CAS 3.21 + application -- very urgent help needed please !!
edwardc at wolfram.com
edwardc at wolfram.com
Sat May 17 10:27:50 EDT 2008
Hi,
Do you mean change
"org.jasig.cas.client.validation.Cas10TicketValidationFilter"
to
"org.jasig.cas.client.validation.Cas20TicketValidationFilter"
Also,
each time I update web.xml and deploy to Tomcat. Do I need to remove the
old one first and restart the Tomcat. That will make the difference?? I
don't have the permission to restart the Tomcat by the way.
I do the following
>ant remove ( remove the old one )
> ant restart ( deploy the application to Tomcat )
Edward
> Edward,
>
> Can you try using the CAS 20 filter and see if that works?
>
> -Scott
>
> On Fri, May 16, 2008 at 11:52 PM, Edward Chen <edwardc at wolfram.com> wrote:
>
>> Here it's what I modify below. But it still doesn't work. I have the
>> following exception. Can you tell what 's wrong with it? Anything wrong
>> with my cas filter?? Please help--very urgent
>>
>>
>> HTTP Status 500 -
>>
>> ------------------------------------------------------------------------
>>
>> *type* Exception report
>>
>> *message*
>>
>> *description* _The server encountered an internal error () that
>> prevented it from fulfilling this request._
>>
>> *exception*
>>
>> javax.servlet.ServletException: The CAS server returned no response.
>>
>> org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(AbstractTicketValidationFilter.java:152)
>>
>> org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(AuthenticationFilter.java:103)
>>
>> *root cause*
>>
>> org.jasig.cas.client.validation.TicketValidationException: The CAS
>> server
>> returned no response.
>>
>> org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:162)
>>
>> org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(AbstractTicketValidationFilter.java:129)
>>
>> org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(AuthenticationFilter.java:103)
>>
>> *note* _The full stack trace of the root cause is available in the
>> Apache Tomcat/5.5.25 logs._
>>
>> ------------------------------------------------------------------------
>>
>>
>> Apache Tomcat/5.5.25
>>
>>
>>
>> ..........
>> <filter>
>> <filter-name>CAS Authentication Filter</filter-name>
>>
>>
>> <filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class>
>> <init-param>
>> <param-name>casServerLoginUrl</param-name>
>> <param-value>https://casserver:8443/CAS/login</param-value>
>> </init-param>
>> <init-param>
>> <param-name>service</param-name>
>>
>> <param-value>http://casserver:8080/Recruiting/test.jsp</param-value>
>> </init-param>
>> <init-param>
>> <param-name>serverName</param-name>
>> <param-value>casserver:8080</param-value>
>> </init-param>
>> </filter>
>>
>> <filter>
>> <filter-name>CAS Validation Filter</filter-name>
>>
>>
>> <filter-class>org.jasig.cas.client.validation.Cas10TicketValidationFilter</filter-class>
>> <init-param>
>> <param-name>casUrlServerPrefix</param-name>
>> <param-value>https://casserver:8443/CAS</param-value>
>> </init-param>
>> <init-param>
>> <param-name>serverName</param-name>
>> <param-value>casserver:8080</param-value>
>> </init-param>
>> </filter>
>>
>> <filter>
>> <filter-name>CAS HttpServletRequest Wrapper
>> Filter</filter-name>
>>
>>
>> <filter-class>org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filter-class>
>> </filter>
>>
>> <filter-mapping>
>> <filter-name>CAS Authentication Filter</filter-name>
>> <url-pattern>/*</url-pattern>
>> </filter-mapping>
>>
>> <filter-mapping>
>> <filter-name>CAS Validation Filter</filter-name>
>> <url-pattern>/*</url-pattern>
>> </filter-mapping >
>>
>> <filter-mapping>
>> <filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
>> <url-pattern>/*</url-pattern>
>> </filter-mapping >
>> .............
>>
>>
>> Edward
>>
>> Adam Rybicki wrote:
>> > Scott's right, of course. The Thread Local filter is not needed for
>> > what you need. It becomes handy if you don't have access to the
>> > HttpServletRequest.
>> >
>> > Adam
>> >
>> > Scott Battaglia wrote:
>> >> On Fri, May 16, 2008 at 7:32 PM, Adam Rybicki <arybicki at unicon.net
>> >> <mailto:arybicki at unicon.net>> wrote:
>> >>
>> >> Edward,
>> >>
>> >> Cross-posting to the wrong list (cas-dev) will not speed up a
>> reply.
>> >>
>> >> One thing you'll need is an additional filter. Actually, two of
>> >> them, I think. To make getRemoteUser() work, you'll need them
>> >> configured similar to this:
>> >>
>> >> <filter>
>> >> <filter-name>CAS HttpServletRequest Wrapper
>> Filter</filter-name>
>> >>
>> >>
>> <filter-class>org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filter-class>
>> >> </filter>
>> >>
>> >> <filter>
>> >> <filter-name>CAS Assertion Thread Local Filter</filter-name>
>> >>
>> >>
>> <filter-class>org.jasig.cas.client.util.AssertionThreadLocalFilter</filter-class>
>> >> </filter>
>> >>
>> >> <filter-mapping>
>> >> <filter-name>CAS HttpServletRequest Wrapper
>> Filter</filter-name>
>> >>
>> >> <url-pattern>/*</url-pattern>
>> >> </filter-mapping>
>> >>
>> >> <filter-mapping>
>> >> <filter-name>CAS Assertion Thread Local Filter</filter-name>
>> >>
>> >> <url-pattern>/*</url-pattern>
>> >> </filter-mapping>
>> >>
>> >>
>> >> What concerns me is that, while you are using the JA-SIG CAS
>> >> Client, the exception message you included appears to have come
>> >> from the Yale CAS Filter. I don't think you need both.
>> >>
>> >>
>> >> Adam beat me to it. But you are including the configuration for the
>> >> JASIG CAS Client but an error message from the Yale CAS client.
>> >> That's impossible unless you have both of them configured, which I
>> >> don't think has ever been tried. I'd recommend just sticking with
>> >> one of them. If you merely wish to read the request.getRemoteUser,
>> >> you also won't need the ThreadLocal filter either.
>> >>
>> >> -Scott
>> >>
>> >>
>> >>
>> >> Adam
>> >>
>> >> Edward Chen wrote:
>> >>> I installed CAS 3.2.1 and deployed successfully with LDAP in my
>> >>> Windows XP and Tomcat5.25. Now I want to link the simple jsp
>> >>> application in Tomcat to CAS. I modified the CAS filter in
>> >>> web.xml as bellow. If I comment out "CAS Validation Filter", I
>> >>> got redirected to CAS and passed CAS login and went back to the
>> >>> application. However, I got "null" value
>> >>> (<%=request.getRemoteUser()%>) in my test.jsp. It should be
>> >>> supposed to have the CAS login username. If I don't comment out
>> >>> "CAS Validation Filter", I got redirected to CAS and passed CAS
>> >>> login. But when CAS went back to the application, it throws out
>> >>> exception, something like "*exception*
>> >>> javax.servlet.ServletException: Unable to validate
>> >>> ProxyTicketValidator
>> >>> [[edu.yale.its.tp.cas.client.ProxyTicketValidator
>> >>> proxyList=[null]
>> >>> [edu.yale.its.tp.cas.client.ServiceTicketValidator ..... " It
>> >>> seems to me that the validation doesn't work. What is wrong with
>> >>> it? How to fix it? any recommendation?? any thing wrong with the
>> >>> following CAS filter?? Very urgent help needed!!! ........
>> >>> <filter> <filter-name>CAS Authentication Filter</filter-name>
>> >>>
>> <filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class>
>> >>> <init-param> <param-name>casServerLoginUrl</param-name>
>> >>> <param-value>https://xxxxxxxxx:8443/CAS/login</param-value>
>> >>> </init-param> <init-param> <param-name>service</param-name>
>> >>> <param-value>http://xxxxxxxxx:8080/Recruiting/test.jsp
>> </param-value>
>> >>> </init-param> <init-param> <param-name>serverName</param-name>
>> >>> <param-value>xxxxxxx:8080/</param-value> </init-param> </filter>
>> >>> <filter> <filter-name>CAS Validation Filter</filter-name>
>> >>>
>> <filter-class>org.jasig.cas.client.validation.Cas10TicketValidationFilter</filter-class>
>> >>> <init-param> <param-name>casUrlServerPrefix</param-name>
>> >>> <param-value>https://xxxxxxx:8443/CAS</param-value>
>> >>> </init-param> <init-param> <param-name>serverName</param-name>
>> >>> <param-value>xxxxxxxxxxx:8080/</param-value> </init-param>
>> >>> </filter> <filter-mapping> <filter-name>CAS Authentication
>> >>> Filter</filter-name> <url-pattern>/*</url-pattern>
>> >>> </filter-mapping> <!--filter-mapping> <filter-name>CAS
>> >>> Validation Filter</filter-name> <url-pattern>/*</url-pattern>
>> >>> </filter-mapping --> ...................
>> >>> ______________________________
>> >>> _________________
>> >>> Yale CAS mailing list
>> >>> cas at tp.its.yale.edu <mailto:cas at tp.its.yale.edu>
>> >>> http://tp.its.yale.edu/mailman/listinfo/cas
>> >>
>> >> _______________________________________________
>> >> Yale CAS mailing list
>> >> cas at tp.its.yale.edu <mailto:cas at tp.its.yale.edu>
>> >> http://tp.its.yale.edu/mailman/listinfo/cas
>> >>
>> >>
>> >>
>> >>
>> >> --
>> >> -Scott Battaglia
>> >> PGP Public Key Id: 0x383733AA
>> >> LinkedIn: http://www.linkedin.com/in/scottbattaglia
>> >> ------------------------------------------------------------------------
>> >>
>> >> _______________________________________________
>> >> Yale CAS mailing list
>> >> cas at tp.its.yale.edu
>> >> http://tp.its.yale.edu/mailman/listinfo/cas
>> >>
>> > _______________________________________________
>> > Yale CAS mailing list
>> > cas at tp.its.yale.edu
>> > http://tp.its.yale.edu/mailman/listinfo/cas
>> >
>>
>> _______________________________________________
>> Yale CAS mailing list
>> cas at tp.its.yale.edu
>> http://tp.its.yale.edu/mailman/listinfo/cas
>>
>
>
>
> --
> -Scott Battaglia
> PGP Public Key Id: 0x383733AA
> LinkedIn: http://www.linkedin.com/in/scottbattaglia
> _______________________________________________
> Yale CAS mailing list
> cas at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas
>
More information about the cas
mailing list