Testing CAS SAML response

[Adam Causey]

I am trying to debug the SAML response that CAS is sending back to one of our services.  When I send a POST request to CAS always sends back the response ''service' and 'ticket' parameters are both required", however I am including both.  I am not getting an 'invalid ticket' which is what I might expect if the credentials were incorrect.

Here is an example of what I am POSTing:

https://casserver/cas/samlValidate?service=http://localhost/foo&ticket=asdfkasdfjASF7979A

I am using SoapUI and have also tried a couple of extensions for Chrome with the same results.

Thanks,

Adam

[Misagh Moayyed]

That message is probably misleading in that it’s not the exact cause of the error. You’ll need to look into the logs. My guess is, if you actually are posting “asdfkas…” for the ticket, it most certainly will fail to validate. And samlValidate does not take “service” nor “ticket”. It takes TARGET and ArtifactId I believe (misleading and wrongly reported in the error, yes) .

 

--
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.

[satheesh k]

Hi Adam,

I am trying to validate SAML response as you mentioned below and I am getting same message. can you please help us to resolve if you found a way to debug SAML response. Further, can you please help how to get Service ticket generated on CAS authentication and pass as a parameter to SAMLvalidate.

Thanks,

Satheesh

[satheesh k]

In addition to my below request, We are using CAS V4.1.2 and implemented SAML V1.1. However, while trying to validate the SAML request we realized that we need to pass "'service' and 'ticket' details to validate it.

 Could someone help us to know how can we get the  server ticket id once the user is authenticated and pass it in SAML request. We tried passing the server ticket id which we get it from HTTP header but we are getting invalid ticket.

Can someone help me to resolve this problem. 

[Adam Causey]

I can't remember what I did to solve this issue, but I know you can get back any SAML response by turning on debug logging.

--
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
---

You received this message because you are subscribed to the Google Groups "CAS Community" group.

To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscribe@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/96fa1ab2-2ee7-482d-8482-0d0ac5b12eb2%40apereo.org.