On Wed, Aug 27, 2008 at 2:18 PM, Scott Battaglia <[EMAIL PROTECTED]> wrote: > > -Scott Battaglia > PGP Public Key Id: 0x383733AA > LinkedIn: http://www.linkedin.com/in/scottbattaglia > > > On Wed, Aug 27, 2008 at 3:11 PM, Troy Bull <[EMAIL PROTECTED]> wrote: >> >> On Wed, Aug 27, 2008 at 10:11 AM, Troy Bull <[EMAIL PROTECTED]> wrote: >> > Greetings >> > >> > I have a fairly simple environment, a few apps and CAS 3.2.1 >> > >> > When I run it on my workstation it all works pefectly. However; when >> > I run it on the server either in QA or in our TEST environment the >> > single sign out feature doesnt seem to work. QA and TEST are >> > clustered with multiple machines, my local workstation is setup as a >> > cluster of 1. >> > >> > Does anyone have an ideas ? How can I bump up debugging so I can see >> > more output in the logs. >> > >> > Thanks >> > Troy >> > >> >> >> Hey, a bit more info. >> >> I have been testing different scenarios all day trying to figure this >> out. It works like I said perfectly on my local development machine. >> When I deploy to the test server or the QA server (they caught it in >> QA), it doesnt log the user out. >> >> I have 2 apps I use for testing >> >> If i log in to 1, then log out of 1 I am logged out of 2 and out of >> cas but still will be logged in to 1. > > I'm not sure this is possible. No CAS client talks to another CAS client. > So if you've logged out of 1 then you've only logged out of application 1. > > -Scott >
I am talking about single sign out, if I go to server/cas/logout it in fact does not log me out. There has been much strangeness going on with this and none of it is good. I have been trying to track down what is going on. I can reproduce the problem with just 1 app and cas. Log in then go to https://server/cas/logout then navigate back to the app and I am still logged in, I am however logged out of cas at this time. Basically cas never makes the connection with the SingleSignOutFilter. I am not sure why, it may be that it makes the connection but somehow inside single sign out filter it looses its way. i have turned on tracing in my app and am going over the log now here is a bit of it: 71037 [[ACTIVE] ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)'] DEBUG org.jasig.cas.client.session.SingleSignOutFilter - Storing session identifier for sQydL18psB1sX6vh3Ww1dGvlVrcTmlZhJSyzC90KsHy0vJTPskQd!1155089760!-890672899!1219869790283 <Aug 27, 2008 3:43:56 PM CDT> <Info> <Health> <BEA-310002> <79% of the total memory in the server is free> 179526 [[ACTIVE] ExecuteThread: '2' for queue: 'weblogic.kernel.Default (self-tuning)'] DEBUG org.jasig.cas.client.session.SingleSignOutFilter - Logout request=[<samlp:LogoutRequest xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="LR-12-Ku7eDedl50lFHRA1cW6GCg1trepnrjWhOZy" Version="2.0" IssueInstant="2008-08-27T15:44:58Z"><saml:NameID xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">@NOT_USED@</saml:NameID><samlp:SessionIndex>ST-25-99h91t0cuMFJdcMEHSsC-cas</samlp:SessionIndex></samlp:LogoutRequest>] 264867 [[ACTIVE] ExecuteThread: '2' for queue: 'weblogic.kernel.Default (self-tuning)'] DEBUG org.jasig.cas.client.session.SingleSignOutFilter - Storing session identifier for BJbVL19QwtZ03p6Rcn9GQQySknn1SMYzvjvSQlp62LvhmQjGQRHn!1155089760!-890672899!1219869984114 264946 [[ACTIVE] ExecuteThread: '2' for queue: 'weblogic.kernel.Default (self-tuning)'] DEBUG org.jasig.cas.client.session.SingleSignOutFilter - Storing session identifier for BJbVL19QwtZ03p6Rcn9GQQySknn1SMYzvjvSQlp62LvhmQjGQRHn!1155089760!-890672899!1219869984114 264948 [[ACTIVE] ExecuteThread: '2' for queue: 'weblogic.kernel.Default (self-tuning)'] DEBUG org.jasig.cas.client.validation.Cas20ServiceTicketValidator - Placing URL parameters in map. 264949 [[ACTIVE] ExecuteThread: '2' for queue: 'weblogic.kernel.Default (self-tuning)'] DEBUG org.jasig.cas.client.validation.Cas20ServiceTicketValidator - Calling template URL attribute map. 264949 [[ACTIVE] ExecuteThread: '2' for queue: 'weblogic.kernel.Default (self-tuning)'] DEBUG org.jasig.cas.client.validation.Cas20ServiceTicketValidator - Loading custom parameters from configuration. 264949 [[ACTIVE] ExecuteThread: '2' for queue: 'weblogic.kernel.Default (self-tuning)'] DEBUG org.jasig.cas.client.validation.Cas20ServiceTicketValidator - Constructing validation url: https://qualitynet-dev.sdps.org/QualityNetSecurity/serviceValidate?service=https%3A%2F%2Fqualitynet-dev.sdps.org%2Fnav%2Fj_spring_cas_security_check&ticket=ST-26-sG3fM1ueVFEQRE73eqta-cas&; 264949 [[ACTIVE] ExecuteThread: '2' for queue: 'weblogic.kernel.Default (self-tuning)'] DEBUG org.jasig.cas.client.validation.Cas20ServiceTicketValidator - Retrieving response from server. 265076 [[ACTIVE] ExecuteThread: '2' for queue: 'weblogic.kernel.Default (self-tuning)'] DEBUG org.jasig.cas.client.validation.Cas20ServiceTicketValidator - Server response: <cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'> <cas:authenticationSuccess> <cas:user>slongdo</cas:user> </cas:authenticationSuccess> </cas:serviceResponse> 265092 [[ACTIVE] ExecuteThread: '2' for queue: 'weblogic.kernel.Default (self-tuning)'] INFO org.ifmc.qnet.security.QnetUserDetailsService - Using the following URL for the Authorization Web Service authorization and authentication information: http://c2rbu25-app.sdps.org:4031/authws/services/AuthenticationService 265107 [[ACTIVE] ExecuteThread: '2' for queue: 'weblogic.kernel.Default (self-tuning)'] INFO org.ifmc.qnet.security.QnetUserDetailsService - Retrieving OARSPrincipal for username: slongdo 266332 [[ACTIVE] ExecuteThread: '2' for queue: 'weblogic.kernel.Default (self-tuning)'] INFO org.ifmc.qnet.security.QnetUserDetailsService - Retrieving user roles for username: slongdo 266644 [[ACTIVE] ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)'] DEBUG org.jasig.cas.client.session.SingleSignOutFilter - Storing session identifier for BJbVL19QwtZ03p6Rcn9GQQySknn1SMYzvjvSQlp62LvhmQjGQRHn!1155089760!-890672899!1219869984114 <Aug 27, 2008 3:46:26 PM CDT> <Info> <ServletContext-/nav> <000000> <Initializing Spring FrameworkServlet 'nav'> 266937 [[ACTIVE] ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)'] INFO org.springframework.web.servlet.DispatcherServlet - FrameworkServlet 'nav': initialization started 267043 [[ACTIVE] ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)'] INFO org.springframework.web.context.support.XmlWebApplicationContext - Refreshing [EMAIL PROTECTED]: display name [WebApplicationContext for namespace 'nav-servlet']; startup date [Wed Aug 27 15:46:26 CDT 2008]; parent: [EMAIL PROTECTED] 267055 [[ACTIVE] ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)'] INFO org.springframework.beans.factory.xml.XmlBeanDefinitionReader - Loading XML bean definitions from ServletContext resource [/WEB-INF/nav-servlet.xml] 267893 [[ACTIVE] ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)'] INFO org.springframework.web.context.support.XmlWebApplicationContext - Bean factory for application context [EMAIL PROTECTED]: [EMAIL PROTECTED] 268259 [[ACTIVE] ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)'] INFO org.springframework.beans.factory.support.DefaultListableBeanFactory - Pre-instantiating singletons in [EMAIL PROTECTED]: defining beans [pronetUserDS,navDao,sqlMap,viewResolver,messageSource,/myTasks.htm]; parent: [EMAIL PROTECTED] 270937 [[ACTIVE] ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)'] INFO org.springframework.web.servlet.DispatcherServlet - FrameworkServlet 'nav': initialization completed in 4000 ms I think that this case it "worked" I am searching trying to find a case where it didn't work (in the logs) Here is another time it shows up weblogic.kernel.Default (self-tuning)'] DEBUG org.jasig.cas.client.session.SingleSignOutFilter - Logout request=[<samlp:LogoutRequest xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="LR-9-ZAFaKdhgKb9Lj94f4EDkMxbTKqbxbePPLM5" Version="2.0" IssueInstant="2008-08-27T15:44:11Z"><saml:NameID xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">@NOT_USED@</saml:NameID><samlp:SessionIndex>ST-22-sY5XljFcE3BxgfRjGYJv-cas</samlp:SessionIndex></samlp:LogoutRequest>] 130740 [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'] DEBUG org.jasig.cas.client.session.SingleSignOutFilter - Invalidating session [HQCWL18XZBy20gB9qxjCQ5TmL2VGJBgHXqG2CQTBZM2lvlLTGfkN!-890672899!1155089760!1219869815452] for ST [ST-22-sY5XljFcE3BxgfRjGYJv-cas] 130741 [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'] DEBUG org.jasig.cas.client.session.SingleSignOutHttpSessionListener - Removing HttpSession: HQCWL18XZBy20gB9qxjCQ5TmL2VGJBgHXqG2CQTBZM2lvlLTGfkN!-890672899!1155089760!1219869815452 154331 [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'] DEBUG org.jasig.cas.client.session.SingleSignOutFilter - Storing session identifier for QfgnL18MGLfYY9J5BmTnBxpCtrXxxXLhnRVTLQ4Zxv2nplGLgQjh!-890672899!1155089760!1219869868201 154332 [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'] DEBUG org.jasig.cas.client.validation.Cas20ServiceTicketValidator - Placing URL parameters in map. 154332 [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'] DEBUG org.jasig.cas.client.validation.Cas20ServiceTicketValidator - Calling template URL attribute map. 154332 [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'] DEBUG org.jasig.cas.client.validation.Cas20ServiceTicketValidator - Loading custom parameters from configuration. 154332 [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'] DEBUG org.jasig.cas.client.validation.Cas20ServiceTicketValidator - Constructing validation url: https://qualitynet-dev.sdps.org/QualityNetSecurity/serviceValidate?service=https%3A%2F%2Fqualitynet-dev.sdps.org%2Fnav%2Fj_spring_cas_security_check&ticket=ST-23-Rk6AwjgDmStR3uMujOiY-cas&; 154332 [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'] DEBUG org.jasig.cas.client.validation.Cas20ServiceTicketValidator - Retrieving response from server. 154513 [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'] DEBUG org.jasig.cas.client.validation.Cas20ServiceTicketValidator - Server response: <cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'> <cas:authenticationSuccess> <cas:user>slongdo</cas:user> </cas:authenticationSuccess> </cas:serviceResponse> 154538 [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'] INFO org.ifmc.qnet.security.QnetUserDetailsService - Using the following URL for the Authorization Web Service authorization and authentication information: http://c2rbu25-app.sdps.org:4031/authws/services/AuthenticationService 154538 [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'] INFO org.ifmc.qnet.security.QnetUserDetailsService - Retrieving OARSPrincipal for username: slongdo 154842 [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'] INFO org.ifmc.qnet.security.QnetUserDetailsService - Retrieving user roles for username: slongdo 155118 [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'] DEBUG org.jasig.cas.client.session.SingleSignOutFilter - Storing session identifier for QfgnL18MGLfYY9J5BmTnBxpCtrXxxXLhnRVTLQ4Zxv2nplGLgQjh!-890672899!1155089760!1219869868201 I am really lost if you have any ideas I should try please let me know. Thanks troy _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
