-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Perhaps it is simply the copy & paste into the email, but I notice a few spaces in the paths of your config. Could you verify that those are not in your real configuration?
Is mydomain.crt the signing CA for your CAS server's certificate? Is mydomain.crt readable by the user the Apache daemon is running as? Could you enable CAS debugging and Apache debugging, and send the extra debugging information here? - -Matt lobatt wrote: > Dear list: > > I have deployed a testing CAS server to protect a httpd > Location, I can login in CAS server successfully, but after being > automatically redirected to the protect location, it always return a 401 > error page to me. > > > > I checked my log: > > In http log: > > - - [21/Oct/2008:14:07:40 +0800] "GET > /casprotect/?ticket=ST-24-L3WtJybA9GIJNa4ASyYJ-cas HTTP/1.1" 401 564 > > In cas log: > > 2008-10-21 14:07:40,151 INFO > [org.jasig.cas.CentralAuthenticationServiceImpl] - Granted service > ticket [ST-24-L3WtJybA9GIJNa4 > > ASyYJ-cas] for service [https://sp.permis.pku.edu.cn/casprotect/] for > user [Roey] > > 2008-10-21 14:22:08,272 INFO > [org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] - > Starting cleaning of expi > > red tickets from ticket registry at [Tue Oct 21 14:22:08 CST 2008] > > > > my mod_auth_cas configuration: > > LoadModule auth_cas_module modules/mod_auth_cas.so > > CASCookiePath /tmp/cas/ > > CASloginURL https://mydomain /cas/login > > CASValidateURL https:// mydomain /cas/serviceValidate > > CASCertificatePath /home/ncpku/common/httpd-2.0.59/conf/ mydomain.crt > > <Location "/casprotect/"> > > AuthType CAS > > Require valid-user > > </Location> > > > > I checked my CertificatePath, and I am sure that is right. > > Is there any other possibility? > > > > Best regards, > > Li Cheng > > > ------------------------------------------------------------------------ > > _______________________________________________ > Yale CAS mailing list > [email protected] > http://tp.its.yale.edu/mailman/listinfo/cas - -- Matthew J. Smith University of Connecticut ITS [EMAIL PROTECTED] PGP KeyID: 0xE9C5244E -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFI/cqmGP63pOnFJE4RApgoAKCvr6dwN9JJ9UoB6Kswyz46G04ptwCfchdd kISrC2dQDweyubCquluMLLU= =VZuH -----END PGP SIGNATURE----- _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
