thanks Jean-Philippe for your answer.
I tried but the browser always said that the page is not correctly
redirected...
ans I always had the same message in the cas log :
Response Code did not match any of the acceptable response codes. Code
returned was 403
and bad credentials...
any clue ?
thanks in advance
Bruno
On 26/01/2015 09:35, Jean-Philippe Ghibaudo wrote:
Hi,
I guess you just need to request the REMOTE_USER header.
Where you have all your RequestHeader set, try add :
RequestHeader set x-webobjects-remote-user %{REMOTE_USER}e
Jean-Philippe
Le 21/01/2015 14:18, Bruno Richard a écrit :
Hi All,
I'm new to SOGo. I try to install it on debian jessie.
I want to authenticate users using CAS.
I had inserted in the cas keystore the cert of the apache that is in
front of SOGo.
However, I have a cas error when I try to log in and the mailbox
appears empty.
The cas error :
2015-01-21 10:49:25,735 DEBUG
[org.jasig.cas.ticket.registry.DefaultTicketRegistry] - Ticket
[TGT-1-bmLPtKJbhpV5hDBdjhKsrESdgsbxSu002oIQVDmBoSITqwnJbf-cas.mydomain.fr]
found in registry.
2015-01-21 10:49:25,742 DEBUG
[org.jasig.cas.web.flow.CasFlowExecutionKeyFactory] - Removing flow
execution '[Ended execution of 'login']' from repository
2015-01-21 10:49:25,742 DEBUG
[org.jasig.cas.web.flow.CasFlowExecutionKeyFactory] - Removing flow
execution '[Ended execution of 'login']' from repository
2015-01-21 10:49:25,959 DEBUG
[org.jasig.cas.web.support.CasArgumentExtractor] - Extractor
generated service for: https://webmail.mydomain.fr/SOGo/so/index
2015-01-21 10:49:25,962 DEBUG
[org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler]
- Attempting to resolve credentials for [callbackUrl:
https://webmail.mydomain.fr/SOGo/casProxy]
2015-01-21 10:49:26,261 DEBUG [org.jasig.cas.util.HttpClient] -
Response Code did not match any of the acceptable response codes.
Code returned was 403
2015-01-21 10:49:26,262 INFO
[org.jasig.cas.authentication.AuthenticationManagerImpl] -
AuthenticationHandler:
org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler
failed to authenticate the user which provided the following
credentials: [callbackUrl: https://webmail.mydomain.fr/SOGo/casProxy]
2015-01-21 10:49:26,263 DEBUG
[org.jasig.cas.ticket.registry.DefaultTicketRegistry] - Attempting to
retrieve ticket [ST-1-hyppJtF9qvogghaPr9Yg-cas.mydomain.fr]
2015-01-21 10:49:26,263 DEBUG
[org.jasig.cas.ticket.registry.DefaultTicketRegistry] - Ticket
[ST-1-hyppJtF9qvogjhaZr9Yg-cas.mydomain.fr] found in registry.
2015-01-21 10:49:26,264 ERROR
[org.jasig.cas.web.ServiceValidateController] - TicketException
generating ticket for: [callbackUrl:
https://webmail.mydomain.fr/SOGo/casProxy]
org.jasig.cas.ticket.TicketCreationException:
error.authentication.credentials.bad
at
org.jasig.cas.CentralAuthenticationServiceImpl.delegateTicketGrantingTicket_aroundBody6(CentralAuthenticationServiceImpl.java:300)
at
org.jasig.cas.CentralAuthenticationServiceImpl.delegateTicketGrantingTicket_aroundBody7$advice(CentralAuthenticationServiceImpl.java:44)
at
org.jasig.cas.CentralAuthenticationServiceImpl.delegateTicketGrantingTicket(CentralAuthenticationServiceImpl.java:1)
[...]
Please help ! what can I do or test ?
thanks in advance
Bruno
Some points of my configuration :
/etc/sogo/sogo.conf
[...]
SOGoAuthenticationType = cas;
SOGoCASServiceURL = https://cas.mydomain.fr/cas;;
WOWorkersCount = 10;
[...]
/etc/apache/conf-enabled/SOGo.conf
[...]
ProxyPass /SOGo/casProxy http://localhost/cgi-bin/cas-proxy-validate.py
Proxy http://localhost/cgi-bin/cas-proxy-validate.py
Order deny,allow
Allow from all
/Proxy
ProxyPass /SOGo http://127.0.0.1:2/SOGo retry=0
Proxy http://127.0.0.1:2/SOGo
RequestHeader set x-webobjects-server-port 443
RequestHeader set x-webobjects-server-name webmail.mydomain.fr
RequestHeader set x-webobjects-server-url
https://webmail.mydomain.fr;
RequestHeader set x-webobjects-server-protocol HTTP/1.0
AddDefaultCharset UTF-8
Order allow,deny
Allow from all
/Proxy
[...]
smime.p7s
Description: S/MIME Cryptographic Signature