[cas-user] after i log in to cas, the cas management web app returns 404
199 views
Skip to first unread message
Sami Ghayeni
Jul 20, 2016, 5:08:40 AM7/20/16
to CAS Community
what i did:
-- 1-build the below cas-management-webapp/pom.xml file using the mvn clean package command:
<?xml version="1.0" encoding="UTF-8"?><project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd "> <modelVersion>4.0.0</modelVersion> <groupId>net.unicon</groupId> <artifactId>cas4-svc-mgmt-overlay</artifactId> <packaging>war</packaging> <version>1.0</version>
<build> <plugins> <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-war-plugin</artifactId> <version>2.6</version> <configuration> <warName>cas-services</warName> <overlays> <overlay> <groupId>org.jasig.cas</groupId> <artifactId>cas-management-webapp</artifactId> </overlay> </overlays> </configuration> </plugin> <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-compiler-plugin</artifactId> <version>3.3</version> <configuration> <source>${maven.compiler.source}</source> <target>${maven.compiler.target}</target> </configuration> </plugin>
<plugin> <groupId>com.rimerosolutions.maven.plugins</groupId> <artifactId>wrapper-maven-plugin</artifactId> <version>0.0.4</version> </plugin>
</plugins> <finalName>cas-services</finalName> </build>
<dependencies> <dependency> <groupId>org.jasig.cas</groupId> <artifactId>cas-management-webapp</artifactId> <version>${cas.version}</version> <type>war</type> <scope>runtime</scope> </dependency> </dependencies>
<properties> <cas.version>4.2.1</cas.version> <maven.compiler.source>1.7</maven.compiler.source> <maven.compiler.target>1.7</maven.compiler.target> <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> </properties></project>2- deploy cas-services.war to Tomcat
3- in the Tomcat Manager WebApp there is a /cas-services link. clicking on it says "Application Not Authorized to use CAS", also it's http not https. so i should add cas-services as a service, to cas.
4- the /webapps/cas-services/WEB-INF/classes/services directory has a file which is missing inside the /webapps/cas/WEB-INF/classes/services directory, the rest is the same. the name of this file is ServicesManagementWebApplication-52497044623301.json , i copied it so now cas/..../services directory contains this json too.(why there is two services directories?)
5- the /webapps/cas/WEB-INF/classes/services/ServicesManagementWebApplication-52497044623301.json file now contains this content:
{ "@class" : "org.jasig.cas.services.RegexRegisteredService", "serviceId" : "http://localhost:8080/cas-management/callback", "name" : "Services Management Web Application", "id" : 52497044623301, "description" : "Services Management Web Application", "proxyPolicy" : { "@class" : "org.jasig.cas.services.RefuseRegisteredServiceProxyPolicy" }, "evaluationOrder" : 2, "usernameAttributeProvider" : { "@class" : "org.jasig.cas.services.DefaultRegisteredServiceUsernameProvider" }, "logoutType" : "BACK_CHANNEL", "attributeReleasePolicy" : { "@class" : "org.jasig.cas.services.ReturnAllowedAttributeReleasePolicy", "principalAttributesRepository" : { "@class" : "org.jasig.cas.authentication.principal.DefaultPrincipalAttributesRepository" }, "authorizedToReleaseCredentialPassword" : false, "authorizedToReleaseProxyGrantingTicket" : false }, "accessStrategy" : { "@class" : "org.jasig.cas.services.DefaultRegisteredServiceAccessStrategy", "enabled" : true, "ssoEnabled" : true }}i changed the value of serviceId from this
"serviceId" : "http://localhost:8080/cas-management/callback"to this
"serviceId" : "https://localhost8443/cas-management/callback.*"so it uses the https protocol, it's port is 8443 and also it accepts urls that have characters after the 'callback' word.
6- now i go to https:localhost:8443/cas-services , it redirects me to the cas login page.
7- after i login, although the logs says AUTHENTICATION_SUCCESS, TICKET_GRANTING_TICKET_CREATED and SERVICE_TICKET_CREATED but after cas redirects me to
i see a 404 page which says:
HTTP Status 404 - /cas-management/callback
type Status report
message /cas-management/callback
description The requested resource is not available.
and
is there documentation related to this i missed? did i do something wrong?
thanks in advance.
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To post to this group, send email to cas-...@apereo.org.
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/976edbea-969e-4b8a-a66e-65f04022857b%40apereo.org.
For more options, visit https://groups.google.com/a/apereo.org/d/optout.
Misagh Moayyed
Jul 20, 2016, 5:29:42 AM7/20/16
to CAS Community
There is no such thing as cas-management in your configuration. You are deploying the app under cas-services. So adjust accordingly.
Also see the big yellow box here; that might help:
--
Misagh
Misagh
Sami Ghayeni
Jul 20, 2016, 6:18:51 AM7/20/16
to CAS Community, mmoa...@unicon.net
changing cas-management to cas-services solved the 404 issue. but...
thanks again. i appreciate your time.
to be honest, i didn't understand the meaning of the word "configuration" in this context(in the yellow box, it says the configuration of cas and services management webapp should be the same, what does it mean? the .properties files?).
actually i'm a beginner in Tomcat and i don't know very little about java and i know nothing about the spring framework.
now, when i log in to /cas-services, it redirects me to https://localhost:8443/cas-services/callback?client_name=CasClient&ticket=ST-2-MhpXYeLdWMisJZ264n4a-cas01.example.org
it shows me the page with the text "services management" on top so i am inside the services management app but this page says:
The CAS management webapp is unavailable.
There was an error trying to complete your request. Please notify your support desk or try again.
also the logs shows there is a problem with the 'localhost' word somewhere, what does it mean and in which file should i find it? my whole project(except the database for authentication) is on localhost.
=============================================================WHO: hihelloWHAT: Supplied credentials: [hihello]ACTION: AUTHENTICATION_SUCCESSAPPLICATION: CASWHEN: Wed Jul 20 14:42:18 IRDT 2016CLIENT IP ADDRESS: 127.0.0.1SERVER IP ADDRESS: 127.0.0.1=============================================================
>2016-07-20 14:42:18,465 INFO [org.jasig.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit trail record BEGIN=============================================================WHO: audit:unknownWHAT: TGT-**********************************************cVJklQWh16-cas01.example.orgACTION: TICKET_GRANTING_TICKET_CREATEDAPPLICATION: CASWHEN: Wed Jul 20 14:42:18 IRDT 2016CLIENT IP ADDRESS: 127.0.0.1SERVER IP ADDRESS: 127.0.0.1=============================================================
>2016-07-20 14:42:18,472 INFO [org.jasig.cas.CentralAuthenticationServiceImpl] - <Granted ticket [ST-2-MhpXYeLdWMisJZ264n4a-cas01.example.org] for service [https://localhost:8443/cas-services/callback?client_name=CasClient] and principal [hihello]>2016-07-20 14:42:18,474 INFO [org.jasig.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit trail record BEGIN=============================================================WHO: hihelloWHAT: ST-2-MhpXYeLdWMisJZ264n4a-cas01.example.org for https://localhost:8443/cas-services/callback?client_name=CasClientACTION: SERVICE_TICKET_CREATEDAPPLICATION: CASWHEN: Wed Jul 20 14:42:18 IRDT 2016CLIENT IP ADDRESS: 127.0.0.1SERVER IP ADDRESS: 127.0.0.1=============================================================
>2016-07-20 14:42:18,588 ERROR [org.jasig.cas.client.util.CommonUtils] - <java.security.cert.CertificateException: No name matching localhost foundjavax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No name matching localhost found at sun.security.ssl.Alerts.getSSLException(Alerts.java:192) at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1904) at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:279) at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:273) at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1446) at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:209) at sun.security.ssl.Handshaker.processLoop(Handshaker.java:901) at sun.security.ssl.Handshaker.process_record(Handshaker.java:837) at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1023) at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1332) at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1359) at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1343) at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:563) at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185) at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1301) at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:254) at org.jasig.cas.client.util.CommonUtils.getResponseFromServer(CommonUtils.java:431) at org.jasig.cas.client.validation.AbstractCasProtocolUrlBasedTicketValidator.retrieveResponseFromServer(AbstractCasProtocolUrlBasedTicketValidator.java:41) at org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:193) at org.pac4j.cas.client.CasClient.retrieveUserProfile(CasClient.java:320) at org.pac4j.cas.client.CasClient.retrieveUserProfile(CasClient.java:83) at org.pac4j.core.client.BaseClient.getUserProfile(BaseClient.java:99) at org.pac4j.core.client.BaseClient.getUserProfile(BaseClient.java:48) at org.pac4j.springframework.web.CallbackController.callback(CallbackController.java:81) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:606) at org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:222) at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:137) at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:110) at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:814) at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:737) at org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:85) at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:959) at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:893) at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:970) at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:861) at javax.servlet.http.HttpServlet.service(HttpServlet.java:624) at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:846) at javax.servlet.http.HttpServlet.service(HttpServlet.java:731) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:121) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346) at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:262) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) at org.jasig.inspektr.common.web.ClientInfoThreadLocalFilter.doFilter(ClientInfoThreadLocalFilter.java:62) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:218) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:505) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:169) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103) at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:956) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:442) at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1082) at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:623) at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:318) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) at java.lang.Thread.run(Thread.java:745)Caused by: java.security.cert.CertificateException: No name matching localhost found at sun.security.util.HostnameChecker.matchDNS(HostnameChecker.java:208) at sun.security.util.HostnameChecker.match(HostnameChecker.java:93) at sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:347) at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:203) at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:126) at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1428) ... 65 more>2016-07-20 14:42:22,938 INFO [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Beginning ticket cleanup...>2016-07-20 14:42:22,938 INFO [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <0 expired tickets found and removed.>2016-07-20 14:43:12,616 INFO [org.jasig.cas.services.DefaultServicesManagerImpl] - <Reloading registered services.>2016-07-20 14:43:12,621 INFO [org.jasig.cas.services.DefaultServicesManagerImpl] - <Loaded 3 services from JsonServiceRegistryDao.>
thanks again. i appreciate your time.
On Wednesday, July 20, 2016 at 1:59:45 PM UTC+4:30, Misagh Moayyed wrote:
There is no such thing as cas-management in your configuration. You are deploying the app under cas-services. So adjust accordingly.Also see the big yellow box here; that might help:
--
Misagh
Misagh Moayyed
Jul 20, 2016, 6:43:36 AM7/20/16
to CAS Community
What it means is:
- Your CAS server is consuming service defns from some sort of registry.
- You are using a separate UI to manage entries in that registry.
- So, your other UI and your CAS sever must share the same registry.
The certificate you used to secure 8443 is not issued to localhost.
--
Misagh
Misagh
From: Sami Ghayeni <s.sami....@gmail.com>
Reply: Sami Ghayeni <s.sami....@gmail.com>
Date: July 20, 2016 at 3:19:02 AM
To: CAS Community <cas-...@apereo.org>
Reply all
Reply to author
Forward
0 new messages