Blackboard auth with CAS (infinite 302 redirects)
Paul Ortman
portman at goshen.edu
Wed Jun 27 15:51:41 EDT 2007
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
jleikam at fhsu.edu wrote:
> We started CAS authentication with Bb 6, and migrated to 7.1. CAS
> is still working fine with the same modification instructions.
I'm finally attempting to work through the instructions, and I think
I've got most things figured out, but I'm not having success.
First, I've not been able to build the jars from the U of Bristol
package due to an error (error: cannot find file for class
javax.xml.parsers.ParserConfigurationException). I'm using Sun's
Java 1.5.0_12 on the Bb server and Bb version 7.1.* I figure this
might not be a problem as the Bristol zip comes with .jar files
already created.
I've placed the .jar files from the Bristol zip into
/opt/blackboard/systemlib and created a file called
/opt/blackboard/config/tomcat/ classpath/cas-common.classpath with
the contents:
/opt/blackboard/systemlib/casclient.jar
/opt/blackboard/systemlib/cas-bbauth.jar
This is so Bb doesn't totally delete the .jars during upgrades, and
is per the Bb documentation.
I've changed the file /opt/blackboard/config/bb-config.properties
to have the line:
bbconfig.auth.type=cas
And, finally, I've appended the following config items to the bottom
of /opt/blackboard/config/authentication.properties:
######################################################
##
## CAS Authentication Properties
##
########################################################
auth.type.cas.impl=uk.ac.bris.is.blackboard.authentication.CasAuthenticationModule
auth.type.cas.servicevalidate=https://login.goshen.edu/cas/serviceValidate
auth.type.cas.proxyvalidate=https://login.goshen.edu/cas/proxyValidate
auth.type.cas.form.url=https://login.goshen.edu/cas/login
auth.type.cas.service=https://blackboard-test.goshen.edu/webapps/login
auth.type.cas.default_loc=https://blackboard-test.goshen.edu/webapps/portal/frameset.jsp
auth.type.cas.isdefault=false
All of this seems to work great, I've pushed the jars to the correct
spots via the /opt/blackboard/tools/admin/PushConfigUpdates.sh
script and then restarted the Bb service which seems to come up
without a hitch. If I then go to:
https://blackboard-test.goshen.edu/webapps/portal/frameset.jsp?useCas=1
It successfully redirects me to the CAS server
(https://login.goshen.edu/cas/) with what appears to be the correct
redirect query string. I log in and am redirected back to the
blackboard server correctly, but there I enter an HTTP 302 redirect
loop (here's a snippet before Firefox refuses to be redirected):
GET /webapps/login/?new_loc=%2Fwebapps%2Fportal%2Fframeset.jsp%3FuseCas%3D1&ticket=ST-114-RQUf1Sq44AAcUFLilJSbpRD31d6yFoAtBv4-20 HTTP/1.1
Host: blackboard-test.goshen.edu
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.4) Gecko/20061201 Firefox/2.0.0.4 (Ubuntu-feisty)
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Cookie: session_id=@@63C6BB53889961B2EC2BC590CABA923E; __utma=125349532.1872244689.1182968243.1182968243.1182968243.1; __utmc=125349532; __utmz=125349532.1182968243.1.1.utmccn=(referral)|utmcsr=goshen.edu|utmcct=/|utmcmd=referral; session_id=@@63C6BB53889961B2EC2BC590CABA923E
HTTP/1.x 302 Moved Temporarily
Date: Wed, 27 Jun 2007 19:20:42 GMT
Server: Apache/1.3.37 (Unix) mod_ssl/2.8.28 OpenSSL/0.9.8d mod_jk/1.2.21
X-Blackboard-product: Blackboard Academic Suite™ 7.1.467.28
Set-Cookie: session_id=@@63C6BB53889961B2EC2BC590CABA923E; Path=/
Pragma: no-cache
Cache-Control: no-cache
Location: https://login.goshen.edu/cas/login?service=https%3A%2F%2Fblackboard-test.goshen.edu%2Fwebapps%2Flogin%3Fnew_loc%3D%252Fwebapps%252Fportal%252Fframeset.jsp%253FuseCas%253D1
Content-Length: 0
Keep-Alive: timeout=15, max=73
Connection: Keep-Alive
Content-Type: application/octet-stream;charset=UTF-8
----------------------------------------------------------
https://login.goshen.edu/cas/login?service=https%3A%2F%2Fblackboard-test.goshen.edu%2Fwebapps%2Flogin%3Fnew_loc%3D%252Fwebapps%252Fportal%252Fframeset.jsp%253FuseCas%253D1
GET /cas/login?service=https%3A%2F%2Fblackboard-test.goshen.edu%2Fwebapps%2Flogin%3Fnew_loc%3D%252Fwebapps%252Fportal%252Fframeset.jsp%253FuseCas%253D1 HTTP/1.1
Host: login.goshen.edu
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.4) Gecko/20061201 Firefox/2.0.0.4 (Ubuntu-feisty)
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Cookie: JSESSIONID=168BDC487B9F972E5623A2C7BEF00412; CASTGC=TGT-14-KhajaLJsDjxTerbfDHgqfSAvq5b4YmWqXsI-50; __utma=125349532.1872244689.1182968243.1182968243.1182968243.1; __utmc=125349532; __utmz=125349532.1182968243.1.1.utmccn=(referral)|utmcsr=goshen.edu|utmcct=/|utmcmd=referral
Cache-Control: max-age=0
HTTP/1.x 302 Moved Temporarily
Pragma: No-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache, no-store
Location: https://blackboard-test.goshen.edu/webapps/login?new_loc=%2Fwebapps%2Fportal%2Fframeset.jsp%3FuseCas%3D1&ticket=ST-115-XbcuZynROgLSzUfRK2gab94KAxdEtcBhJUu-20
Content-Language: en-US
Content-Length: 0
Date: Wed, 27 Jun 2007 19:21:43 GMT
Server: Apache-Coyote/1.1
Anybody see anything totally wrong with the configs or installation.
I'm kinda flying blind b/c the documentation I've found doesn't have
a whole lot of detail and I'm certainly not good enough with java to
really figure out what's going on. Any help would be appreciated.
- --
Paul Ortman
PGP Key: 55602C81
- --
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFGgr/Mfw8KGlVgLIERAj5EAJ9tyycyeHMmI5sD68a2HwfVgpEmuwCfXdXm
niUzwMfhocGnkBdBwU+k25Q=
=bh8z
-----END PGP SIGNATURE-----
More information about the cas
mailing list