Error validating ticket
Scott Battaglia
scott.battaglia at gmail.com
Sun Aug 17 18:50:21 EDT 2008
You don't need to use HTTPS for testing purposes. The restlet integration
is included you just need to make sure you've added it to your build.
Which version of Apache Tomcat are you using? Certain versions had bugs
with regards to Restlet.
-Scott
-Scott Battaglia
PGP Public Key Id: 0x383733AA
LinkedIn: http://www.linkedin.com/in/scottbattaglia
On Sun, Aug 17, 2008 at 6:26 PM, Jason Roscoe <jroscoe at riteaid.com> wrote:
> Do I have to use https? We don't have an SSL certificate for our local
> servers.
> Isn't the cas-server-restlet-integration.jar included in the download of
> CAS 3.3?
>
> Thanks!!
> ------------------------------
> *From:* cas-bounces at tp.its.yale.edu [cas-bounces at tp.its.yale.edu] On
> Behalf Of Dale Ogilvie [Dale.Ogilvie at trimble.co.nz]
> *Sent:* Sunday, August 17, 2008 5:40 PM
> *To:* Yale CAS mailing list
> *Subject:* RE: Error validating ticket
>
> Your code looks mostly ok to me. Possibilities why it my not be working:
>
> 1. you are using http://localhost... perhaps that should be
> https://localhost...
> 2. you haven't included the cas-server-restlet-integration.jar in your
> WEB-INF/lib
> 3. The TGT is returned in the location header of the response, not in the
> response body
>
> For a second opinion, you could try the following python code against your
> cas:
>
> import httplib, urllib
>
> params = urllib.urlencode({'username': 'xxx', 'password': 'yyyy'})
> headers = {"Content-type": "application/x-www-form-urlencoded", "Accept":
> "text/plain"}
> conn = httplib.HTTPConnection("localhost",9089)
> conn.request("POST", "/cas/v1/tickets", params, headers)
> response = conn.getresponse()
> print response.status, response.reason
> data = response.read()
> conn.close()
> print data
> print response.getheader('location')
>
>
> ------------------------------
> *From:* cas-bounces at tp.its.yale.edu [mailto:cas-bounces at tp.its.yale.edu] *On
> Behalf Of *Jason Roscoe
> *Sent:* Sunday, 17 August 2008 11:27 p.m.
> *To:* Yale CAS mailing list
> *Subject:* RE: Error validating ticket
>
> Does the code I have look like it should work?
>
> Jason Roscoe
> Systems Engineer II
> Rite Aid Corporation
> (717) 761-2633 ext. 5581
> jroscoe at riteaid.com
> ------------------------------
> *From:* cas-bounces at tp.its.yale.edu [cas-bounces at tp.its.yale.edu] On
> Behalf Of Scott Battaglia [scott.battaglia at gmail.com]
> *Sent:* Saturday, August 16, 2008 11:35 PM
> *To:* Yale CAS mailing list
> *Subject:* Re: Error validating ticket
>
> I use another test REST client which allows you to put stuff in. I
> didn't use the code you sent.
>
> -Scott
>
> -Scott Battaglia
> PGP Public Key Id: 0x383733AA
> LinkedIn: http://www.linkedin.com/in/scottbattaglia
>
>
> On Sat, Aug 16, 2008 at 8:46 PM, Jason Roscoe <jroscoe at riteaid.com> wrote:
>
>> You used the code I have below? If so, any reason why it wouldn't work
>> for me? What do you mean there is an incorrect url being sent back??.
>>
>> ------------------------------
>> *From:* cas-bounces at tp.its.yale.edu [cas-bounces at tp.its.yale.edu] On
>> Behalf Of Scott Battaglia [scott.battaglia at gmail.com]
>> *Sent:* Saturday, August 16, 2008 3:34 PM
>>
>> *To:* Yale CAS mailing list
>> *Subject:* Re: Error validating ticket
>>
>> I just tried it and I got a 201 with the Location header set (though
>> there is an incorrect url being sent back)
>>
>> -Scott
>>
>> -Scott Battaglia
>> PGP Public Key Id: 0x383733AA
>> LinkedIn: http://www.linkedin.com/in/scottbattaglia
>>
>>
>> On Sat, Aug 16, 2008 at 3:08 PM, Jason Roscoe <jroscoe at riteaid.com>wrote:
>>
>>> Can anyone see anythingwrong with this? I am kind of under a deadline
>>> to get this implemented. Thanks for any and all help with this!!
>>>
>>>
>>>
>>>
>>> Yes, I have added this to the web.xml:
>>>
>>>
>>>
>>> <servlet>
>>>
>>> <servlet-name>restlet</servlet-name>
>>>
>>> <servlet-class>
>>> com.noelios.restlet.ext.spring.RestletFrameworkServlet</servlet-class>
>>>
>>> <load-on-startup>1</load-on-startup>
>>>
>>> </servlet>
>>>
>>>
>>>
>>> <servlet-mapping>
>>>
>>> <servlet-name>restlet</servlet-name>
>>>
>>> <url-pattern>/v1/*</url-pattern>
>>>
>>> </servlet-mapping>
>>>
>>>
>>>
>>> And I have changed my authenticationUrl to be:
>>> http://localhost:9089/cas/v1/tickets. I still get a response code of
>>> 302.
>>>
>>>
>>>
>>> We can't use the standard CAS login page as we are not in a position to
>>> completely change our current login page, and don't want to use any sort of
>>> iframes or anything.
>>>
>>>
>>>
>>> I've also updated my code to this since I should be checking for a 201,
>>> not a 200.
>>>
>>>
>>>
>>> setAuthenticationUrl("http://localhost:9089/cas/v1/tickets");
>>>
>>> PostMethod postMethod = *new* PostMethod(authenticationUrl);
>>>
>>> GetMethod getMethod = *new* GetMethod();
>>>
>>>
>>>
>>> NameValuePair[] data = {
>>>
>>> *new* NameValuePair("username", username),
>>>
>>> *new* NameValuePair("password", password)
>>>
>>> };
>>>
>>>
>>>
>>> postMethod.setRequestBody(data);
>>>
>>>
>>>
>>> *try* {
>>>
>>> statusCode = client.executeMethod(postMethod);
>>>
>>>
>>>
>>> *logger*.debug("status code: " + statusCode);
>>>
>>>
>>>
>>> *if* (statusCode != HttpStatus.*SC_CREATED*) {
>>>
>>> *logger*.error("Post Method failed: " +
>>> postMethod.getStatusLine());
>>>
>>> }
>>>
>>>
>>>
>>> // Read the response body.
>>>
>>> *byte*[] responseBody = postMethod.getResponseBody();
>>>
>>>
>>>
>>> // Deal with the response.
>>>
>>> // Use caution: ensure correct character encoding and is not
>>> binary data
>>>
>>> System.*out*.println(*new* String(responseBody));
>>>
>>>
>>>
>>> } *catch* (HttpException e) {
>>>
>>> *logger*.error("Fatal protocol violation: " +
>>> e.getMessage());
>>>
>>> e.printStackTrace();
>>>
>>> } *catch* (IOException e) {
>>>
>>> *logger*.error("Fatal transport error: " +
>>> e.getMessage());
>>>
>>> e.printStackTrace();
>>>
>>> } *finally* {
>>>
>>> // Release the connection.
>>>
>>> *postMethod*.releaseConnection();
>>>
>>> }
>>>
>>>
>>>
>>> Thanks
>>>
>>>
>>> ------------------------------
>>>
>>> *From:* cas-bounces at tp.its.yale.edu [mailto:cas-bounces at tp.its.yale.edu]
>>> *On Behalf Of *Scott Battaglia
>>> *Sent:* Friday, August 15, 2008 3:13 PM
>>>
>>> *To:* Yale CAS mailing list
>>> *Subject:* Re: Error validating ticket
>>>
>>>
>>>
>>> Have you configured it according to the documentation?
>>>
>>>
>>> http://www.ja-sig.org/wiki/display/CASUM/RESTful+API
>>>
>>> Also any reason why you can't use the standard CAS login page?
>>>
>>> -Scott
>>>
>>> -Scott Battaglia
>>> PGP Public Key Id: 0x383733AA
>>> LinkedIn: http://www.linkedin.com/in/scottbattaglia
>>>
>>> On Fri, Aug 15, 2008 at 2:28 PM, Jason Roscoe <jroscoe at riteaid.com>
>>> wrote:
>>>
>>> OK, I downloaded CAS 3.3 and am trying to use the Restful API. Below is
>>> the code I have to generate a Ticket Granting Ticket, but the response code
>>> from the post is a 302, location header is
>>> http://localhost:9089/cas/login., so it returns me the login page code
>>>
>>>
>>>
>>> setAuthenticationUrl("http://localhost:9089/cas/tickets");
>>>
>>> PostMethod postMethod = *new* PostMethod(authenticationUrl);
>>>
>>> GetMethod getMethod = *new* GetMethod();
>>>
>>>
>>>
>>> NameValuePair[] data = {
>>>
>>> *new* NameValuePair("username", username),
>>>
>>> *new* NameValuePair("password", password)
>>>
>>> };
>>>
>>>
>>>
>>> postMethod.setRequestBody(data);
>>>
>>> postMethod.setRequestBody(data);
>>>
>>>
>>>
>>> *try* {
>>>
>>> statusCode = client.executeMethod(postMethod);
>>>
>>>
>>>
>>> *logger*.debug("status code: " + statusCode);
>>>
>>>
>>>
>>> *if* (statusCode != HttpStatus.*SC_OK*) {
>>>
>>> *if* (statusCode == HttpStatus.*
>>> SC_MOVED_PERMANENTLY*
>>>
>>> || statusCode == HttpStatus.*SC_MOVED_TEMPORARILY
>>> *
>>>
>>> || statusCode == HttpStatus.*SC_SEE_OTHER*
>>>
>>> || statusCode == HttpStatus.*
>>> SC_TEMPORARY_REDIRECT*) {
>>>
>>> String redirectLocation;
>>>
>>> Header locationHeader = postMethod
>>>
>>> .getResponseHeader("location");
>>>
>>>
>>> *if* (locationHeader != *null*) {
>>>
>>> redirectLocation = locationHeader.getValue();
>>>
>>> *logger*.debug("locationHeader = "
>>> +locationHeader.getValue());
>>>
>>> getMethod = *new* GetMethod(redirectLocation);
>>>
>>> statusCode = client.executeMethod(getMethod);
>>>
>>> *logger*.debug("Status code = "+statusCode);
>>>
>>> *if* (statusCode != HttpStatus.*SC_OK*) {
>>>
>>> *logger*.error("Method failed: " +
>>> getMethod.getStatusLine());
>>>
>>> }
>>>
>>> // Read the response body.
>>>
>>> *byte*[] responseBody =
>>> getMethod.getResponseBody();
>>>
>>>
>>>
>>> // Deal with the response.
>>>
>>> // Use caution: ensure correct character
>>> encoding and is not binary data
>>>
>>> System.*out*.println(*new*
>>> String(responseBody));
>>>
>>> } *else* {
>>>
>>> // The response is invalid and did not provide
>>> the new
>>>
>>> // location for
>>>
>>> // the resource. Report an error or possibly
>>> handle the
>>>
>>> // response
>>>
>>> // like a 404 Not Found error.
>>>
>>> }
>>>
>>> }
>>>
>>> }
>>>
>>>
>>>
>>> // Read the response body.
>>>
>>> *byte*[] responseBody = getMethod.getResponseBody();
>>>
>>>
>>>
>>> // Deal with the response.
>>>
>>> // Use caution: ensure correct character encoding and is not
>>> binary data
>>>
>>> System.*out*.println(*new* String(responseBody));
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>> } *catch* (HttpException e) {
>>>
>>> *logger*.error("Fatal protocol violation: " +
>>> e.getMessage());
>>>
>>> e.printStackTrace();
>>>
>>> } *catch* (IOException e) {
>>>
>>> *logger*.error("Fatal transport error: " +
>>> e.getMessage());
>>>
>>> e.printStackTrace();
>>>
>>> }
>>> ...
>>>
>>> [Message clipped]
>>> _______________________________________________
>>> Yale CAS mailing list
>>> cas at tp.its.yale.edu
>>> http://tp.its.yale.edu/mailman/listinfo/cas
>>>
>>>
>>
>> ------------------------------
>> Disclaimer: This e-mail message is intended only for the personal use of
>> the recipient(s) named above. If you are not an intended recipient, you
>> may not review, copy or distribute this message. If you have received this
>> communication in error, please notify us immediately by e-mail and delete
>> the original message.
>>
>> This e-mail expresses views only of the sender, which are not to be
>> attributed to Rite Aid Corporation and may not be copied or distributed
>> without this statement.
>>
>> _______________________________________________
>> Yale CAS mailing list
>> cas at tp.its.yale.edu
>> http://tp.its.yale.edu/mailman/listinfo/cas
>>
>>
>
> ------------------------------
> Disclaimer: This e-mail message is intended only for the personal use of
> the recipient(s) named above. If you are not an intended recipient, you
> may not review, copy or distribute this message. If you have received this
> communication in error, please notify us immediately by e-mail and delete
> the original message.
>
> This e-mail expresses views only of the sender, which are not to be
> attributed to Rite Aid Corporation and may not be copied or distributed
> without this statement.
>
> ------------------------------
> Disclaimer: This e-mail message is intended only for the personal use of
> the recipient(s) named above. If you are not an intended recipient, you
> may not review, copy or distribute this message. If you have received this
> communication in error, please notify us immediately by e-mail and delete
> the original message.
>
> This e-mail expresses views only of the sender, which are not to be
> attributed to Rite Aid Corporation and may not be copied or distributed
> without this statement.
>
> _______________________________________________
> Yale CAS mailing list
> cas at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas/attachments/20080817/41c072e9/attachment.html
More information about the cas
mailing list