Re: [SOGo] SOGo and CAS

2015-01-28 Thread Bruno Richard 

thanks Jean-Philippe for your answer.
I tried but the browser always said that the page is not correctly 
redirected...


ans I always had the same message in the cas log :
 Response Code did not match any of the acceptable response codes. Code 
returned was 403

and bad credentials...

any clue ?
thanks in advance
Bruno

On 26/01/2015 09:35, Jean-Philippe Ghibaudo wrote:

Hi,

I guess you just need to request the REMOTE_USER header.
Where you have all your RequestHeader set, try add :

RequestHeader set x-webobjects-remote-user %{REMOTE_USER}e

Jean-Philippe

Le 21/01/2015 14:18, Bruno Richard a écrit :

Hi All,

I'm new to SOGo. I try to install it on debian jessie.
I want to authenticate users using CAS.
I had inserted in the cas keystore the cert of the apache that is in 
front of SOGo.
However, I have a cas error when I try to log in and the mailbox 
appears empty.


The cas error :
2015-01-21 10:49:25,735 DEBUG 
[org.jasig.cas.ticket.registry.DefaultTicketRegistry] - Ticket 
[TGT-1-bmLPtKJbhpV5hDBdjhKsrESdgsbxSu002oIQVDmBoSITqwnJbf-cas.mydomain.fr] 
found in registry.
2015-01-21 10:49:25,742 DEBUG 
[org.jasig.cas.web.flow.CasFlowExecutionKeyFactory] - Removing flow 
execution '[Ended execution of 'login']' from repository
2015-01-21 10:49:25,742 DEBUG 
[org.jasig.cas.web.flow.CasFlowExecutionKeyFactory] - Removing flow 
execution '[Ended execution of 'login']' from repository
2015-01-21 10:49:25,959 DEBUG 
[org.jasig.cas.web.support.CasArgumentExtractor] - Extractor 
generated service for: https://webmail.mydomain.fr/SOGo/so/index
2015-01-21 10:49:25,962 DEBUG 
[org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler] 
- Attempting to resolve credentials for [callbackUrl: 
https://webmail.mydomain.fr/SOGo/casProxy]
2015-01-21 10:49:26,261 DEBUG [org.jasig.cas.util.HttpClient] - 
Response Code did not match any of the acceptable response codes. 
Code returned was 403
2015-01-21 10:49:26,262 INFO 
[org.jasig.cas.authentication.AuthenticationManagerImpl] - 
AuthenticationHandler: 
org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler 
failed to authenticate the user which provided the following 
credentials: [callbackUrl: https://webmail.mydomain.fr/SOGo/casProxy]
2015-01-21 10:49:26,263 DEBUG 
[org.jasig.cas.ticket.registry.DefaultTicketRegistry] - Attempting to 
retrieve ticket [ST-1-hyppJtF9qvogghaPr9Yg-cas.mydomain.fr]
2015-01-21 10:49:26,263 DEBUG 
[org.jasig.cas.ticket.registry.DefaultTicketRegistry] - Ticket 
[ST-1-hyppJtF9qvogjhaZr9Yg-cas.mydomain.fr] found in registry.
2015-01-21 10:49:26,264 ERROR 
[org.jasig.cas.web.ServiceValidateController] - TicketException 
generating ticket for: [callbackUrl: 
https://webmail.mydomain.fr/SOGo/casProxy]
org.jasig.cas.ticket.TicketCreationException: 
error.authentication.credentials.bad
at 
org.jasig.cas.CentralAuthenticationServiceImpl.delegateTicketGrantingTicket_aroundBody6(CentralAuthenticationServiceImpl.java:300)
at 
org.jasig.cas.CentralAuthenticationServiceImpl.delegateTicketGrantingTicket_aroundBody7$advice(CentralAuthenticationServiceImpl.java:44)
at 
org.jasig.cas.CentralAuthenticationServiceImpl.delegateTicketGrantingTicket(CentralAuthenticationServiceImpl.java:1)

[...]

Please help ! what can I do or test ?
thanks in advance
Bruno

Some points of my configuration :
/etc/sogo/sogo.conf
[...]
  SOGoAuthenticationType = cas;
  SOGoCASServiceURL = https://cas.mydomain.fr/cas;;
  WOWorkersCount = 10;
[...]

/etc/apache/conf-enabled/SOGo.conf
[...]
ProxyPass /SOGo/casProxy http://localhost/cgi-bin/cas-proxy-validate.py
Proxy http://localhost/cgi-bin/cas-proxy-validate.py
  Order deny,allow
  Allow from all
/Proxy

ProxyPass /SOGo http://127.0.0.1:2/SOGo retry=0

Proxy http://127.0.0.1:2/SOGo
  RequestHeader set x-webobjects-server-port 443
  RequestHeader set x-webobjects-server-name webmail.mydomain.fr
  RequestHeader set x-webobjects-server-url 
https://webmail.mydomain.fr;

  RequestHeader set x-webobjects-server-protocol HTTP/1.0

  AddDefaultCharset UTF-8

  Order allow,deny
  Allow from all
/Proxy
[...]










smime.p7s
Description: S/MIME Cryptographic Signature

[SOGo] SOGo and CAS

2015-01-21 Thread Bruno Richard 

Hi All,

I'm new to SOGo. I try to install it on debian jessie.
I want to authenticate users using CAS.
I had inserted in the cas keystore the cert of the apache that is in 
front of SOGo.
However, I have a cas error when I try to log in and the mailbox appears 
empty.


The cas error :
2015-01-21 10:49:25,735 DEBUG 
[org.jasig.cas.ticket.registry.DefaultTicketRegistry] - Ticket 
[TGT-1-bmLPtKJbhpV5hDBdjhKsrESdgsbxSu002oIQVDmBoSITqwnJbf-cas.mydomain.fr] 
found in registry.
2015-01-21 10:49:25,742 DEBUG 
[org.jasig.cas.web.flow.CasFlowExecutionKeyFactory] - Removing flow 
execution '[Ended execution of 'login']' from repository
2015-01-21 10:49:25,742 DEBUG 
[org.jasig.cas.web.flow.CasFlowExecutionKeyFactory] - Removing flow 
execution '[Ended execution of 'login']' from repository
2015-01-21 10:49:25,959 DEBUG 
[org.jasig.cas.web.support.CasArgumentExtractor] - Extractor generated 
service for: https://webmail.mydomain.fr/SOGo/so/index
2015-01-21 10:49:25,962 DEBUG 
[org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler] 
- Attempting to resolve credentials for [callbackUrl: 
https://webmail.mydomain.fr/SOGo/casProxy]
2015-01-21 10:49:26,261 DEBUG [org.jasig.cas.util.HttpClient] - Response 
Code did not match any of the acceptable response codes. Code returned 
was 403
2015-01-21 10:49:26,262 INFO 
[org.jasig.cas.authentication.AuthenticationManagerImpl] - 
AuthenticationHandler: 
org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler 
failed to authenticate the user which provided the following 
credentials: [callbackUrl: https://webmail.mydomain.fr/SOGo/casProxy]
2015-01-21 10:49:26,263 DEBUG 
[org.jasig.cas.ticket.registry.DefaultTicketRegistry] - Attempting to 
retrieve ticket [ST-1-hyppJtF9qvogghaPr9Yg-cas.mydomain.fr]
2015-01-21 10:49:26,263 DEBUG 
[org.jasig.cas.ticket.registry.DefaultTicketRegistry] - Ticket 
[ST-1-hyppJtF9qvogjhaZr9Yg-cas.mydomain.fr] found in registry.
2015-01-21 10:49:26,264 ERROR 
[org.jasig.cas.web.ServiceValidateController] - TicketException 
generating ticket for: [callbackUrl: 
https://webmail.mydomain.fr/SOGo/casProxy]
org.jasig.cas.ticket.TicketCreationException: 
error.authentication.credentials.bad
at 
org.jasig.cas.CentralAuthenticationServiceImpl.delegateTicketGrantingTicket_aroundBody6(CentralAuthenticationServiceImpl.java:300)
at 
org.jasig.cas.CentralAuthenticationServiceImpl.delegateTicketGrantingTicket_aroundBody7$advice(CentralAuthenticationServiceImpl.java:44)
at 
org.jasig.cas.CentralAuthenticationServiceImpl.delegateTicketGrantingTicket(CentralAuthenticationServiceImpl.java:1)

[...]

Please help ! what can I do or test ?
thanks in advance
Bruno

Some points of my configuration :
/etc/sogo/sogo.conf
[...]
  SOGoAuthenticationType = cas;
  SOGoCASServiceURL = https://cas.mydomain.fr/cas;;
  WOWorkersCount = 10;
[...]

/etc/apache/conf-enabled/SOGo.conf
[...]
ProxyPass /SOGo/casProxy http://localhost/cgi-bin/cas-proxy-validate.py
Proxy http://localhost/cgi-bin/cas-proxy-validate.py
  Order deny,allow
  Allow from all
/Proxy

ProxyPass /SOGo http://127.0.0.1:2/SOGo retry=0

Proxy http://127.0.0.1:2/SOGo
  RequestHeader set x-webobjects-server-port 443
  RequestHeader set x-webobjects-server-name webmail.mydomain.fr
  RequestHeader set x-webobjects-server-url https://webmail.mydomain.fr;
  RequestHeader set x-webobjects-server-protocol HTTP/1.0

  AddDefaultCharset UTF-8

  Order allow,deny
  Allow from all
/Proxy
[...]




smime.p7s
Description: S/MIME Cryptographic Signature