> >> >> >> service=[http%3A%2F%2Flalitha%3A8080%2FuPortal%2FLogin]
>>> >> >> >> renew=false]]]
>>> >> >> >> >> >>
>>> >> >> >> >> >>
>>> >> >> >>
>>> >> edu.yale.its.tp.cas.client.CASReceipt.getReceipt(CASReceipt.java:57)
>>> >> >> >> >> >>
>>> >> >> >> >> >>
>>> >> >> >> >> >>
>>> >> >> >> >>
>>> >> >> >>
>>> >> >>
>>> >>
>>> edu.yale.its.tp.cas.client.filter.CASValidateFilter.getAuthenticatedUser(CASValidateFilter.java:339)
>>> >> >> >> >> >>
>>> >> >> >> >> >>
>>> >> >> >> >> >>
>>> >> >> >> >>
>>> >> >> >>
>>> >> >>
>>> >>
>>> edu.yale.its.tp.cas.client.filter.CASValidateFilter.doFilter(CASValidateFilter.java:289)
>>> >> >> >> >> >>
>>> >> >> >> >> >> root cause
>>> >> >> >> >> >>
>>> >> >> >> >> >> java.io.IOException: Server returned HTTP response code:
>>> 500
>>> >> for
>>> >> >> >> URL:
>>> >> >> >> >> >>
>>> >> >> >> >> >>
>>> >> >> >> >>
>>> >> >> >>
>>> >> >>
>>> >>
>>> https://mymachine:8443/cas/serviceValidate?service=http%3A%2F%2Fmymachine%3A8080%2FuPortal%2FLogin&ticket=ST-1-TWyPmOAR95g0fNryfZ1c-cas
>>> >> >> >> >> >>
>>> >> >> >> >> >>
>>> >> >> >> >> >>
>>> >> >> >> >>
>>> >> >> >>
>>> >> >>
>>> >>
>>> sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1170)
>>> >> >> >> >> >>
>>> >> >> >> >> >>
>>> >> >> >> >> >>
>>> >> >> >> >>
>>> >> >> >>
>>> >> >>
>>> >>
>>> com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnectionOldImpl.getInputStream(HttpsURLConnectionOldImpl.java:204)
>>> >> >> >> >> >>
>>> >> >> >> edu.yale.its.tp.cas.util.SecureURL.retrieve(SecureURL.java:84)
>>> >> >> >> >> >>
>>> >> >> >> >> >>
>>> >> >> >> >> >>
>>> >> >> >> >>
>>> >> >> >>
>>> >> >>
>>> >>
>>> edu.yale.its.tp.cas.client.ServiceTicketValidator.validate(ServiceTicketValidator.java:216)
>>> >> >> >> >> >>
>>> >> >> >> >> >>
>>> >> >> >>
>>> >> edu.yale.its.tp.cas.client.CASReceipt.getReceipt(CASReceipt.java:55)
>>> >> >> >> >> >>
>>> >> >> >> >> >>
>>> >> >> >> >> >>
>>> >> >> >> >>
>>> >> >> >>
>>> >> >>
>>> >>
>>> edu.yale.its.tp.cas.client.filter.CASValidateFilter.getAuthenticatedUser(CASValidateFilter.java:339)
>>> >> >> >> >> >>
>>> >> >> >> >> >>
>>> >> >> >> >> >>
>>> >> >> >> >>
>>> >> >> >>
>>> >> >>
>>> >>
>>> edu.yale.its.tp.cas.client.filter.CASValidateFilter.doFilter(CASValidateFilter.java:289)
>>> >> >> >> >> >>
>>> >> >> >> >> >> note The full stack trace of the root cause is available
>>> in
>>> >> the
>>> >> >> >> Apache
>>> >> >> >> >> >> Tomcat/5.5.25 logs.
>>> >> >> >> >> >>
>>> >> >> >> >> >>
>>> >> >> >> >> >> John Sood wrote:
>>> >> >> >> >> >> >
>>> >> >> >> >> >> > No. Yale client does not support single signout.
>>> >> >> >> >> >> >
>>> >> >> >> >> >> > Tracy12 wrote:
>>> >> >> >> >> >> >> With CAS 3.2.1.1 can't we use cas client 2.1 from
>>> yale.?
>>> >> >> >> >> >> >>
>>> >> >> >> >> >> >> Reason is within uPortal we have CAS client 2.1 with
>>> some
>>> >> >> code
>>> >> >> >> >> >> >> modifications,
>>> >> >> >> >> >> >>
>>> >> >> >> >> >> >> Is it a must that we need to use CAS Client 3.1.1 with
>>> CAS
>>> >> >> >> 3.2.1.1
>>> >> >> >> >> >> >>
>>> >> >> >> >> >> >>
>>> >> >> >> >> >> >>
>>> >> >> >> >> >> >> John Sood wrote:
>>> >> >> >> >> >> >>
>>> >> >> >> >> >> >>> I am using the following at it works for me:
>>> >> >> >> >> >> >>>
>>> >> >> >> >> >> >>> CAS Server 3.2.1
>>> >> >> >> >> >> >>> CAS Client 3.1.1
>>> >> >> >> >> >> >>>
>>> >> >> >> >> >> >>> Tracy12 wrote:
>>> >> >> >> >> >> >>>
>>> >> >> >> >> >> >>>> Hi,
>>> >> >> >> >> >> >>>>
>>> >> >> >> >> >> >>>> Does CAS 3.2.1.1 fully supports Single log out?
>>> >> >> >> >> >> >>>>
>>> >> >> >> >> >> >>>> Do I have to download some prior version?
>>> >> >> >> >> >> >>>>
>>> >> >> >> >> >> >>>> Reason for this question is I can remember some
>>> >> discussions
>>> >> >> >> going
>>> >> >> >> >> on
>>> >> >> >> >> >> >>>> with
>>> >> >> >> >> >> >>>> regards to this, whether to download CAS 3.2.X
>>> >> >> >> >> >> >>>>
>>> >> >> >> >> >> >>>> or 3.1.X
>>> >> >> >> >> >> >>>>
>>> >> >> >> >> >> >>>> Pls confirm for us to download the proper version.
>>> >> >> >> >> >> >>>>
>>> >> >> >> >> >> >>>> Also let us know which casclient version should we
>>> >> download
>>> >> >> >> >> >> >>>> correspondent
>>> >> >> >> >> >> >>>> to
>>> >> >> >> >> >> >>>> the main CAS download.
>>> >> >> >> >> >> >>>>
>>> >> >> >> >> >> >>>> Thanks
>>> >> >> >> >> >> >>>>
>>> >> >> >> >> >> >>>>
>>> >> >> >> >> >> >>>>
>>> >> >> >> >> >> >>> _______________________________________________
>>> >> >> >> >> >> >>> Yale CAS mailing list
>>> >> >> >> >> >> >>> [email protected]
>>> >> >> >> >> >> >>> http://tp.its.yale.edu/mailman/listinfo/cas
>>> >> >> >> >> >> >>>
>>> >> >> >> >> >> >>>
>>> >> >> >> >> >> >>>
>>> >> >> >> >> >> >>
>>> >> >> >> >> >> >>
>>> >> >> >> >> >> >
>>> >> >> >> >> >> >
>>> >> >> >> >> >> > _______________________________________________
>>> >> >> >> >> >> > Yale CAS mailing list
>>> >> >> >> >> >> > [email protected]
>>> >> >> >> >> >> > http://tp.its.yale.edu/mailman/listinfo/cas
>>> >> >> >> >> >> >
>>> >> >> >> >> >> >
>>> >> >> >> >> >>
>>> >> >> >> >> >> --
>>> >> >> >> >> >> View this message in context:
>>> >> >> >> >> >>
>>> >> >> >> >>
>>> >> >> >>
>>> >> >>
>>> >>
>>> http://www.nabble.com/Single-Log-Out---which-version-tp18746114p18768662.html
>>> >> >> >> >> >> Sent from the CAS Users mailing list archive at
>>> Nabble.com.
>>> >> >> >> >> >>
>>> >> >> >> >> >> _______________________________________________
>>> >> >> >> >> >> Yale CAS mailing list
>>> >> >> >> >> >> [email protected]
>>> >> >> >> >> >> http://tp.its.yale.edu/mailman/listinfo/cas
>>> >> >> >> >> >>
>>> >> >> >> >> >
>>> >> >> >> >> > _______________________________________________
>>> >> >> >> >> > Yale CAS mailing list
>>> >> >> >> >> > [email protected]
>>> >> >> >> >> > http://tp.its.yale.edu/mailman/listinfo/cas
>>> >> >> >> >> >
>>> >> >> >> >> >
>>> >> >> >> >>
>>> >> >> >> >> --
>>> >> >> >> >> View this message in context:
>>> >> >> >> >>
>>> >> >> >>
>>> >> >>
>>> >>
>>> http://www.nabble.com/Single-Log-Out---which-version-tp18746114p18805727.html
>>> >> >> >> >> Sent from the CAS Users mailing list archive at Nabble.com.
>>> >> >> >> >>
>>> >> >> >> >> _______________________________________________
>>> >> >> >> >> Yale CAS mailing list
>>> >> >> >> >> [email protected]
>>> >> >> >> >> http://tp.its.yale.edu/mailman/listinfo/cas
>>> >> >> >> >>
>>> >> >> >> >
>>> >> >> >> > _______________________________________________
>>> >> >> >> > Yale CAS mailing list
>>> >> >> >> > [email protected]
>>> >> >> >> > http://tp.its.yale.edu/mailman/listinfo/cas
>>> >> >> >> >
>>> >> >> >> >
>>> >> >> >>
>>> >> >> >> --
>>> >> >> >> View this message in context:
>>> >> >> >>
>>> >> >>
>>> >>
>>> http://www.nabble.com/Single-Log-Out---which-version-tp18746114p18822609.html
>>> >> >> >> Sent from the CAS Users mailing list archive at Nabble.com.
>>> >> >> >>
>>> >> >> >> _______________________________________________
>>> >> >> >> Yale CAS mailing list
>>> >> >> >> [email protected]
>>> >> >> >> http://tp.its.yale.edu/mailman/listinfo/cas
>>> >> >> >>
>>> >> >> >
>>> >> >> > _______________________________________________
>>> >> >> > Yale CAS mailing list
>>> >> >> > [email protected]
>>> >> >> > http://tp.its.yale.edu/mailman/listinfo/cas
>>> >> >> >
>>> >> >> >
>>> >> >>
>>> >> >> --
>>> >> >> View this message in context:
>>> >> >>
>>> >>
>>> http://www.nabble.com/Single-Log-Out---which-version-tp18746114p18823313.html
>>> >> >> Sent from the CAS Users mailing list archive at Nabble.com.
>>> >> >>
>>> >> >> _______________________________________________
>>> >> >> Yale CAS mailing list
>>> >> >> [email protected]
>>> >> >> http://tp.its.yale.edu/mailman/listinfo/cas
>>> >> >>
>>> >> >
>>> >> > _______________________________________________
>>> >> > Yale CAS mailing list
>>> >> > [email protected]
>>> >> > http://tp.its.yale.edu/mailman/listinfo/cas
>>> >> >
>>> >> >
>>> >>
>>> >> --
>>> >> View this message in context:
>>> >>
>>> http://www.nabble.com/Single-Log-Out---which-version-tp18746114p18826587.html
>>> >> Sent from the CAS Users mailing list archive at Nabble.com.
>>> >>
>>> >> _______________________________________________
>>> >> Yale CAS mailing list
>>> >> [email protected]
>>> >> http://tp.its.yale.edu/mailman/listinfo/cas
>>> >>
>>> >
>>> > _______________________________________________
>>> > Yale CAS mailing list
>>> > [email protected]
>>> > http://tp.its.yale.edu/mailman/listinfo/cas
>>> >
>>> >
>>>
>>> --
>>> View this message in context:
>>> http://www.nabble.com/Single-Log-Out---which-version-tp18746114p18844212.html
>>> Sent from the CAS Users mailing list archive at Nabble.com.
>>>
>>> _______________________________________________
>>> Yale CAS mailing list
>>> [email protected]
>>> http://tp.its.yale.edu/mailman/listinfo/cas
>>>
>>
>>
>
> _______________________________________________
> Yale CAS mailing list
> [email protected]
> http://tp.its.yale.edu/mailman/listinfo/cas
>
>
--
View this message in context:
http://www.nabble.com/Single-Log-Out---which-version-tp18746114p18885251.html
Sent from the CAS Users mailing list archive at Nabble.com.
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
