Debugging - saving (temporarily) full CAS XML response

14 views
Skip to first unread message

Paul Chauvet

unread,
Oct 1, 2019, 12:28:42 PM10/1/19
to cas-...@apereo.org

Hi all,

I’m trying to troubleshoot an issue with an external vendor using our CAS server to authenticate our users.  I’m doing attribute release the same way as I’ve done for a ton of other services, but this vendor is claiming they are not receiving the attribute we’re sending over (the Banner SPRIDEN ID).  The vendor is saying the attribute is not in the response.  They appear to be doing a CAS version 3 serviceValidate (based on the get request to /cas/p3/serviceValidate?service=https%3A%2F%2Fiss.newpaltz.edu&ticket=REDACTED).

 

What I’m wondering is if there’s a way to (temporarily) capture/log the XML response that is being sent back to the CAS client (the vendor)?  I have debug mode enabled, which is giving me information like the following, but not the actual response. 

 

We’re using CAS 5.2.9 (we have our test environment upgraded to 5.3.12.1 – with plans on doing the same in production in the coming weeks in case there’s a 5.3 way of doing this).

 

Thanks in advance for any guidance or advice on this!

 

 

 

Paul Chauvet, CISSP

Information Security Officer

State University of New York at New Paltz

845-257-3828

chau...@newpaltz.edu

emlogo

 

David Curry

unread,
Oct 1, 2019, 1:15:39 PM10/1/19
to CAS Community
I got this solution from Misagh way back when:
  1. Install the SAML Chrome Panel extension in your Chrome browser.
  2. Go to your application (or the CAS login screen if it redirects you there).
  3. Right-click and select "Inspect" to open the Chrome developer console and click on the "SAML" tab (SAML Chrome Panel)
  4. Log in as normal
All the SAML back-and-forth will be there. Note that SAML Chrome Panel doesn't resize itself with the developer console, so look for the scroll bar to see all of the SAML response (I forget this every time).

--Dave
 

--

DAVID A. CURRY, CISSP
DIRECTOR • INFORMATION SECURITY & PRIVACY
THE NEW SCHOOL  INFORMATION TECHNOLOGY

71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003
+1 646 909-4728david...@newschool.edu



--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/MWHPR20MB1471D738F83EE589F1AD5EF3A79D0%40MWHPR20MB1471.namprd20.prod.outlook.com.

Paul Chauvet

unread,
Oct 1, 2019, 4:09:03 PM10/1/19
to cas-...@apereo.org

Awesome – thanks Dave!

 

Paul Chauvet, CISSP

Information Security Officer

State University of New York at New Paltz

845-257-3828

chau...@newpaltz.edu

emlogo

 

From: cas-...@apereo.org <cas-...@apereo.org> On Behalf Of David Curry
Sent: Tuesday, October 1, 2019 1:15 PM
To: CAS Community <cas-...@apereo.org>
Subject: Re: [cas-user] Debugging - saving (temporarily) full CAS XML response

 

CAUTION: Message from a non-New Paltz email server. Treat message, links, and attachments with extra caution.

 

Reply all
Reply to author
Forward
0 new messages