Problems with CAS Callback?

41 views
Skip to first unread message

Bryan K. Walton

unread,
Oct 8, 2020, 11:41:32 AM10/8/20
to cas-...@apereo.org
We are working to integrate mod_auth_cas with a university's CAS
server. We have this successfully working with over 120 other colleges
and universities. However, with this one, we are getting some bizarre
behavior, that I hope somebody can help explain:

1. The application successfully redirects the unauthenticated user to
their CAS server login page.

2. When I monitor the live HTTP headers, I see what looks like their CAS
login server redirecting to another server with a ../login/callback url.

3. Then it looks like something called a callback code is generated and
then a ticket of some time is created and then we are redirected back to
mod_auth_cas with a short query string of: "?ticket=8NWAY5Y9TD66jAnF"

4. But at this point, mod_auth_cas redirects back to the login url, not
the serviceValidate url, and we get a HTTP/2.0 400 Bad Request in the
http headers. All I see in our Apache debug log that seems related is:

mod_headers.c(848): AH01503: headers: ap_headers_error_filter()

I'm not familar with this callback thing. Is there something that we
need to be doing with mod_auth_cas to accomodate this?

BTW, if helpful, I can supply apache debug logs and live http headers.

Thanks,
Bryan

1ms8ygts

unread,
Nov 13, 2020, 11:29:17 AM11/13/20
to CAS Community, 1ms8ygts
I wanted to follow up on this.  We got this issue resolved.  It turned out that the university's CAS server was sending us service tickets that didn't have "ST-" prepended to the ticket.  Once they resolved this, things started working.
Reply all
Reply to author
Forward
0 new messages