I've the following situation: * CAS Server : https://localhost:9443/cas * Apache SSL PHP Server (XAMPP) http://localhost/castest.php * Apache Tomcat running the external Service (JAVA code): http://localhost:8080/TENCServer/user/stef.user. This Tomcat is configured with SoulWing to enable CAS authentication.
* I generated an Certificate for the 'tomcat' server and imported this in the 'cacerts' file. Also I imported the ssl.crt/server.crt file from the Apache SSL Server into the 'cacerts' file. * The php code I use is the example from "http://www.ja-sig.org/wiki/download/attachments/6619639/example_proxy.php?version=1";; <?php // set debug mode phpCAS::setDebug('c:\data\cas.log'); // initialize phpCAS phpCAS::proxy(CAS_VERSION_2_0,'localhost',9443,'/cas'); // no SSL validation for the CAS server phpCAS::setNoCasServerValidation(); // set PGT storage to file in XML format in the same directory as session files phpCAS::setPGTStorageFile('xml',session_save_path()); // force CAS authentication phpCAS::forceAuthentication(); ?> <html> <head><title>phpCAS proxy example</title></head> <body> <p>the user's login is <?php echo phpCAS::getUser(); ?>.</p> <?php // access to external services $service = 'http://localhost:8080/TENCServer/user/stef.user'; flush(); $PT = phpCAS::retrievePT($service,$err_code,$output); echo 'PT = ' . $PT . '<br />'; // call the service phpCAS::serviceWeb($service,$err_code,$output); echo $output; ?> </body> </html> * When I access the /castest.php file, I'm redirected to the /cas/login page. On this page I fill in a valid username/password, and CAS validates me correctly. But when the external service is accessed, I see an error: PT == ST-124-1e5r7pitFFKNb3h5zNbd-cas HTTP Status 401 - type Status report message description This request requires HTTP authentication (). * And when I look in the tracing from the CAS server, I see the following: [org.apache.jasper.servlet.JspServlet] - < targetService = http://localhost:8080/TENCServer/user/stef.user> [org.apache.jasper.servlet.JspServlet] - < pgt = TGT-40-zoHQnC0DyM7Qafx1Ok5hO27zfgJWPAmUJ3CsPqObMdNeoi0FL2-cas> [org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/cas]] - <Disabling the response for futher output> [org.jasig.cas.web.support.CasArgumentExtractor] - <Extractor generated service for: http://localhost:8080/TENCServer/user/stef.user> [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Attempting to retrieve ticket [ST-125-IUXfKVVrgZzaYwfTgwg4-cas]> [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Ticket [ST-125-IUXfKVVrgZzaYwfTgwg4-cas] found in registry.> [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Removing ticket [ST-125-IUXfKVVrgZzaYwfTgwg4-cas] from registry> [org.jasig.cas.web.ServiceValidateController] - <ServiceTicket [ST-125-IUXfKVVrgZzaYwfTgwg4-cas] does not satisfy validation specification.> * Can somebody please help me ? And point me to to right direction how to solve this? Best regards, Stef -- View this message in context: http://www.nabble.com/Proxying-from-php-application-to-JAVA-service-tp20067469p20067469.html Sent from the CAS Users mailing list archive at Nabble.com. _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
