after i log in to cas, the cas management web app returns 404

824 views
Skip to first unread message

Sami Ghayeni

unread,
Jul 20, 2016, 5:08:38 AM7/20/16
to CAS Community
what i did:

1-build the below cas-management-webapp/pom.xml file using the mvn clean package command:

<?xml version="1.0" encoding="UTF-8"?>
    <modelVersion>4.0.0</modelVersion>
    <groupId>net.unicon</groupId>
    <artifactId>cas4-svc-mgmt-overlay</artifactId>
    <packaging>war</packaging>
    <version>1.0</version>

    <build>
        <plugins>
            <plugin>
                <groupId>org.apache.maven.plugins</groupId>
                <artifactId>maven-war-plugin</artifactId>
                <version>2.6</version>
                <configuration>
                    <warName>cas-services</warName>
                    <overlays>
                        <overlay>
                            <groupId>org.jasig.cas</groupId>
                            <artifactId>cas-management-webapp</artifactId>
                        </overlay>
                    </overlays>
                </configuration>
            </plugin>
            <plugin>
                <groupId>org.apache.maven.plugins</groupId>
                <artifactId>maven-compiler-plugin</artifactId>
                <version>3.3</version>
                <configuration>
                    <source>${maven.compiler.source}</source>
                    <target>${maven.compiler.target}</target>
                </configuration>
            </plugin>

            <plugin>
                 <groupId>com.rimerosolutions.maven.plugins</groupId>
                 <artifactId>wrapper-maven-plugin</artifactId>
                 <version>0.0.4</version>
            </plugin>

        </plugins>
        <finalName>cas-services</finalName>
    </build>

    <dependencies>
        <dependency>
            <groupId>org.jasig.cas</groupId>
            <artifactId>cas-management-webapp</artifactId>
            <version>${cas.version}</version>
            <type>war</type>
            <scope>runtime</scope>
        </dependency>
    </dependencies>

    <properties>
        <cas.version>4.2.1</cas.version>
        <maven.compiler.source>1.7</maven.compiler.source>
        <maven.compiler.target>1.7</maven.compiler.target>
        <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
    </properties>
</project>

2- deploy cas-services.war to Tomcat
3- in the Tomcat Manager WebApp there is a /cas-services link. clicking on it says "Application Not Authorized to use CAS", also it's http not https. so i should add cas-services as a service, to cas.
4- the /webapps/cas-services/WEB-INF/classes/services directory has a file which is missing inside the /webapps/cas/WEB-INF/classes/services directory, the rest is the same. the name of this file is ServicesManagementWebApplication-52497044623301.json , i copied it so now cas/..../services directory contains this json too.(why there is two services directories?)
5- the /webapps/cas/WEB-INF/classes/services/ServicesManagementWebApplication-52497044623301.json file now contains this content:

{
  "@class" : "org.jasig.cas.services.RegexRegisteredService",
  "name" : "Services Management Web Application",
  "id" : 52497044623301,
  "description" : "Services Management Web Application",
  "proxyPolicy" : {
    "@class" : "org.jasig.cas.services.RefuseRegisteredServiceProxyPolicy"
  },
  "evaluationOrder" : 2,
  "usernameAttributeProvider" : {
    "@class" : "org.jasig.cas.services.DefaultRegisteredServiceUsernameProvider"
  },
  "logoutType" : "BACK_CHANNEL",
  "attributeReleasePolicy" : {
    "@class" : "org.jasig.cas.services.ReturnAllowedAttributeReleasePolicy",
    "principalAttributesRepository" : {
      "@class" : "org.jasig.cas.authentication.principal.DefaultPrincipalAttributesRepository"
    },
    "authorizedToReleaseCredentialPassword" : false,
    "authorizedToReleaseProxyGrantingTicket" : false
  },
  "accessStrategy" : {
    "@class" : "org.jasig.cas.services.DefaultRegisteredServiceAccessStrategy",
    "enabled" : true,
    "ssoEnabled" : true
  }
}

i changed the value of serviceId from this

to this
so it uses the https protocol, it's port is 8443 and also it accepts urls that have characters after the 'callback' word.

6- now i go to https:localhost:8443/cas-services , it redirects me to the cas login page.
7- after i login, although the logs says AUTHENTICATION_SUCCESS,  TICKET_GRANTING_TICKET_CREATED and SERVICE_TICKET_CREATED but after cas redirects me to
i see a 404 page which says:

HTTP Status 404 - /cas-management/callback

type Status report

message /cas-management/callback

description The requested resource is not available.

and 

is there documentation related to this i missed? did i do something wrong?
thanks in advance.

Misagh Moayyed

unread,
Jul 20, 2016, 5:29:45 AM7/20/16
to CAS Community
There is no such thing as cas-management in your configuration. You are deploying the app under cas-services. So adjust accordingly. 

Also see the big yellow box here; that might help:

-- 
Misagh
--
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To post to this group, send email to cas-...@apereo.org.
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/976edbea-969e-4b8a-a66e-65f04022857b%40apereo.org.
For more options, visit https://groups.google.com/a/apereo.org/d/optout.

Sami Ghayeni

unread,
Jul 20, 2016, 6:18:50 AM7/20/16
to CAS Community, mmoa...@unicon.net
changing cas-management to cas-services solved the 404 issue. but...

to be honest, i didn't understand the meaning of the word "configuration" in this context(in the yellow box, it says the configuration of cas and services management webapp should be the same, what does it mean? the .properties files?). 
actually i'm a beginner in Tomcat and i don't know very little about java and i know nothing about the spring framework.

it shows me the page with the text "services management" on top so i am inside the services management app but this page says:

The CAS management webapp is unavailable.

There was an error trying to complete your request. Please notify your support desk or try again.


also the logs shows there is a problem with the 'localhost' word somewhere, what does it mean and in which file should i find it? my whole project(except the database for authentication) is on localhost.

=============================================================
WHO: hihello
WHAT: Supplied credentials: [hihello]
ACTION: AUTHENTICATION_SUCCESS
APPLICATION: CAS
WHEN: Wed Jul 20 14:42:18 IRDT 2016
CLIENT IP ADDRESS: 127.0.0.1
SERVER IP ADDRESS: 127.0.0.1
=============================================================

>
2016-07-20 14:42:18,465 INFO [org.jasig.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHO: audit:unknown
WHAT: TGT-**********************************************cVJklQWh16-cas01.example.org
ACTION: TICKET_GRANTING_TICKET_CREATED
APPLICATION: CAS
WHEN: Wed Jul 20 14:42:18 IRDT 2016
CLIENT IP ADDRESS: 127.0.0.1
SERVER IP ADDRESS: 127.0.0.1
=============================================================

>
2016-07-20 14:42:18,472 INFO [org.jasig.cas.CentralAuthenticationServiceImpl] - <Granted ticket [ST-2-MhpXYeLdWMisJZ264n4a-cas01.example.org] for service [https://localhost:8443/cas-services/callback?client_name=CasClient] and principal [hihello]>
2016-07-20 14:42:18,474 INFO [org.jasig.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHO: hihello
ACTION: SERVICE_TICKET_CREATED
APPLICATION: CAS
WHEN: Wed Jul 20 14:42:18 IRDT 2016
CLIENT IP ADDRESS: 127.0.0.1
SERVER IP ADDRESS: 127.0.0.1
=============================================================

>
2016-07-20 14:42:18,588 ERROR [org.jasig.cas.client.util.CommonUtils] - <java.security.cert.CertificateException: No name matching localhost found
javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No name matching localhost found
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1904)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:279)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:273)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1446)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:209)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:901)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:837)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1023)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1332)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1359)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1343)
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:563)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1301)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:254)
at org.jasig.cas.client.util.CommonUtils.getResponseFromServer(CommonUtils.java:431)
at org.jasig.cas.client.validation.AbstractCasProtocolUrlBasedTicketValidator.retrieveResponseFromServer(AbstractCasProtocolUrlBasedTicketValidator.java:41)
at org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:193)
at org.pac4j.cas.client.CasClient.retrieveUserProfile(CasClient.java:320)
at org.pac4j.cas.client.CasClient.retrieveUserProfile(CasClient.java:83)
at org.pac4j.core.client.BaseClient.getUserProfile(BaseClient.java:99)
at org.pac4j.core.client.BaseClient.getUserProfile(BaseClient.java:48)
at org.pac4j.springframework.web.CallbackController.callback(CallbackController.java:81)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:222)
at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:137)
at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:110)
at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:814)
at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:737)
at org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:85)
at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:959)
at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:893)
at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:970)
at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:861)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:624)
at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:846)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:121)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346)
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:262)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.jasig.inspektr.common.web.ClientInfoThreadLocalFilter.doFilter(ClientInfoThreadLocalFilter.java:62)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:218)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:505)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:169)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:956)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:442)
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1082)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:623)
at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:318)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:745)
Caused by: java.security.cert.CertificateException: No name matching localhost found
at sun.security.util.HostnameChecker.matchDNS(HostnameChecker.java:208)
at sun.security.util.HostnameChecker.match(HostnameChecker.java:93)
at sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:347)
at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:203)
at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:126)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1428)
... 65 more
>
2016-07-20 14:42:22,938 INFO [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Beginning ticket cleanup...>
2016-07-20 14:42:22,938 INFO [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <0 expired tickets found and removed.>
2016-07-20 14:43:12,616 INFO [org.jasig.cas.services.DefaultServicesManagerImpl] - <Reloading registered services.>
2016-07-20 14:43:12,621 INFO [org.jasig.cas.services.DefaultServicesManagerImpl] - <Loaded 3 services from JsonServiceRegistryDao.>


thanks again. i appreciate your time.


On Wednesday, July 20, 2016 at 1:59:45 PM UTC+4:30, Misagh Moayyed wrote:
There is no such thing as cas-management in your configuration. You are deploying the app under cas-services. So adjust accordingly. 

Also see the big yellow box here; that might help:

-- 
Misagh

Misagh Moayyed

unread,
Jul 20, 2016, 6:43:39 AM7/20/16
to CAS Community
What it means is:

- Your CAS server is consuming service defns from some sort of registry. 
- You are using a separate UI to manage entries in that registry.
- So, your other UI and your CAS sever must share the same registry.

The certificate you used to secure 8443 is not issued to localhost. 

-- 
Misagh

From: Sami Ghayeni <s.sami....@gmail.com>
Reply: Sami Ghayeni <s.sami....@gmail.com>
Date: July 20, 2016 at 3:19:02 AM
To: CAS Community <cas-...@apereo.org>
Reply all
Reply to author
Forward
0 new messages