validation issue for initial request with parameters ?

Kris Melotte kris.melotte at expandedmedia.com
Thu Jul 13 09:45:29 EDT 2006 

Scott,

I'll take it out of CVS. You don't need to do a manual build.

Thanks for the quick reply.
Kris

-----Original Message-----
From: cas-bounces at tp.its.yale.edu [mailto:cas-bounces at tp.its.yale.edu]
On Behalf Of Scott Battaglia
Sent: Thursday, July 13, 2006 2:57 PM
To: Yale CAS mailing list
Subject: Re: validation issue for initial request with parameters ?

This has been fixed in CVS.  If you need it immediately I can either 
trigger a nightly build manually or you can check it out of CVS.  
Otherwise, at 1 am EDT, a build will be kicked off and produced at
http://developer.ja-sig.org/builds/

Thanks
-Scott

Scott Battaglia wrote:
> This has been logged as a JIRA issue:
> http://www.ja-sig.org/issues/browse/CAS-381
>
> I'll probably fix it later today.
>
> Thanks
> -Scott
>
> Kris Melotte wrote:
>   
>> 		
>> Hello,
>>
>> I've installed CAS 3.5 RC2 and CAS Java Client 3.0.0-m1.
>>  
>> When I go to my casified application with a url like this:
>> http://localhost:8080/WebModule2/jsplevel0.jsp?action=test 
>> I receive the following error when the cas client tries to validate
the
>> ticket:	
>> javax.servlet.ServletException: 
>> 		ticket 'ST-2-ymTiJoD7xZ0VkeBnV1LLzqiOZ4VMXHDI2S5-20'
>> does not match supplied service
>>
>> It works fine with the following url:
>> http://localhost:8080/WebModule2/jsplevel0.jsp
>>
>> Some investigation pointed out that a ticket goes into the server
>> registry with a service like
>> http://localhost:8080/WebModule2/jsplevel0.jsp while the service
>> presented upon validation is
>> http://localhost:8080/WebModule2/jsplevel0.jsp?action=test
>> The check in ServiceTicketImpl.isvalidFor() fails due to an equals
>> check.
>>
>> WebUtils.stripJsessionFromUrl() converts the following url:
>>
>>
http://localhost:8080/WebModule2/jsplevel0.jsp;jsessionid=CC80B7CC9D6268
>> 9578A99DB90B187A62?action=test
>> into
>> http://localhost:8080/WebModule2/jsplevel0.jsp
>>
>> It looks to me that not only the jsessionid is stripped but also the
>> request parameters.
>>
>> Regards,
>> Kris
>>
>>
>> _______________________________________________
>> Yale CAS mailing list
>> cas at tp.its.yale.edu
>> http://tp.its.yale.edu/mailman/listinfo/cas
>>   
>>     
> _______________________________________________
> Yale CAS mailing list
> cas at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas
>   
_______________________________________________
Yale CAS mailing list
cas at tp.its.yale.edu
http://tp.its.yale.edu/mailman/listinfo/cas

More information about the cas mailing list