Why is my ticket not recognized?

Tue Jan 16 22:55:17 EST 2007

Ray,

Have you configured the filters AND manually tried to validate the service
ticket?  It looks like the ticket is being validated twice.

-Scott

On 1/16/07, t ray <t_ray9505 at yahoo.com> wrote:
>
> If I use session.getAttribute(CASFilter.CAS_FILTER_USER), I am able to get
> the username correctly. This is despite the validation failure. Why doesn't
> getting the user name from ServiceTicketValidater work? I think I am kind of
> confused how CAS works. My understanding-
> 1. Make changes to web.xml and set up filters for CAS.
> 2. All access to my webapp will be redirected to CAS wherein I can
> authenticate users against any backend.
> 3. Users are redirected to my webpage with a ticket after authentication .
> 4. My web page validates the received ticket using the service url (its
> own url).
> 5. CAS remembers user and does not require login again (if renew=true).
>
> Am I missing anything? I don't understand why
> validator.isAuthenticationSuccesful() failing and why the username is not
> available from ServiceTicketValidater (probably related to first issue). The
> logs state that authentication was successful....
> Any thoughts please?
>
> Ray.
>
> ----- Original Message ----
> From: t ray <t_ray9505 at yahoo.com>
> To: cas at tp.its.yale.edu
> Sent: Tuesday, January 16, 2007 2:37:48 PM
> Subject: Why is my ticket not recognized?
>
> I am trying to set up CAS with my application and am running into some
> basic problem. I am redirected to CAS login page and to my example JSP page
> from there after authentication. I am using the default authentication of
> username equal to password. I also get back a ticket and the correct page is
> displayed. However, the username is null when I try to query it using
> ServiceTicketValidator class. Also, error message reports that ticket is not
> recognized. However, I am redirected correctly and logs say everything is
> fine until the final eror. Can someone please comment?
>
> I use the following code to get the user name-
>
>     ServiceTicketValidator validator = new ServiceTicketValidator();
>     validator.setCasValidateUrl("
> https://localhost:8443/cas/serviceValidate");
>     validator.setService("
> http://localhost:8080/jsp-examples/jsp2/el/NewnotLicensed.jsp");
>     String tic = request.getParameter("ticket");
>     System.out.println("Generated TICKET="+tic);
>     validator.setServiceTicket(tic);
>     validator.validate();
>     if (validator.isAuthenticationSuccesful())
>         System.out.println("Validation is successful");
>     else {
>         System.out.println("Validation has failed");
>         System.out.println("error code="+validator.getErrorCode());
>         System.out.println("error message="+validator.getErrorMessage());
>     }
>     System.out.println("User="+validator.getUser());
>
>
> Catalina logs are as follows:
>
> 2007-01-16 14:18:37,067 DEBUG [org.apache.catalina.session.ManagerBase] -
> <Start expire sessions StandardManager at 1168985917067 sessioncount 0>
> 2007-01-16 14:18:37,067 DEBUG [org.apache.catalina.session.ManagerBase] -
> <End expire sessions StandardManager processingTime 0 expired sessions: 0>
> 2007-01-16 14:19:04,551 DEBUG [
> org.apache.catalina.core.ApplicationDispatcher] -
> <servletPath=/WEB-INF/view/jsp/default/ui/casLoginView.jsp, pathInfo=null,
> queryString=null, name=null>
> 2007-01-16 14:19:04,551 DEBUG [
> org.apache.catalina.core.ApplicationDispatcher] - < Path Based Forward>
> 2007-01-16 14:19:04,551 DEBUG [org.apache.jasper.servlet.JspServlet] -
> <JspEngine --> /WEB-INF/view/jsp/default/ui/casLoginView.jsp>
> 2007-01-16 14:19:04,551 DEBUG [org.apache.jasper.servlet.JspServlet] -
> <         ServletPath: /WEB-INF/view/jsp/default/ui/casLoginView.jsp>
> 2007-01-16 14:19:04,551 DEBUG [org.apache.jasper.servlet.JspServlet] -
> <            PathInfo: null>
> 2007-01-16 14:19:04,551 DEBUG [org.apache.jasper.servlet.JspServlet] -
> <            RealPath: C:\Program Files\Apache Software Foundation\Tomcat
> 5.5\webapps\cas\WEB-INF\view\jsp\default\ui\casLoginView.jsp>
> 2007-01-16 14:19:04,551 DEBUG [org.apache.jasper.servlet.JspServlet] -
> <          RequestURI: /cas/WEB-INF/view/jsp/default/ui/casLoginView.jsp>
> 2007-01-16 14:19:04,551 DEBUG [org.apache.jasper.servlet.JspServlet] -
> <         QueryString:
> service=http%3A%2F%2Flocalhost%3A8080%2Fjsp-examples%2Fjsp2%2Fel%2FNewnotLicensed.jsp>
> 2007-01-16 14:19:04,551 DEBUG [org.apache.jasper.servlet.JspServlet] -
> <      Request Params: >
> 2007-01-16 14:19:04,551 DEBUG [org.apache.jasper.servlet.JspServlet] -
> <         service =
> http://localhost:8080/jsp-examples/jsp2/el/NewnotLicensed.jsp>
> 2007-01-16 14:19:04,582 DEBUG [
> org.apache.catalina.core.ApplicationDispatcher] - < Disabling the response
> for futher output>
> 2007-01-16 14:19:04,848 DEBUG [
> org.apache.catalina.core.ApplicationDispatcher] - <servletPath=/index.jsp,
> pathInfo=null, queryString=null, name=null>
> 2007-01-16 14:19:04,848 DEBUG [
> org.apache.catalina.core.ApplicationDispatcher] - < Path Based Forward>
> 2007-01-16 14:19:04,848 DEBUG [org.apache.jasper.servlet.JspServlet] -
> <JspEngine --> /index.jsp>
> 2007-01-16 14:19:04,848 DEBUG [org.apache.jasper.servlet.JspServlet] -
> <         ServletPath: /index.jsp>
> 2007-01-16 14:19:04,848 DEBUG [org.apache.jasper.servlet.JspServlet] -
> <            PathInfo: null>
> 2007-01-16 14:19:04,848 DEBUG [org.apache.jasper.servlet.JspServlet] -
> <            RealPath: C:\Program Files\Apache Software Foundation\Tomcat
> 5.5\webapps\cas\index.jsp>
> 2007-01-16 14:19:04,848 DEBUG [org.apache.jasper.servlet.JspServlet] -
> <          RequestURI: /cas/>
> 2007-01-16 14:19:04,848 DEBUG [org.apache.jasper.servlet.JspServlet] -
> <         QueryString: null>
> 2007-01-16 14:19:04,848 DEBUG [org.apache.jasper.servlet.JspServlet] -
> <      Request Params: >
> 2007-01-16 14:19:04,848 DEBUG [
> org.apache.catalina.core.ApplicationDispatcher] - < Disabling the response
> for futher output>
> 2007-01-16 14:19:04,863 DEBUG [
> org.apache.catalina.core.ApplicationDispatcher] -
> <servletPath=/WEB-INF/view/jsp/default/ui/casLoginView.jsp, pathInfo=null,
> queryString=null, name=null>
> 2007-01-16 14:19:04,863 DEBUG [
> org.apache.catalina.core.ApplicationDispatcher] - < Path Based Forward>
> 2007-01-16 14:19:04,863 DEBUG [org.apache.jasper.servlet.JspServlet] -
> <JspEngine --> /WEB-INF/view/jsp/default/ui/casLoginView.jsp>
> 2007-01-16 14:19:04,863 DEBUG [org.apache.jasper.servlet.JspServlet] -
> <         ServletPath: /WEB-INF/view/jsp/default/ui/casLoginView.jsp>
> 2007-01-16 14:19:04,863 DEBUG [org.apache.jasper.servlet.JspServlet] -
> <            PathInfo: null>
> 2007-01-16 14:19:04,863 DEBUG [org.apache.jasper.servlet.JspServlet] -
> <            RealPath: C:\Program Files\Apache Software Foundation\Tomcat
> 5.5\webapps\cas\WEB-INF\view\jsp\default\ui\casLoginView.jsp>
> 2007-01-16 14:19:04,863 DEBUG [org.apache.jasper.servlet.JspServlet] -
> <          RequestURI: /cas/WEB-INF/view/jsp/default/ui/casLoginView.jsp>
> 2007-01-16 14:19:04,863 DEBUG [org.apache.jasper.servlet.JspServlet] -
> <         QueryString: null>
> 2007-01-16 14:19:04,863 DEBUG [org.apache.jasper.servlet.JspServlet] -
> <      Request Params: >
> 2007-01-16 14:19:04,863 DEBUG [org.apache.jasper.servlet.JspServlet] -
> <         null = >
> 2007-01-16 14:19:04,863 DEBUG [
> org.apache.catalina.core.ApplicationDispatcher] - < Disabling the response
> for futher output>
> 2007-01-16 14:19:13,192 INFO [
> org.jasig.cas.authentication.AuthenticationManagerImpl] -
> <AuthenticationHandler:
> org.jasig.cas.authentication.handler.support.SimpleTestUsernamePasswordAuthenticationHandlersuccessfully authenticated the user which provided the following
> credentials: ray>
> 2007-01-16 14:19:13,192 INFO [
> org.jasig.cas.CentralAuthenticationServiceImpl] -
> http://localhost:8080/jsp-examples/jsp2/el/NewnotLicensed.jsp] for user
> [ray]>
> 2007-01-16 14:19:14,442 DEBUG [
> org.apache.catalina.core.ApplicationDispatcher] -
> <servletPath=/WEB-INF/view/jsp/default/protocol/2.0/casServiceValidationSuccess.jsp,
> pathInfo=null, queryString=null, name=null>
> 2007-01-16 14:19:14,442 DEBUG [
> org.apache.catalina.core.ApplicationDispatcher] - < Path Based Forward>
> 2007-01-16 14:19:14,442 DEBUG [org.apache.jasper.servlet.JspServlet] -
> <JspEngine -->
> /WEB-INF/view/jsp/default/protocol/2.0/casServiceValidationSuccess.jsp>
> 2007-01-16 14:19:14,442 DEBUG [org.apache.jasper.servlet.JspServlet] -
> <         ServletPath:
> /WEB-INF/view/jsp/default/protocol/2.0/casServiceValidationSuccess.jsp>
> 2007-01-16 14:19:14,442 DEBUG [org.apache.jasper.servlet.JspServlet] -
> <            PathInfo: null>
> 2007-01-16 14:19:14,442 DEBUG [org.apache.jasper.servlet.JspServlet] -
> <            RealPath: C:\Program Files\Apache Software Foundation\Tomcat
> 5.5\webapps\cas\WEB-INF\view\jsp\default\protocol\2.0\casServiceValidationSuccess.jsp
> >
> 2007-01-16 14:19:14,442 DEBUG [org.apache.jasper.servlet.JspServlet] -
> <          RequestURI:
> /cas/WEB-INF/view/jsp/default/protocol/2.0/casServiceValidationSuccess.jsp>
> 2007-01-16 14:19:14,442 DEBUG [org.apache.jasper.servlet.JspServlet] -
> <         QueryString:
> service=http%3A%2F%2Flocalhost%3A8080%2Fjsp-examples%2Fjsp2%2Fel%2FNewnotLicensed.jsp&ticket=ST-3-MAwPOIMtzxf1wUzz2fhuEy2xr2vUuWFNEtJ-20>
> 2007-01-16 14:19:14,442 DEBUG [org.apache.jasper.servlet.JspServlet] -
> <      Request Params: >
> 2007-01-16 14:19:14,442 DEBUG [org.apache.jasper.servlet.JspServlet] -
> <         service =
> http://localhost:8080/jsp-examples/jsp2/el/NewnotLicensed.jsp>
> 2007-01-16 14:19:14,442 DEBUG [org.apache.jasper.servlet.JspServlet] -
> <         ticket = ST-3-MAwPOIMtzxf1wUzz2fhuEy2xr2vUuWFNEtJ-20>
> 2007-01-16 14:19:14,457 DEBUG [
> org.apache.catalina.core.ApplicationDispatcher] - < Disabling the response
> for futher output>
> Generated TICKET=ST-3-MAwPOIMtzxf1wUzz2fhuEy2xr2vUuWFNEtJ-20
> 2007-01-16 14:19:14,488 DEBUG [
> org.apache.catalina.core.ApplicationDispatcher] -
> <servletPath=/WEB-INF/view/jsp/default/protocol/2.0/casServiceValidationFailure.jsp,
> pathInfo=null, queryString=null, name=null>
> 2007-01-16 14:19:14,488 DEBUG [
> org.apache.catalina.core.ApplicationDispatcher] - < Path Based Forward>
> 2007-01-16 14:19:14,488 DEBUG [org.apache.jasper.servlet.JspServlet] -
> <JspEngine -->
> /WEB-INF/view/jsp/default/protocol/2.0/casServiceValidationFailure.jsp>
> 2007-01-16 14:19:14,488 DEBUG [org.apache.jasper.servlet.JspServlet] -
> <         ServletPath:
> /WEB-INF/view/jsp/default/protocol/2.0/casServiceValidationFailure.jsp>
> 2007-01-16 14:19:14,488 DEBUG [org.apache.jasper.servlet.JspServlet] -
> <            PathInfo: null>
> 2007-01-16 14:19:14,488 DEBUG [org.apache.jasper.servlet.JspServlet] -
> <            RealPath: C:\Program Files\Apache Software Foundation\Tomcat
> 5.5\webapps\cas\WEB-INF\view\jsp\default\protocol\2.0\casServiceValidationFailure.jsp
> >
> 2007-01-16 14:19:14,488 DEBUG [org.apache.jasper.servlet.JspServlet] -
> <          RequestURI:
> /cas/WEB-INF/view/jsp/default/protocol/2.0/casServiceValidationFailure.jsp>
> 2007-01-16 14:19:14,488 DEBUG [org.apache.jasper.servlet.JspServlet] -
> <         QueryString: service=
> http://localhost:8080/jsp-examples/jsp2/el/NewnotLicensed.jsp&ticket=ST-3-MAwPOIMtzxf1wUzz2fhuEy2xr2vUuWFNEtJ-20
> >
> 2007-01-16 14:19:14,488 DEBUG [org.apache.jasper.servlet.JspServlet] -
> <      Request Params: >
> 2007-01-16 14:19:14,488 DEBUG [org.apache.jasper.servlet.JspServlet] -
> <         service =
> http://localhost:8080/jsp-examples/jsp2/el/NewnotLicensed.jsp>
> 2007-01-16 14:19:14,488 DEBUG [org.apache.jasper.servlet.JspServlet] -
> <         ticket = ST-3-MAwPOIMtzxf1wUzz2fhuEy2xr2vUuWFNEtJ-20>
> 2007-01-16 14:19:14,488 DEBUG [
> org.apache.catalina.core.ApplicationDispatcher] - < Disabling the response
> for futher output>
> Validation has failed
> error code=INVALID_TICKET
> error message=ticket 'ST-3-MAwPOIMtzxf1wUzz2fhuEy2xr2vUuWFNEtJ-20' not
> recognized
> User=null
>
>
> This is where I am correctly redirected to-
>
> http://localhost:8080/jsp-examples/jsp2/el/NewnotLicensed.jsp?ticket=ST-3-MAwPOIMtzxf1wUzz2fhuEy2xr2vUuWFNEtJ-20
>
>
>
> ------------------------------
> Cheap Talk? Check out<http://us.rd.yahoo.com/mail_us/taglines/postman8/*http://us.rd.yahoo.com/evt=39663/*http://voice.yahoo.com>Yahoo! Messenger's low PC-to-Phone call rates.
> _______________________________________________
> Yale CAS mailing list
> cas at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas
>
>
> ------------------------------
> Now that's room service! Choose from over 150,000 hotels
> in 45,000 destinations on Yahoo! Travel<http://travel.yahoo.com/hotelsearchpage;_ylc=X3oDMTFtaTIzNXVjBF9TAzk3NDA3NTg5BF9zAzI3MTk0ODEEcG9zAzIEc2VjA21haWx0YWdsaW5lBHNsawNxMS0wNw--%0A>to find your fit.
>
> _______________________________________________
> Yale CAS mailing list
> cas at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas/attachments/20070116/9bd13ad5/attachment.html