How to obtain a service ticket?
Scott Battaglia
scott.battaglia at gmail.com
Thu Mar 15 22:57:50 EDT 2007
According to the specification there should be a Location header with the
URL to redirect to (unless I read the spec wrong, which is possible at this
time of night lol).
-Scott
On 3/15/07, webzo <webzo2000 at yahoo.com> wrote:
>
> The response code is 302, response message is "moved temporarily",
> response contents (after reading the inputstream) is empty. Basically,
> nothing comes back. Should I find anything in the logs to indicate that my
> posts are infact making their way to CAS?
>
> ----- Original Message ----
> From: Scott Battaglia <scott.battaglia at gmail.com>
> To: Yale CAS mailing list <cas at tp.its.yale.edu>
> Sent: Thursday, March 15, 2007 6:05:31 PM
> Subject: Re: How to obtain a service ticket?
>
> 302 is not an error. 302 is the HTTP status code for "Moved Temporarily" (
> i.e. a redirect). It means that CAS sent you a request to do a redirect
> to a particular url (in this case your service url with the attached service
> ticket). You should read the response sent back and parse out the ticket.
>
> The HttpUrlConnection class should have methods to retrieve the response.
>
> -Scott
>
>
> On 3/15/07, t ray < t_ray9505 at yahoo.com> wrote:
> >
> > Ok, I goofed. It actually says error 302.
> > I am using httpurlconnection class.
> > newurl = new URL( "
> > http://localhost:8080/cas/login?username=aaa&password=aaa&service=http://localhost:8080/somestuff/<="+lt<http://localhost:8080/cas/login?username=aaa&password=aaa&service=http://localhost:8080/somestuff/<=%22+lt>
> > );
> >
> > Is the above format correct? I mean, the username, password, service and
> > lt are all set correctly?
> > I think something is wrong in the way I am passing the params.
> > ----- Original Message ----
> > From: Scott Battaglia < scott.battaglia at gmail.com>
> > To: Yale CAS mailing list <cas at tp.its.yale.edu>
> > Sent: Thursday, March 15, 2007 3:48:41 PM
> > Subject: Re: How to obtain a service ticket?
> >
> > What is doing the infinite redirect? Your browser or whatever you are
> > using to the do the GET/POST? If you're not following redirects there is
> > should be no way it can redirect. It should stop.
> >
> > -Scott
> >
> > On 3/15/07, t ray <t_ray9505 at yahoo.com > wrote:
> > >
> > > I did set it to not follow redirects with the same results. Just to
> > > confirm, I need to do a GET and a POST to the SAME url (/login), correct?
> > >
> > > Any other suggestions highly appreaciated...
> > >
> > > Thanks.
> > >
> > > ----- Original Message ----
> > > From: Scott Battaglia < scott.battaglia at gmail.com>
> > > To: Yale CAS mailing list <cas at tp.its.yale.edu>
> > > Sent: Wednesday, March 14, 2007 8:08:28 PM
> > > Subject: Re: How to obtain a service ticket?
> > >
> > > You may want to set whatever it is you are using to retrieve the login
> > > page to not follow redirects.
> > >
> > > -Scott
> > >
> > > On 3/14/07, t ray < t_ray9505 at yahoo.com > wrote:
> > > >
> > > > Hi,
> > > > I tried your instructions and got as far as post to login again. I
> > > > posted to
> > > >
> > > > http://localhost:8080/cas/login?username=dummy&password=dummy&service=http://localhost:8080/index.html<="+lt<http://localhost:8080/cas/login?username=dummy&password=dummy&service=http://localhost:8080/index.html<=%22+lt>
> > > > The last lt is actually a string containing the value of 'lt'. I get
> > > > back a "server was redirected too many times" error. I am using
> > > > http://localhost:8080/index.html for service since I don't really
> > > > have a service to refer to. I tried http://www.yahoo.com just to
> > > > check it out with no success.
> > > >
> > > > What am I missing?
> > > >
> > > > Thanks.
> > > >
> > > >
> > > >
> > > > ----- Original Message ----
> > > > From: Scott Battaglia < scott.battaglia at gmail.com>
> > > > To: Yale CAS mailing list <cas at tp.its.yale.edu>
> > > > Sent: Tuesday, March 13, 2007 8:15:28 PM
> > > > Subject: Re: How to obtain a service ticket?
> > > >
> > > > You can do a GET/POST and parse the response. You would need to do
> > > > the following:
> > > >
> > > > 1. Do a GET call to /cas/login
> > > > 2. Parse the return page for the "lt" value
> > > > 3. Do a POST call to /cas/login with the username, password, service
> > > > and lt (you may also need the other parameters which are listed in the
> > > > casLoginView.jsp)
> > > > 4. Your HTTP response will be a redirect. You will need to retrieve
> > > > the service ticket from the redirect url.
> > > >
> > > > Hope that helps.
> > > > -Scott
> > > >
> > > > On 3/13/07, t ray <t_ray9505 at yahoo.com > wrote:
> > > > >
> > > > > Thanks for the response.
> > > > > What I didn't get from your response is this- Is doing the
> > > > > GET/POST and parsing the response a possible solution? My own knowledge
> > > > > about Spring etc is limited. So, figuring out how to create a Controller and
> > > > > wire it into the framework may turn out to be harder than doing a GET/POST
> > > > > and parsing the response. So, if it is possible to do a GET/POST and parse
> > > > > the response, I would like some pointers on how to do that.
> > > > >
> > > > > Thanks.
> > > > >
> > > > > ----- Original Message ----
> > > > > From: Scott Battaglia < scott.battaglia at gmail.com>
> > > > > To: Yale CAS mailing list <cas at tp.its.yale.edu>
> > > > > Sent: Monday, March 12, 2007 8:19:22 PM
> > > > > Subject: Re: How to obtain a service ticket?
> > > > >
> > > > > If you want to do something like that I recommend creating a
> > > > > different endpoint Controller that takes your parameters constructs the
> > > > > credentials and passes them to an instance of CentralAuthenticationService
> > > > > which would allow you to obtain a service ticket which you can return as the
> > > > > body of your response. This gets around the whole parsing the GET and doing
> > > > > a POST to the normal workflow.
> > > > >
> > > > > -Scott
> > > > >
> > > > > On 3/12/07, t ray <t_ray9505 at yahoo.com > wrote:
> > > > > >
> > > > > > I need to be able to authenticate a username/password combo
> > > > > > received from a legacy NON-webapp. From reading some of the old forum
> > > > > > messages( http://tp.its.yale.edu/pipermail/cas/2004-July/000617.html)
> > > > > > <http://tp.its.yale.edu/pipermail/cas/2004-July/000617.html%29>,
> > > > > > it seems I can do a get/post to the CAS login servlet and parse the response
> > > > > > for a service ticket (not particularly appealing). Another method appears to
> > > > > > be to use the ServiceTicketValidator class and call validate() with a
> > > > > > service ticket. However, I am not sure how to get a service ticket in the
> > > > > > first place (an unused service ticket is what I need). The documentation for
> > > > > > CASFilter and CASValidateFilter indicate that these classes can be used to
> > > > > > do validation but I am not sure how (there don't seem to be any validate()
> > > > > > kind of methods on either of these 2 classes).
> > > > > >
> > > > > > Can someone please clarify? If I am going to use the get/post
> > > > > > method, what is the name of the params to pass (Is
> > > > > > ?username=xyz&password=abc ok?)
> > > > > >
> > > > > > Thanks for your help.
> > > > > >
> > > > > >
> > > > > > ------------------------------
> > > > > > Never miss an email again!
> > > > > > Yahoo! Toolbar
> > > > > > <http://us.rd.yahoo.com/evt=49938/*http://tools.search.yahoo.com/toolbar/features/mail/>alerts
> > > > > > you the instant new Mail arrives. Check it out.
> > > > > >
> > > > > > _______________________________________________
> > > > > > Yale CAS mailing list
> > > > > > cas at tp.its.yale.edu
> > > > > > http://tp.its.yale.edu/mailman/listinfo/cas
> > > > > >
> > > > > >
> > > > >
> > > > >
> > > > > --
> > > > > -Scott Battaglia
> > > > >
> > > > > LinkedIn: http://www.linkedin.com/in/scottbattaglia
> > > > > _______________________________________________
> > > > > Yale CAS mailing list
> > > > > cas at tp.its.yale.edu
> > > > > http://tp.its.yale.edu/mailman/listinfo/cas
> > > > >
> > > > >
> > > > > ------------------------------
> > > > > It's here! Your new message!
> > > > > Get new email alerts<http://us.rd.yahoo.com/evt=49938/*http://tools.search.yahoo.com/toolbar/features/mail/>with the free Yahoo!
> > > > > Toolbar.
> > > > >
> > > > > _______________________________________________
> > > > > Yale CAS mailing list
> > > > > cas at tp.its.yale.edu
> > > > > http://tp.its.yale.edu/mailman/listinfo/cas
> > > > >
> > > > >
> > > >
> > > >
> > > > --
> > > > -Scott Battaglia
> > > >
> > > > LinkedIn: http://www.linkedin.com/in/scottbattaglia
> > > > _______________________________________________
> > > > Yale CAS mailing list
> > > > cas at tp.its.yale.edu
> > > > http://tp.its.yale.edu/mailman/listinfo/cas
> > > >
> > > >
> > > > ------------------------------
> > > > Sucker-punch spam with award-winning protection.
> > > > Try the free Yahoo! Mail Beta.
> > > >
> > > > _______________________________________________
> > > > Yale CAS mailing list
> > > > cas at tp.its.yale.edu
> > > > http://tp.its.yale.edu/mailman/listinfo/cas
> > > >
> > > >
> > >
> > >
> > > --
> > > -Scott Battaglia
> > >
> > > LinkedIn: http://www.linkedin.com/in/scottbattaglia
> > > _______________________________________________
> > > Yale CAS mailing list
> > > cas at tp.its.yale.edu
> > > http://tp.its.yale.edu/mailman/listinfo/cas
> > >
> > >
> > > ------------------------------
> > > We won't tell. Get more on shows you hate to love
> > > <http://us.rd.yahoo.com/evt=49980/*http://tv.yahoo.com/collections/265%0A>
> > > (and love to hate): Yahoo! TV's Guilty Pleasures list.
> > > <http://us.rd.yahoo.com/evt=49980/*http://tv.yahoo.com/collections/265%0A>
> > >
> > > _______________________________________________
> > > Yale CAS mailing list
> > > cas at tp.its.yale.edu
> > > http://tp.its.yale.edu/mailman/listinfo/cas
> > >
> > >
> >
> >
> > --
> > -Scott Battaglia
> >
> > LinkedIn: http://www.linkedin.com/in/scottbattaglia
> > _______________________________________________
> > Yale CAS mailing list
> > cas at tp.its.yale.edu
> > http://tp.its.yale.edu/mailman/listinfo/cas
> >
> >
> > ------------------------------
> > Looking for earth-friendly autos?
> > Browse Top Cars by "Green Rating"<http://autos.yahoo.com/green_center/;_ylc=X3oDMTE4MGw4Z2hlBF9TAzk3MTA3MDc2BHNlYwNtYWlsdGFncwRzbGsDZ3JlZW5jZW50ZXI->at Yahoo! Autos' Green Center.
> >
> > _______________________________________________
> > Yale CAS mailing list
> > cas at tp.its.yale.edu
> > http://tp.its.yale.edu/mailman/listinfo/cas
> >
> >
>
>
> --
> -Scott Battaglia
>
> LinkedIn: http://www.linkedin.com/in/scottbattaglia
> _______________________________________________
> Yale CAS mailing list
> cas at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas
>
>
> ------------------------------
> Now that's room service! Choose from over 150,000 hotels
> in 45,000 destinations on Yahoo! Travel<http://travel.yahoo.com/hotelsearchpage;_ylc=X3oDMTFtaTIzNXVjBF9TAzk3NDA3NTg5BF9zAzI3MTk0ODEEcG9zAzIEc2VjA21haWx0YWdsaW5lBHNsawNxMS0wNw--%0A>to find your fit.
>
> _______________________________________________
> Yale CAS mailing list
> cas at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas
>
>
--
-Scott Battaglia
LinkedIn: http://www.linkedin.com/in/scottbattaglia
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas/attachments/20070315/24086a97/attachment-0001.html
More information about the cas
mailing list