Error validating ticket
Scott Battaglia
scott.battaglia at gmail.com
Sun Aug 17 23:20:09 EDT 2008
I haven't tested it on Websphere since we don't run that so I don't know if
there are any issues with Websphere and Restlet. All I know is I've tried
it on multiple versions of Tomcat and its worked (not counting 5.5.20 where
it didn't ;-))
On Sun, Aug 17, 2008 at 8:59 PM, Jason Roscoe <jroscoe at riteaid.com> wrote:
> We are actually using IBM Websphere 6.1.
>
> Jason Roscoe
> Systems Engineer II
> Rite Aid Corporation
> (717) 761-2633 ext. 5581
> jroscoe at riteaid.com
> ------------------------------
> *From:* cas-bounces at tp.its.yale.edu [cas-bounces at tp.its.yale.edu] On
> Behalf Of Scott Battaglia [scott.battaglia at gmail.com]
> *Sent:* Sunday, August 17, 2008 6:50 PM
>
> *To:* Yale CAS mailing list
> *Subject:* Re: Error validating ticket
>
> You don't need to use HTTPS for testing purposes. The restlet
> integration is included you just need to make sure you've added it to your
> build.
>
> Which version of Apache Tomcat are you using? Certain versions had bugs
> with regards to Restlet.
>
> -Scott
>
> -Scott Battaglia
> PGP Public Key Id: 0x383733AA
> LinkedIn: http://www.linkedin.com/in/scottbattaglia
>
>
> On Sun, Aug 17, 2008 at 6:26 PM, Jason Roscoe <jroscoe at riteaid.com> wrote:
>
>> Do I have to use https? We don't have an SSL certificate for our local
>> servers.
>> Isn't the cas-server-restlet-integration.jar included in the download of
>> CAS 3.3?
>>
>> Thanks!!
>> ------------------------------
>> *From:* cas-bounces at tp.its.yale.edu [cas-bounces at tp.its.yale.edu] On
>> Behalf Of Dale Ogilvie [Dale.Ogilvie at trimble.co.nz]
>> *Sent:* Sunday, August 17, 2008 5:40 PM
>> *To:* Yale CAS mailing list
>> *Subject:* RE: Error validating ticket
>>
>> Your code looks mostly ok to me. Possibilities why it my not be
>> working:
>>
>> 1. you are using http://localhost... perhaps that should be
>> https://localhost...
>> 2. you haven't included the cas-server-restlet-integration.jar in your
>> WEB-INF/lib
>> 3. The TGT is returned in the location header of the response, not in the
>> response body
>>
>> For a second opinion, you could try the following python code against your
>> cas:
>>
>> import httplib, urllib
>>
>> params = urllib.urlencode({'username': 'xxx', 'password': 'yyyy'})
>> headers = {"Content-type": "application/x-www-form-urlencoded", "Accept":
>> "text/plain"}
>> conn = httplib.HTTPConnection("localhost",9089)
>> conn.request("POST", "/cas/v1/tickets", params, headers)
>> response = conn.getresponse()
>> print response.status, response.reason
>> data = response.read()
>> conn.close()
>> print data
>> print response.getheader('location')
>>
>>
>> ------------------------------
>> *From:* cas-bounces at tp.its.yale.edu [mailto:cas-bounces at tp.its.yale.edu]
>> *On Behalf Of *Jason Roscoe
>> *Sent:* Sunday, 17 August 2008 11:27 p.m.
>> *To:* Yale CAS mailing list
>> *Subject:* RE: Error validating ticket
>>
>> Does the code I have look like it should work?
>>
>> Jason Roscoe
>> Systems Engineer II
>> Rite Aid Corporation
>> (717) 761-2633 ext. 5581
>> jroscoe at riteaid.com
>> ------------------------------
>> *From:* cas-bounces at tp.its.yale.edu [cas-bounces at tp.its.yale.edu] On
>> Behalf Of Scott Battaglia [scott.battaglia at gmail.com]
>> *Sent:* Saturday, August 16, 2008 11:35 PM
>> *To:* Yale CAS mailing list
>> *Subject:* Re: Error validating ticket
>>
>> I use another test REST client which allows you to put stuff in. I
>> didn't use the code you sent.
>>
>> -Scott
>>
>> -Scott Battaglia
>> PGP Public Key Id: 0x383733AA
>> LinkedIn: http://www.linkedin.com/in/scottbattaglia
>>
>>
>> On Sat, Aug 16, 2008 at 8:46 PM, Jason Roscoe <jroscoe at riteaid.com>wrote:
>>
>>> You used the code I have below? If so, any reason why it wouldn't work
>>> for me? What do you mean there is an incorrect url being sent back??.
>>>
>>> ------------------------------
>>> *From:* cas-bounces at tp.its.yale.edu [cas-bounces at tp.its.yale.edu] On
>>> Behalf Of Scott Battaglia [scott.battaglia at gmail.com]
>>> *Sent:* Saturday, August 16, 2008 3:34 PM
>>>
>>> *To:* Yale CAS mailing list
>>> *Subject:* Re: Error validating ticket
>>>
>>> I just tried it and I got a 201 with the Location header set (though
>>> there is an incorrect url being sent back)
>>>
>>> -Scott
>>>
>>> -Scott Battaglia
>>> PGP Public Key Id: 0x383733AA
>>> LinkedIn: http://www.linkedin.com/in/scottbattaglia
>>>
>>>
>>> On Sat, Aug 16, 2008 at 3:08 PM, Jason Roscoe <jroscoe at riteaid.com>wrote:
>>>
>>>> Can anyone see anythingwrong with this? I am kind of under a deadline
>>>> to get this implemented. Thanks for any and all help with this!!
>>>>
>>>>
>>>>
>>>>
>>>> Yes, I have added this to the web.xml:
>>>>
>>>>
>>>>
>>>> <servlet>
>>>>
>>>> <servlet-name>restlet</servlet-name>
>>>>
>>>> <servlet-class>
>>>> com.noelios.restlet.ext.spring.RestletFrameworkServlet</servlet-class>
>>>>
>>>> <load-on-startup>1</load-on-startup>
>>>>
>>>> </servlet>
>>>>
>>>>
>>>>
>>>> <servlet-mapping>
>>>>
>>>> <servlet-name>restlet</servlet-name>
>>>>
>>>> <url-pattern>/v1/*</url-pattern>
>>>>
>>>> </servlet-mapping>
>>>>
>>>>
>>>>
>>>> And I have changed my authenticationUrl to be:
>>>> http://localhost:9089/cas/v1/tickets. I still get a response code of
>>>> 302.
>>>>
>>>>
>>>>
>>>> We can't use the standard CAS login page as we are not in a position to
>>>> completely change our current login page, and don't want to use any sort of
>>>> iframes or anything.
>>>>
>>>>
>>>>
>>>> I've also updated my code to this since I should be checking for a 201,
>>>> not a 200.
>>>>
>>>>
>>>>
>>>> setAuthenticationUrl("http://localhost:9089/cas/v1/tickets");
>>>>
>>>> PostMethod postMethod = *new* PostMethod(authenticationUrl
>>>> );
>>>>
>>>> GetMethod getMethod = *new* GetMethod();
>>>>
>>>>
>>>>
>>>> NameValuePair[] data = {
>>>>
>>>> *new* NameValuePair("username", username),
>>>>
>>>> *new* NameValuePair("password", password)
>>>>
>>>> };
>>>>
>>>>
>>>>
>>>> postMethod.setRequestBody(data);
>>>>
>>>>
>>>>
>>>> *try* {
>>>>
>>>> statusCode = client.executeMethod(postMethod);
>>>>
>>>>
>>>>
>>>> *logger*.debug("status code: " + statusCode);
>>>>
>>>>
>>>>
>>>> *if* (statusCode != HttpStatus.*SC_CREATED*) {
>>>>
>>>> *logger*.error("Post Method failed: " +
>>>> postMethod.getStatusLine());
>>>>
>>>> }
>>>>
>>>>
>>>>
>>>> // Read the response body.
>>>>
>>>> *byte*[] responseBody = postMethod.getResponseBody();
>>>>
>>>>
>>>>
>>>> // Deal with the response.
>>>>
>>>> // Use caution: ensure correct character encoding and is
>>>> not binary data
>>>>
>>>> System.*out*.println(*new* String(responseBody));
>>>>
>>>>
>>>>
>>>> } *catch* (HttpException e) {
>>>>
>>>> *logger*.error("Fatal protocol violation: " +
>>>> e.getMessage());
>>>>
>>>> e.printStackTrace();
>>>>
>>>> } *catch* (IOException e) {
>>>>
>>>> *logger*.error("Fatal transport error: " +
>>>> e.getMessage());
>>>>
>>>> e.printStackTrace();
>>>>
>>>> } *finally* {
>>>>
>>>> // Release the connection.
>>>>
>>>> *postMethod*.releaseConnection();
>>>>
>>>> }
>>>>
>>>>
>>>>
>>>> Thanks
>>>>
>>>>
>>>> ------------------------------
>>>>
>>>> *From:* cas-bounces at tp.its.yale.edu [mailto:cas-bounces at tp.its.yale.edu]
>>>> *On Behalf Of *Scott Battaglia
>>>> *Sent:* Friday, August 15, 2008 3:13 PM
>>>>
>>>> *To:* Yale CAS mailing list
>>>> *Subject:* Re: Error validating ticket
>>>>
>>>>
>>>>
>>>> Have you configured it according to the documentation?
>>>>
>>>>
>>>> http://www.ja-sig.org/wiki/display/CASUM/RESTful+API
>>>>
>>>> Also any reason why you can't use the standard CAS login page?
>>>>
>>>> -Scott
>>>>
>>>> -Scott Battaglia
>>>> PGP Public Key Id: 0x383733AA
>>>> LinkedIn: http://www.linkedin.com/in/scottbattaglia
>>>>
>>>> On Fri, Aug 15, 2008 at 2:28 PM, Jason Roscoe <jroscoe at riteaid.com>
>>>> wrote:
>>>>
>>>> OK, I downloaded CAS 3.3 and am trying to use the Restful API. Below is
>>>> the code I have to generate a Ticket Granting Ticket, but the response code
>>>> from the post is a 302, location header is
>>>> http://localhost:9089/cas/login., so it returns me the login page code
>>>>
>>>>
>>>>
>>>> setAuthenticationUrl("http://localhost:9089/cas/tickets");
>>>>
>>>> PostMethod postMethod = *new* PostMethod(authenticationUrl
>>>> );
>>>>
>>>> GetMethod getMethod = *new* GetMethod();
>>>>
>>>>
>>>>
>>>> NameValuePair[] data = {
>>>>
>>>> *new* NameValuePair("username", username),
>>>>
>>>> *new* NameValuePair("password", password)
>>>>
>>>> };
>>>>
>>>>
>>>>
>>>> postMethod.setRequestBody(data);
>>>>
>>>> postMethod.setRequestBody(data);
>>>>
>>>>
>>>>
>>>> *try* {
>>>>
>>>> statusCode = client.executeMethod(postMethod);
>>>>
>>>>
>>>>
>>>> *logger*.debug("status code: " + statusCode);
>>>>
>>>>
>>>>
>>>> *if* (statusCode != HttpStatus.*SC_OK*) {
>>>>
>>>> *if* (statusCode == HttpStatus.*
>>>> SC_MOVED_PERMANENTLY*
>>>>
>>>> || statusCode == HttpStatus.*
>>>> SC_MOVED_TEMPORARILY*
>>>>
>>>> || statusCode == HttpStatus.*SC_SEE_OTHER*
>>>>
>>>> || statusCode == HttpStatus.*
>>>> SC_TEMPORARY_REDIRECT*) {
>>>>
>>>> String redirectLocation;
>>>>
>>>> Header locationHeader = postMethod
>>>>
>>>> .getResponseHeader("location");
>>>>
>>>>
>>>> *if* (locationHeader != *null*) {
>>>>
>>>> redirectLocation = locationHeader.getValue();
>>>>
>>>> *logger*.debug("locationHeader = "
>>>> +locationHeader.getValue());
>>>>
>>>> getMethod = *new* GetMethod(redirectLocation);
>>>>
>>>> statusCode = client.executeMethod(getMethod);
>>>>
>>>> *logger*.debug("Status code = "+statusCode);
>>>>
>>>> *if* (statusCode != HttpStatus.*SC_OK*) {
>>>>
>>>> *logger*.error("Method failed: " +
>>>> getMethod.getStatusLine());
>>>>
>>>> }
>>>>
>>>> // Read the response body.
>>>>
>>>> *byte*[] responseBody =
>>>> getMethod.getResponseBody();
>>>>
>>>>
>>>>
>>>> // Deal with the response.
>>>>
>>>> // Use caution: ensure correct character
>>>> encoding and is not binary data
>>>>
>>>> System.*out*.println(*new*
>>>> String(responseBody));
>>>>
>>>> } *else* {
>>>>
>>>> // The response is invalid and did not provide
>>>> the new
>>>>
>>>> // location for
>>>>
>>>> // the resource. Report an error or possibly
>>>> handle the
>>>>
>>>> // response
>>>>
>>>> // like a 404 Not Found error.
>>>>
>>>> }
>>>>
>>>> }
>>>>
>>>> }
>>>>
>>>>
>>>>
>>>> // Read the response body.
>>>>
>>>> *byte*[] responseBody = getMethod.getResponseBody();
>>>>
>>>>
>>>>
>>>> // Deal with the response.
>>>>
>>>> // Use caution: ensure correct character encoding and is
>>>> not binary data
>>>>
>>>> System.*out*.println(*new* String(responseBody));
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> } *catch* (HttpException e) {
>>>>
>>>> *logger*.error("Fatal protocol violation: " +
>>>> e.getMessage());
>>>>
>>>> e.printStackTrace();
>>>>
>>>> } *catch* (IOException e) {
>>>>
>>>> *logger*.error("Fatal transport error: " +
>>>> e.getMessage());
>>>>
>>>> e.printStackTrace();
>>>>
>>>> }
>>>> ...
>>>>
>>>> [Message clipped]
>>>> _______________________________________________
>>>> Yale CAS mailing list
>>>> cas at tp.its.yale.edu
>>>> http://tp.its.yale.edu/mailman/listinfo/cas
>>>>
>>>>
>>>
>>> ------------------------------
>>> Disclaimer: This e-mail message is intended only for the personal use of
>>> the recipient(s) named above. If you are not an intended recipient, you
>>> may not review, copy or distribute this message. If you have received
>>> this
>>> communication in error, please notify us immediately by e-mail and delete
>>> the original message.
>>>
>>> This e-mail expresses views only of the sender, which are not to be
>>> attributed to Rite Aid Corporation and may not be copied or distributed
>>> without this statement.
>>>
>>> _______________________________________________
>>> Yale CAS mailing list
>>> cas at tp.its.yale.edu
>>> http://tp.its.yale.edu/mailman/listinfo/cas
>>>
>>>
>>
>> ------------------------------
>> Disclaimer: This e-mail message is intended only for the personal use of
>> the recipient(s) named above. If you are not an intended recipient, you
>> may not review, copy or distribute this message. If you have received this
>> communication in error, please notify us immediately by e-mail and delete
>> the original message.
>>
>> This e-mail expresses views only of the sender, which are not to be
>> attributed to Rite Aid Corporation and may not be copied or distributed
>> without this statement.
>>
>> ------------------------------
>> Disclaimer: This e-mail message is intended only for the personal use of
>> the recipient(s) named above. If you are not an intended recipient, you
>> may not review, copy or distribute this message. If you have received this
>> communication in error, please notify us immediately by e-mail and delete
>> the original message.
>>
>> This e-mail expresses views only of the sender, which are not to be
>> attributed to Rite Aid Corporation and may not be copied or distributed
>> without this statement.
>>
>> _______________________________________________
>> Yale CAS mailing list
>> cas at tp.its.yale.edu
>> http://tp.its.yale.edu/mailman/listinfo/cas
>>
>>
>
> ------------------------------
> Disclaimer: This e-mail message is intended only for the personal use of
> the recipient(s) named above. If you are not an intended recipient, you
> may not review, copy or distribute this message. If you have received this
> communication in error, please notify us immediately by e-mail and delete
> the original message.
>
> This e-mail expresses views only of the sender, which are not to be
> attributed to Rite Aid Corporation and may not be copied or distributed
> without this statement.
>
> _______________________________________________
> Yale CAS mailing list
> cas at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas/attachments/20080817/e5bd9f9d/attachment.html
More information about the cas
mailing list