CAS OpenID log in fails

Scott Battaglia scott.battaglia at gmail.com
Mon Feb 18 11:41:52 EST 2008 

If you're getting that error that means that you're using the Services
Management tool and the URL pattern you're attempting to use as the service
url is not in the Services Management tool.  You may need to update one of
your services in the tool to be a pattern-matched URL.

-Scott

On Feb 18, 2008 11:17 AM, Sudirikku Mohanjith <moha at mohanjith.net> wrote:

> Hi Scott,
> There are no errors in the error log. It just fails complaining that
> "Application Not Authorized to Use CAS". Also note that this happens
> when a service that is not listed in the service registry tries to
> authenticate against CAS via OpenID. I just went over the instructions
> at http://www.ja-sig.org/wiki/display/CASUM/OpenID, I seem to have
> implemented everything correct.
>
> One otherthing I'm using the JDBC Authentication, I don't think there
> are any issues with that because, I have no issue in authenticating
> autherized web applications with CAS 2.0 protocol.
>
> /Mohanjith
>
> On Feb 18, 2008 8:27 PM, Scott Battaglia <scott.battaglia at gmail.com>
> wrote:
> > As far as I know those instructions should work.  We just had someone
> try
> > them recently and everything seemed okay.
> >
> > Are you getting any specific errors in any of the logs?
> >
> > -Scott
> >
> >
> >
> >  On Feb 18, 2008 9:50 AM, Sudirikku Mohanjith <moha at mohanjith.net>
> wrote:
> > > Hi Scott,
> > > Thanks for the quick reply.
> > >
> > > Yep I'm following instructions in
> > > http://www.ja-sig.org/wiki/display/CASUM/OpenID. You might notice that
> > > under login-webflow.xml, you would find the same action-state block
> > >
> > > Cheers,
> > > Mohanjith
> > >
> > >
> > >
> > >
> > > On Feb 18, 2008 8:10 PM, Scott Battaglia <scott.battaglia at gmail.com>
> > wrote:
> > > > Mohanjith,
> > > >
> > > > Are you following the instructions at:
> > > > http://www.ja-sig.org/wiki/display/CASUM/OpenID
> > > >
> > > > -Scott
> > > >
> > > >
> > > >
> > > > On Feb 18, 2008 12:59 AM, Sudirikku Mohanjith <moha at mohanjith.net>
> > wrote:
> > > >
> > > > >
> > > > >
> > > > >
> > > > > Hi,
> > > > > I have setup the CAS services registry and when a external service
> > > > > tries to sign in via CAS as the OpenID idp, CAS complains that the
> > > > > "Application Not Authorized to Use CAS". It shouldn't be the case
> with
> > > > > OpenID, any Application/Service should be allowed to authenticate
> > > > > against CAS if using OpenID.
> > > > >
> > > > > I think it is caused by the following in login-webflow.xml
> > > > >
> > > > >        <action-state id="openIdSingleSignOnAction">
> > > > >                <action bean="openIdSingleSignOnAction" />
> > > > >                <transition on="success"
> to="sendTicketGrantingTicket"
> > />
> > > > >                <transition on="error" to="viewLoginForm" />
> > > > >                <transition on="warn" to="warn" />
> > > > >        </action-state>
> > > > >
> > > > > I do not think on success the flow should be to
> > > > > sendTicketGrantingTicket, instead it should be some OpenID
> specific
> > > > > transition.
> > > > >
> > > > > It would be nice to have OpenID idp support, I'm in the process of
> > > > > deploying CAS for a major developer portal. So far the things have
> > > > > been smooth. Drupal, Confluence and JIRA will be using CAS to
> > > > > authenticate against. I want to give all the users in the
> developer
> > > > > portal OpenID endpoints, right now I'm making use of home brewed
> > > > > Drupal module. To my disappointment external services are not able
> to
> > > > > authenticate via the CAS OpenID idp. :(
> > > > >
> > > > > Hope some one can help me.
> > > > >
> > > > > Cheers,
> > > > > Mohanjith
> > > > > _______________________________________________
> > > > > Yale CAS mailing list
> > > > > cas at tp.its.yale.edu
> > > > > http://tp.its.yale.edu/mailman/listinfo/cas
> > > > >
> > > >
> > > >
> > > >
> > > > --
> > > > -Scott Battaglia
> > > > PGP Public Key Id: 0x383733AA
> > > >  LinkedIn: http://www.linkedin.com/in/scottbattaglia
> > > > _______________________________________________
> > > > Yale CAS mailing list
> > > > cas at tp.its.yale.edu
> > > > http://tp.its.yale.edu/mailman/listinfo/cas
> > > >
> > > >
> > > _______________________________________________
> > > Yale CAS mailing list
> > > cas at tp.its.yale.edu
> > > http://tp.its.yale.edu/mailman/listinfo/cas
> > >
> >
> >
> >
> > --
> > -Scott Battaglia
> > PGP Public Key Id: 0x383733AA
> > LinkedIn: http://www.linkedin.com/in/scottbattaglia
> > _______________________________________________
> > Yale CAS mailing list
> > cas at tp.its.yale.edu
> > http://tp.its.yale.edu/mailman/listinfo/cas
> >
> >
> _______________________________________________
> Yale CAS mailing list
> cas at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas
>



-- 
-Scott Battaglia
PGP Public Key Id: 0x383733AA
LinkedIn: http://www.linkedin.com/in/scottbattaglia
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas/attachments/20080218/8fa4b0e4/attachment.html

More information about the cas mailing list