Re: [cas-user] oAuth authentification and tomcat preventing encoded slashes

2017-02-28 Thread Emmanuel Cervetti 
The problem was on the client side, sorry for that.

(I confirm that tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH must be set on 
true, however )

Thank you for your response

Le lundi 27 février 2017 07:49:41 UTC+1, leleuj a écrit :
>
> Hi,
>
> When the cas-server-support-oauth jar is added to the classpath, the 
> /oauth2.0 URL mapping is automatically added to the CAS servlet regardless 
> of the HTTP method. So the /authorize call should be caught for GET or POST 
> requests.
>
> Which version of Tomcat do you use? I remember doing several successful 
> tests which Tomcat 7/8 with slashes in the redirection URL. Here is the 
> demo I used: https://github.com/leleuj/cas-pac4j-oauth-demo/tree/4.2.x
>
> Thanks.
> Best regards,
> Jérôme
>
>
> 2017-02-26 10:09 GMT+01:00 Emmanuel Cervetti  >:
>
>> After forward debuging it's seems to me that oAuth server support in 
>> cas4.2 cannot handle url GET data.
>> All is done to catch the POST parameters in autorize route.
>> But documentation (both cas and oAuth) tell to use GET parameters for 
>> authorization.
>>
>>
>> 2017-02-25 22:19 GMT+01:00 Emmanuel Cervetti > >:
>>
>>> Hello
>>> Tomcat prevent using encoded slashes in url. It was a blank page when 
>>> try to use the oAuth server:
>>>
>>>
>>> https://globalsso.orupaca.fr:8443/oauth2.0/authorize_type=code_id=leclient_uri=http%3A%2F%2F10.211.55.3
>>> =>blank page
>>>
>>> So I set the tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH=true , the 
>>> only answer I could find for such a problem.
>>>
>>> Then the issue is different.
>>>
>>> https://globalsso.orupaca.fr:8443/oauth2.0/authorize_type=code_id=leclient_uri=http%3A%2F%2F10.211.55.3
>>> =>Redirection to the cas login page (without the oAuth context 
>>> pararmeters)
>>>
>>> I've set a breakpoint in OAuth20WrapperController to see if it was a CAS 
>>> installation problem, and I have the folowing behaviour :
>>>
>>>
>>> https://globalsso.orupaca.fr:8443/oauth2.0/authorize_type=code_id=leclient_uri=http%3A%2F%2F10.211.55.3
>>> =>no breakpoint stops, it go straight forward the cas home page
>>>
>>>
>>> https://globalsso.orupaca.fr:8443/oauth2.0/authorize_type=code_id=leclient_uri=
>>> *hereAUnselessString*
>>> =>breakpoint stops in OAuth20WrapperController, so it seems ok
>>>
>>> What could I do to the oAuth client request be handled by cas server ?
>>>
>>> My tomcat is 8.5.11
>>> Thank you very much for your answer
>>>
>>> -- 
>>> - CAS gitter chatroom: https://gitter.im/apereo/cas
>>> - CAS mailing list guidelines: 
>>> https://apereo.github.io/cas/Mailing-Lists.html
>>> - CAS documentation website: https://apereo.github.io/cas
>>> - CAS project website: https://github.com/apereo/cas
>>> --- 
>>> You received this message because you are subscribed to the Google 
>>> Groups "CAS Community" group.
>>> To unsubscribe from this group and stop receiving emails from it, send 
>>> an email to cas-user+u...@apereo.org .
>>> To view this discussion on the web visit 
>>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/93143320-debe-4892-bbe4-e3b9cc0f69fa%40apereo.org
>>>  
>>> 
>>> .
>>>
>>
>> -- 
>> - CAS gitter chatroom: https://gitter.im/apereo/cas
>> - CAS mailing list guidelines: 
>> https://apereo.github.io/cas/Mailing-Lists.html
>> - CAS documentation website: https://apereo.github.io/cas
>> - CAS project website: https://github.com/apereo/cas
>> --- 
>> You received this message because you are subscribed to the Google Groups 
>> "CAS Community" group.
>> To unsubscribe from this group and stop receiving emails from it, send an 
>> email to cas-user+u...@apereo.org .
>> To view this discussion on the web visit 
>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BnfJqOM8QR7LhP67KHSioLwGPSVADNbh-8CcGwf04QFbUNy_Q%40mail.gmail.com
>>  
>> 
>> .
>>
>
>

-- 
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/2f21766c-761a-46bd-a89f-c93c7f71854f%40apereo.org.

Re: [cas-user] oAuth authentification and tomcat preventing encoded slashes

2017-02-26 Thread Jérôme LELEU 
Hi,

When the cas-server-support-oauth jar is added to the classpath, the
/oauth2.0 URL mapping is automatically added to the CAS servlet regardless
of the HTTP method. So the /authorize call should be caught for GET or POST
requests.

Which version of Tomcat do you use? I remember doing several successful
tests which Tomcat 7/8 with slashes in the redirection URL. Here is the
demo I used: https://github.com/leleuj/cas-pac4j-oauth-demo/tree/4.2.x

Thanks.
Best regards,
Jérôme


2017-02-26 10:09 GMT+01:00 Emmanuel Cervetti :

> After forward debuging it's seems to me that oAuth server support in
> cas4.2 cannot handle url GET data.
> All is done to catch the POST parameters in autorize route.
> But documentation (both cas and oAuth) tell to use GET parameters for
> authorization.
>
>
> 2017-02-25 22:19 GMT+01:00 Emmanuel Cervetti 
> :
>
>> Hello
>> Tomcat prevent using encoded slashes in url. It was a blank page when try
>> to use the oAuth server:
>>
>> https://globalsso.orupaca.fr:8443/oauth2.0/authorize
>> e_type=code_id=leclient_uri=http%3A%2F%2F10.211.55.3
>> =>blank page
>>
>> So I set the tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH=true , the
>> only answer I could find for such a problem.
>>
>> Then the issue is different.
>> https://globalsso.orupaca.fr:8443/oauth2.0/authorize
>> e_type=code_id=leclient_uri=http%3A%2F%2F10.211.55.3
>> =>Redirection to the cas login page (without the oAuth context
>> pararmeters)
>>
>> I've set a breakpoint in OAuth20WrapperController to see if it was a CAS
>> installation problem, and I have the folowing behaviour :
>>
>> https://globalsso.orupaca.fr:8443/oauth2.0/authorize
>> e_type=code_id=leclient_uri=http%3A%2F%2F10.211.55.3
>> =>no breakpoint stops, it go straight forward the cas home page
>>
>> https://globalsso.orupaca.fr:8443/oauth2.0/authorize
>> e_type=code_id=leclient_uri=*hereAUnselessString*
>> =>breakpoint stops in OAuth20WrapperController, so it seems ok
>>
>> What could I do to the oAuth client request be handled by cas server ?
>>
>> My tomcat is 8.5.11
>> Thank you very much for your answer
>>
>> --
>> - CAS gitter chatroom: https://gitter.im/apereo/cas
>> - CAS mailing list guidelines: https://apereo.github.io/cas/M
>> ailing-Lists.html
>> - CAS documentation website: https://apereo.github.io/cas
>> - CAS project website: https://github.com/apereo/cas
>> ---
>> You received this message because you are subscribed to the Google Groups
>> "CAS Community" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to cas-user+unsubscr...@apereo.org.
>> To view this discussion on the web visit https://groups.google.com/a/ap
>> ereo.org/d/msgid/cas-user/93143320-debe-4892-bbe4-e3b9cc0f69
>> fa%40apereo.org
>> 
>> .
>>
>
> --
> - CAS gitter chatroom: https://gitter.im/apereo/cas
> - CAS mailing list guidelines: https://apereo.github.io/cas/
> Mailing-Lists.html
> - CAS documentation website: https://apereo.github.io/cas
> - CAS project website: https://github.com/apereo/cas
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit https://groups.google.com/a/
> apereo.org/d/msgid/cas-user/CA%2BnfJqOM8QR7LhP67KHSioLwGPSVAD
> Nbh-8CcGwf04QFbUNy_Q%40mail.gmail.com
> 
> .
>

-- 
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAP279LzVRQfkmFQWucj4S3bvKjzcHT68qshJ71u_CMdhS2X7WA%40mail.gmail.com.

Re: [cas-user] oAuth authentification and tomcat preventing encoded slashes

2017-02-26 Thread Emmanuel Cervetti 
After forward debuging it's seems to me that oAuth server support in cas4.2
cannot handle url GET data.
All is done to catch the POST parameters in autorize route.
But documentation (both cas and oAuth) tell to use GET parameters for
authorization.


2017-02-25 22:19 GMT+01:00 Emmanuel Cervetti :

> Hello
> Tomcat prevent using encoded slashes in url. It was a blank page when try
> to use the oAuth server:
>
> https://globalsso.orupaca.fr:8443/oauth2.0/authorize;
> response_type=code_id=leclient_uri=http%3A%
> 2F%2F10.211.55.3
> =>blank page
>
> So I set the tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH=true , the only
> answer I could find for such a problem.
>
> Then the issue is different.
> https://globalsso.orupaca.fr:8443/oauth2.0/authorize;
> response_type=code_id=leclient_uri=http%3A%
> 2F%2F10.211.55.3
> =>Redirection to the cas login page (without the oAuth context pararmeters)
>
> I've set a breakpoint in OAuth20WrapperController to see if it was a CAS
> installation problem, and I have the folowing behaviour :
>
> https://globalsso.orupaca.fr:8443/oauth2.0/authorize;
> response_type=code_id=leclient_uri=http%3A%
> 2F%2F10.211.55.3
> =>no breakpoint stops, it go straight forward the cas home page
>
> https://globalsso.orupaca.fr:8443/oauth2.0/authorize;
> response_type=code_id=leclient_uri=*hereAUnselessString*
> =>breakpoint stops in OAuth20WrapperController, so it seems ok
>
> What could I do to the oAuth client request be handled by cas server ?
>
> My tomcat is 8.5.11
> Thank you very much for your answer
>
> --
> - CAS gitter chatroom: https://gitter.im/apereo/cas
> - CAS mailing list guidelines: https://apereo.github.io/cas/
> Mailing-Lists.html
> - CAS documentation website: https://apereo.github.io/cas
> - CAS project website: https://github.com/apereo/cas
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit https://groups.google.com/a/
> apereo.org/d/msgid/cas-user/93143320-debe-4892-bbe4-
> e3b9cc0f69fa%40apereo.org
> 
> .
>

-- 
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BnfJqOM8QR7LhP67KHSioLwGPSVADNbh-8CcGwf04QFbUNy_Q%40mail.gmail.com.

[cas-user] oAuth authentification and tomcat preventing encoded slashes

2017-02-25 Thread Emmanuel Cervetti 
Hello
Tomcat prevent using encoded slashes in url. It was a blank page when try 
to use the oAuth server:

https://globalsso.orupaca.fr:8443/oauth2.0/authorize_type=code_id=leclient_uri=http%3A%2F%2F10.211.55.3
=>blank page

So I set the tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH=true , the only 
answer I could find for such a problem.

Then the issue is different.
https://globalsso.orupaca.fr:8443/oauth2.0/authorize_type=code_id=leclient_uri=http%3A%2F%2F10.211.55.3
=>Redirection to the cas login page (without the oAuth context pararmeters)

I've set a breakpoint in OAuth20WrapperController to see if it was a CAS 
installation problem, and I have the folowing behaviour :

https://globalsso.orupaca.fr:8443/oauth2.0/authorize_type=code_id=leclient_uri=http%3A%2F%2F10.211.55.3
=>no breakpoint stops, it go straight forward the cas home page

https://globalsso.orupaca.fr:8443/oauth2.0/authorize_type=code_id=leclient_uri=
*hereAUnselessString*
=>breakpoint stops in OAuth20WrapperController, so it seems ok

What could I do to the oAuth client request be handled by cas server ?

My tomcat is 8.5.11
Thank you very much for your answer

-- 
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/93143320-debe-4892-bbe4-e3b9cc0f69fa%40apereo.org.