Proxy CAS Walkthrough questions & help

Scott Battaglia scott.battaglia at gmail.com
Sat Jun 14 10:34:38 EDT 2008 

Is servlets-example an already CASified application?  If so, you can only
validate service tickets once.  You're most likely attempting to validate a
ticket twice.
-Scott

-Scott Battaglia
PGP Public Key Id: 0x383733AA
LinkedIn: http://www.linkedin.com/in/scottbattaglia

On Sat, Jun 14, 2008 at 12:34 AM, Edward Chen <edwardc at wolfram.com> wrote:

> Hi Scott,
>
> Thank you for your help, however, I still have problem.
>
> After I add "/" to the end, it works for the following link
>
>
> https://edwardcwin.wri.wolfram.com:8443/cas/login?service=http://edwardcwin.wri.wolfram.com:8080/servlets-examples/
>
> and I have this
>
> http://edwardcwin.wri.wolfram.com:8080/servlets-examples/?ticket=ST-2-c41ppaegcmpR2Fgog5ry-cas
>
> then I follow (a): verify the ticket and be done
>
> https://foo.bar.com/is/cas/serviceValidate?ticket=ST-956-Lyg0BdLkgdrBO9W17bXS&service=http://localhost/bling
>
> becomes
>
> https://edwardcwin.wri.wolfram.com:8443/cas/serviceValidate?ticket=ST-2-c41ppaegcmpR2Fgog5ry-cas&service=http://edwardcwin.wri.wolfram.com:8080/servlets-examples/
>
> I have the following from browser
>
> <cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'>
>        <cas:authenticationFailure code='INVALID_TICKET'>
>                 ticket &#039;ST-2-c41ppaegcmpR2Fgog5ry-cas&#039; not
> recognized
>        </cas:authenticationFailure>
> </cas:serviceResponse>
>
> When I do this
> https://edwardcwin.wri.wolfram.com:8443/cas/serviceValidate?ticket=ST-2-c41ppaegcmpR2Fgog5ry-cas
>
> I have the following
>
> <cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'>
>         <cas:authenticationFailure code='INVALID_REQUEST'>
>                &#039;service&#039; and &#039;ticket&#039; parameters are
> both required
>        </cas:authenticationFailure>
> </cas:serviceResponse>
>
>
> Can you tell me why? anything wrong with my link?
>
>
> Edward
>
>
>
>
> Scott Battaglia wrote:
> > Your service urls don't match:
> >
> > [ticket 'ST-16-aNPbfMTjaFq0FWTte4uW
> > -cas' does not match supplied service.  The original service was
> > 'http://edwardcwin.wri.wolfram.com:8080/servlets-examples' and the
> > supplied service was
> > 'http://edwardcwin.wri.wolfram.com:8080/servlets-examples/'
> > <http://edwardcwin.wri.wolfram.com:8080/servlets-examples/%27>.]
> >
> > -Scott
> >
> > -Scott Battaglia
> > PGP Public Key Id: 0x383733AA
> > LinkedIn: http://www.linkedin.com/in/scottbattaglia
> >
> > On Fri, Jun 13, 2008 at 12:07 PM, Edward Chen <edwardc at wolfram.com
> > <mailto:edwardc at wolfram.com>> wrote:
> >
> >     I am trying to follow this site
> >     http://www.ja-sig.org/wiki/display/CAS/Proxy+CAS+Walkthrough to
> >     understand the mechanisms involved in writing proxying applications.
> >
> >     I have cas server 3.2.1 set up and up and running fine.
> >
> >     When I go through Step One: login, I come out with the following
> >     problem
> >
> >     For following this  test
> >      https://foo.bar.com/is/cas/login?service=http://localhost/bling
> >
> >     I go
> >     https://servername:8443/cas/login?service              works!
> >     http://servername:8080/servlets-examples               works!
> >     -->
> http://servername:8080/servlets-examples/?ticket=ST-6-tDd9cVoiaDtQuge4f1v1-cas
> >
> >     But when I combine above
> >     https://servername:8443/cas/login?service=http://servername
> >     :8080/servlets-examples
> >     <
> https://servername:8443/cas/login?service=http://servername:8080/servlets-examples
> >
> >      not works
> >
> >     It is throw out an exception like this
> >
> >     javax.servlet.ServletException: Unable to validate
> >     ProxyTicketValidator
> >     [[edu.yale.its.tp.cas.client.ProxyTicketValidator proxyList=[null]
> >     [edu.yale.its.tp.cas.client.ServiceTicketValidator
> >     casValidateUrl=[
> https://edwardcwin.wri.wolfram.com:8443/cas/serviceValidate]
> >     ticket=[ST-16-aNPbfMTjaFq0FWTte4uW-cas]
> >     service=[http%3A%2F%2Fedwardcwin.wri.wolfram.com
> >     <http://2Fedwardcwin.wri.wolfram.com>%3A8080%2Fservlets-examples%2F]
> >     errorCode=[INVALID_SERVICE] errorMessage=[ticket
> >     'ST-16-aNPbfMTjaFq0FWTte4uW-cas' does not match supplied service.
> >      The original service was
> >     'http://edwardcwin.wri.wolfram.com:8080/servlets-examples' and the
> >     supplied service was
> >     'http://edwardcwin.wri.wolfram.com:8080/servlets-examples/'
> >     <http://edwardcwin.wri.wolfram.com:8080/servlets-examples/%27>.]
> >     renew=false entireResponse=[<cas:serviceResponse
> >     xmlns:cas='http://www.yale.edu/tp/cas'>
> >            <cas:authenticationFailure code='INVALID_SERVICE'>
> >                    ticket &#039;ST-16-aNPbfMTjaFq0FWTte4uW-cas&#039;
> >     does not match supplied service.  The original service was
> >     &#039;http://edwardcwin.wri.wolfram.com:8080/servlets-examples&#039
> >     <http://edwardcwin.wri.wolfram.com:8080/servlets-examples&#039>;
> >     and the supplied service was
> >     &#039;http://edwardcwin.wri.wolfram.com:8080/servlets-examples/&#039
> >     <http://edwardcwin.wri.wolfram.com:8080/servlets-examples/&#039>;.
> >            </cas:authenticationFailure>
> >     </cas:serviceResponse>
> >
> >
> >     When I follow Step Two(a): verify the ticket and be done, I have
> >     the following results
> >
> >     I follow this
> >
> https://foo.bar.com/is/cas/serviceValidate?ticket=ST-956-Lyg0BdLkgdrBO9W17bXS&service=http://localhost/bling
> >     <
> https://foo.bar.com/is/cas/serviceValidate?ticket=ST-956-Lyg0BdLkgdrBO9W17bXS&service=http://localhost/bling
> >
> >
> >     modify to
> >
> >
> https://servername.com:8443/cas/serviceValidate?ticket=ST-2-THnlNeVFzhmdbrkZiLvB-cas&service=http://servername:8080/servlets-examples
> >     <
> https://servername.com:8443/cas/serviceValidate?ticket=ST-2-THnlNeVFzhmdbrkZiLvB-cas&service=http://servername:8080/servlets-examples
> >
> >
> >     I have the following result from browser
> >
> >     <cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'>
> >            <cas:authenticationFailure code='INVALID_TICKET'>
> >                    ticket &#039;ST-2-THnlNeVFzhmdbrkZiLvB-cas&#039;
> >     not recognized
> >            </cas:authenticationFailure>
> >     </cas:serviceResponse>
> >
> >
> >     Can anyone tell me what's wrong and how to fix the setup?
> >
> >     Thanks a lot
> >
> >     Edward
> >
> >
> >
> >     _______________________________________________
> >     Yale CAS mailing list
> >     cas at tp.its.yale.edu <mailto:cas at tp.its.yale.edu>
> >     http://tp.its.yale.edu/mailman/listinfo/cas
> >
> >
> > ------------------------------------------------------------------------
> >
> > _______________________________________________
> > Yale CAS mailing list
> > cas at tp.its.yale.edu
> > http://tp.its.yale.edu/mailman/listinfo/cas
> >
>
> _______________________________________________
> Yale CAS mailing list
> cas at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas/attachments/20080614/3340754d/attachment.html

More information about the cas mailing list