"Application Not Authorized to Use CAS" - Extractor did not generate service
53 views
Skip to first unread message
John Breen
Apr 28, 2014, 2:20:25 PM4/28/14
to cas...@googlegroups.com
Good Afternoon,
I am working on deploying the CASSHIB extension and thing seems to be working fine until after my authentication. The application displays "Application Not Authorized to use CAS". The components I am using are:
* Tomcat 6.0.24
* Shibboleth 2.5.3
* Apache 2.2.15 (using mod_jk)
* CentOS 6.5
* OpenJDK java version "1.6.0_30"
* CASSHIB Server 3.5.2a
* CASSHIB Demo 1.0.0
I am testing by authenticating through our Identity Provider to:
https://<HOSTNAME>/casshib/shib/app1/login
My logging level for cas.log is at TRACE, I noted the following:
2014-04-28 13:57:50,642 TRACE [org.jasig.cas.aspect.LogAspect] - Entering method [getService with arguments [[[org.jasig.cas.web.support.CasArgumentExtractor@3d2b92fd, org.jasig.cas.web.support.SamlArgumentExtractor@73a31895], org.apache.catalina.core.ApplicationHttpRequest@377c4d48]]
2014-04-28 13:57:50,642 TRACE [org.jasig.cas.web.support.CasArgumentExtractor] - Entering method [extractService with arguments [[org.apache.catalina.core.ApplicationHttpRequest@377c4d48]]
2014-04-28 13:57:50,642 TRACE [org.jasig.cas.web.support.CasArgumentExtractor] - Entering method [extractServiceInternal with arguments [[org.apache.catalina.core.ApplicationHttpRequest@377c4d48]]
2014-04-28 13:57:50,642 TRACE [org.jasig.cas.aspect.LogAspect] - Entering method [createServiceFrom with arguments [[org.apache.catalina.core.ApplicationHttpRequest@377c4d48, org.jasig.cas.util.HttpClient@60edf070]]
2014-04-28 13:57:50,642 TRACE [org.jasig.cas.aspect.LogAspect] - Leaving method [createServiceFrom] with return value [null].
2014-04-28 13:57:50,642 TRACE [org.jasig.cas.web.support.CasArgumentExtractor] - Leaving method [extractServiceInternal] with return value [null].
2014-04-28 13:57:50,642 DEBUG [org.jasig.cas.web.support.CasArgumentExtractor] - Extractor did not generate service.
2014-04-28 13:57:50,642 TRACE [org.jasig.cas.web.support.CasArgumentExtractor] - Leaving method [extractService] with return value [null].
2014-04-28 13:57:50,642 TRACE [org.jasig.cas.web.support.SamlArgumentExtractor] - Entering method [extractService with arguments [[org.apache.catalina.core.ApplicationHttpRequest@377c4d48]]
2014-04-28 13:57:50,643 TRACE [org.jasig.cas.web.support.SamlArgumentExtractor] - Entering method [extractServiceInternal with arguments [[org.apache.catalina.core.ApplicationHttpRequest@377c4d48]]
2014-04-28 13:57:50,643 TRACE [org.jasig.cas.aspect.LogAspect] - Entering method [createServiceFrom with arguments [[org.apache.catalina.core.ApplicationHttpRequest@377c4d48, org.jasig.cas.util.HttpClient@60edf070]]
2014-04-28 13:57:50,643 TRACE [org.jasig.cas.aspect.LogAspect] - Leaving method [createServiceFrom] with return value [null].
2014-04-28 13:57:50,643 TRACE [org.jasig.cas.web.support.SamlArgumentExtractor] - Leaving method [extractServiceInternal] with return value [null].
2014-04-28 13:57:50,643 DEBUG [org.jasig.cas.web.support.SamlArgumentExtractor] - Extractor did not generate service.
2014-04-28 13:57:50,643 TRACE [org.jasig.cas.web.support.SamlArgumentExtractor] - Leaving method [extractService] with return value [null].
2014-04-28 13:57:50,643 TRACE [org.jasig.cas.aspect.LogAspect] - Leaving method [getService] with return value [null].
2014-04-28 13:57:50,643 TRACE [org.jasig.cas.services.DefaultServicesManagerImpl] - Entering method [findServiceBy with arguments [[null]]
2014-04-28 13:57:50,643 TRACE [org.jasig.cas.services.RegexRegisteredService] - Entering method [getEvaluationOrder with arguments []
2014-04-28 13:57:50,643 TRACE [org.jasig.cas.services.RegexRegisteredService] - Leaving method [getEvaluationOrder] with return value [10000001].
2014-04-28 13:57:50,644 TRACE [org.jasig.cas.services.RegexRegisteredService] - Entering method [getName with arguments []
2014-04-28 13:57:50,644 TRACE [org.jasig.cas.services.RegexRegisteredService] - Leaving method [getName] with return value [HTTP and IMAP].
2014-04-28 13:57:50,644 TRACE [org.jasig.cas.services.RegexRegisteredService] - Entering method [matches with arguments [[null]]
2014-04-28 13:57:50,644 TRACE [org.jasig.cas.services.RegexRegisteredService] - Leaving method [matches] with return value [false].
2014-04-28 13:57:50,644 TRACE [org.jasig.cas.services.DefaultServicesManagerImpl] - Leaving method [findServiceBy] with return value [null].
2014-04-28 13:57:50,644 TRACE [org.jasig.cas.services.web.ServiceThemeResolver] - Leaving method [resolveThemeName] with return value [cas-theme-default].
2014-04-28 13:57:50,645 TRACE [org.jasig.cas.aspect.LogAspect] - Entering method [getVersion with arguments []
2014-04-28 13:57:50,645 TRACE [org.jasig.cas.aspect.LogAspect] - Leaving method [getVersion] with return value [3.5.2].
2014-04-28 13:57:50,645 TRACE [org.jasig.cas.web.flow.TerminateWebSessionListener] - Entering method [sessionEnded with arguments [[[RequestControlContextImpl@1b38657e externalContext = org.springframework.webflow.mvc.servlet.MvcExternalContext@138f4128, currentEvent = [null], requestScope = map[[empty]], attributes = map[[empty]], messageContext = [DefaultMessageContext@21feb320 sourceMessages = map[[null] -> list[[empty]]]], flowExecution = [Ended execution of 'login']], [FlowSessionImpl@76949cfe flow = 'login', state = 'viewServiceErrorView', scope = map['warnCookieValue' -> false, 'ticketGrantingTicketId' -> [null]]], viewServiceErrorView, map[[empty]]]]
2014-04-28 13:57:50,645 TRACE [org.jasig.cas.web.flow.TerminateWebSessionListener] - Entering method [sessionEnded with arguments [[[RequestControlContextImpl@1b38657e externalContext = org.springframework.webflow.mvc.servlet.MvcExternalContext@138f4128, currentEvent = [null], requestScope = map[[empty]], attributes = map[[empty]], messageContext = [DefaultMessageContext@21feb320 sourceMessages = map[[null] -> list[[empty]]]], flowExecution = [Ended execution of 'login']], [FlowSessionImpl@76949cfe flow = 'login', state = 'viewServiceErrorView', scope = map['warnCookieValue' -> false, 'ticketGrantingTicketId' -> [null]]], viewServiceErrorView, map[[empty]]]]
2014-04-28 13:57:50,645 TRACE [org.jasig.cas.aspect.LogAspect] - Entering method [getHttpServletRequest with arguments [[[RequestControlContextImpl@1b38657e externalContext = org.springframework.webflow.mvc.servlet.MvcExternalContext@138f4128, currentEvent = [null], requestScope = map[[empty]], attributes = map[[empty]], messageContext = [DefaultMessageContext@21feb320 sourceMessages = map[[null] -> list[[empty]]]], flowExecution = [Ended execution of 'login']]]]
2014-04-28 13:57:50,646 TRACE [org.jasig.cas.aspect.LogAspect] - Leaving method [getHttpServletRequest] with return value [org.apache.catalina.connector.RequestFacade@644ba31d].
2014-04-28 13:57:50,646 DEBUG [org.jasig.cas.web.flow.TerminateWebSessionListener] - Terminate web session 441AFFE826C1F07545BB287AE816AE9D in 2 seconds
2014-04-28 13:57:50,646 DEBUG [org.jasig.cas.web.flow.TerminateWebSessionListener] - Terminate web session 441AFFE826C1F07545BB287AE816AE9D in 2 seconds
2014-04-28 13:57:50,646 TRACE [org.jasig.cas.web.flow.TerminateWebSessionListener] - Leaving method [sessionEnded] with return value [null].
2014-04-28 13:57:50,646 TRACE [org.jasig.cas.web.flow.TerminateWebSessionListener] - Leaving method [sessionEnded] with return value [null].
2014-04-28 13:57:50,646 TRACE [org.jasig.cas.web.init.SafeDispatcherServlet] - Leaving method [service] with return value [null].
Can anyone point me in the right direction for what is mis-configured and preventing the service from being retrieved? I don't expect this is a service trust issue, it seems to me the service is not being passed as expected.
I have also tried explicitly passing the service as a query string at the end of the URL via:
https://<HOSTNAME>/casshib/shib/app1/login?service=https%3a%2f%2f<HOSTNAME>%2fcasshib%2fapp1
I seem to get a bit further in this case. I can see the following in the logs:
Leaving method [getService] with return value [https://<HOSTNAME>/casshib/app1/]
Generated login ticket LT-4-<SOME_TICKET>
Attribute map for <USERNAME>@<MY_DOMAIN>: {Shib-AuthnContext-Class=urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified, Shib-Session-Index=<SHIB_SESSION>, unscoped-affiliation=<MY_UNSCOPED_AFFILIATIONS>, eppn=<MY_EPPN>, Shib-Session-ID=<MY_SESSION>, Shib-Authentication-Method=urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified, Shib-Application-ID=app1, Shib-Authentication-Instant=<MY_AUTH_TIME_Z>, affiliation=<MY_SCOPED_AFFILIATIONS>, Shib-Identity-Provider=<MY_ENTITY_ID_IDP>}
CAS SHOWS THE FOLLOWING ACTIONS:
ACTION: AUTHENTICATION_SUCCESS
ACTION: TICKET_GRANTING_TICKET_CREATED
ACTION: SERVICE_TICKET_CREATED
2014-04-28 14:03:24,035 TRACE [org.jasig.cas.aspect.LogAspect] - Entering method [putServiceTicketInRequestScope with arguments [[[RequestControlContextImpl@7c4e52e1 externalContext = org.springframework.webflow.mvc.servlet.MvcExternalContext@7a237188, currentEvent = success, requestScope = map['ticketGrantingTicketId' -> 'TGT-4-BfjOxxNA9M3wBwXCfrNtHQfDGF4DKIJmWbXZRcDSqVU1qfLChU-cas01.example.org'], attributes = map[[empty]], messageContext = [DefaultMessageContext@2cf2d65d sourceMessages = map[[null] -> list[[empty]]]], flowExecution = [FlowExecutionImpl@7ad78ab8 flow = 'login', flowSessions = list[[FlowSessionImpl@5cd47509 flow = 'login', state = 'generateServiceTicket', scope = map['loginTicket' -> 'LT-4-BdyOw4mylitb7DdTtoLP31sbYYPjKB', 'service' -> https://<HOSTNAME>/casshib/app1/, 'warnCookieValue' -> false, 'ticketGrantingTicketId' -> [null]]]]]], ST-5-DOHYPnChEkq5RkyzHanL-cas01.example.org]]
2014-04-28 14:03:24,035 TRACE [org.jasig.cas.aspect.LogAspect] - Leaving method [putServiceTicketInRequestScope] with return value [null].
2014-04-28 14:03:24,036 TRACE [org.jasig.cas.aspect.LogAspect] - Entering method [getRedirectResponse with arguments [[https:/<HOSTNAME>/casshib/app1/, {ticket=ST-5-DOHYPnChEkq5RkyzHanL-cas01.example.org}]]
2014-04-28 14:03:24,036 TRACE [org.jasig.cas.aspect.LogAspect] - Leaving method [getRedirectResponse] with return value [org.jasig.cas.authentication.principal.Response@4067eeca].
2014-04-28 14:03:24,036 TRACE [org.jasig.cas.authentication.principal.Response] - Entering method [getResponseType with arguments []
2014-04-28 14:03:24,036 TRACE [org.jasig.cas.authentication.principal.Response] - Leaving method [getResponseType] with return value [REDIRECT].
2014-04-28 14:03:24,037 TRACE [org.jasig.cas.authentication.principal.Response] - Entering method [getUrl with arguments []
2014-04-28 14:03:24,037 TRACE [org.jasig.cas.authentication.principal.Response] - Leaving method [getUrl] with return value [https://<HOSTNAME>/casshib/app1/?ticket=ST-5-DOHYPnChEkq5RkyzHanL-cas01.example.org].
2014-04-28 14:03:24,037 TRACE [org.jasig.cas.web.flow.TerminateWebSessionListener] - Entering method [sessionEnded with arguments [[[RequestControlContextImpl@7c4e52e1 externalContext = org.springframework.webflow.mvc.servlet.MvcExternalContext@7a237188, currentEvent = success, requestScope = map['response' -> org.jasig.cas.authentication.principal.Response@4067eeca, 'serviceTicketId' -> 'ST-5-DOHYPnChEkq5RkyzHanL-cas01.example.org', 'ticketGrantingTicketId' -> 'TGT-4-BfjOxxNA9M3wBwXCfrNtHQfDGF4DKIJmWbXZRcDSqVU1qfLChU-cas01.example.org'], attributes = map[[empty]], messageContext = [DefaultMessageContext@2cf2d65d sourceMessages = map[[null] -> list[[empty]]]], flowExecution = [Ended execution of 'login']], [FlowSessionImpl@5cd47509 flow = 'login', state = 'redirectView', scope = map['loginTicket' -> 'LT-4-BdyOw4mylitb7DdTtoLP31sbYYPjKB', 'service' -> https://<HOSTNAME>/casshib/app1/, 'warnCookieValue' -> false, 'ticketGrantingTicketId' -> [null]]], redirectView, map[[empty]]]]
2014-04-28 14:03:24,037 TRACE [org.jasig.cas.web.flow.TerminateWebSessionListener] - Entering method [sessionEnded with arguments [[[RequestControlContextImpl@7c4e52e1 externalContext = org.springframework.webflow.mvc.servlet.MvcExternalContext@7a237188, currentEvent = success, requestScope = map['response' -> org.jasig.cas.authentication.principal.Response@4067eeca, 'serviceTicketId' -> 'ST-5-DOHYPnChEkq5RkyzHanL-cas01.example.org', 'ticketGrantingTicketId' -> 'TGT-4-BfjOxxNA9M3wBwXCfrNtHQfDGF4DKIJmWbXZRcDSqVU1qfLChU-cas01.example.org'], attributes = map[[empty]], messageContext = [DefaultMessageContext@2cf2d65d sourceMessages = map[[null] -> list[[empty]]]], flowExecution = [Ended execution of 'login']], [FlowSessionImpl@5cd47509 flow = 'login', state = 'redirectView', scope = map['loginTicket' -> 'LT-4-BdyOw4mylitb7DdTtoLP31sbYYPjKB', 'service' -> https://<HOSTNAME>/casshib/app1/, 'warnCookieValue' -> false, 'ticketGrantingTicketId' -> [null]]], redirectView, map[[empty]]]]
2014-04-28 14:03:24,037 TRACE [org.jasig.cas.aspect.LogAspect] - Entering method [getHttpServletRequest with arguments [[[RequestControlContextImpl@7c4e52e1 externalContext = org.springframework.webflow.mvc.servlet.MvcExternalContext@7a237188, currentEvent = success, requestScope = map['response' -> org.jasig.cas.authentication.principal.Response@4067eeca, 'serviceTicketId' -> 'ST-5-DOHYPnChEkq5RkyzHanL-cas01.example.org', 'ticketGrantingTicketId' -> 'TGT-4-BfjOxxNA9M3wBwXCfrNtHQfDGF4DKIJmWbXZRcDSqVU1qfLChU-cas01.example.org'], attributes = map[[empty]], messageContext = [DefaultMessageContext@2cf2d65d sourceMessages = map[[null] -> list[[empty]]]], flowExecution = [Ended execution of 'login']]]]
2014-04-28 14:03:24,038 TRACE [org.jasig.cas.aspect.LogAspect] - Leaving method [getHttpServletRequest] with return value [org.apache.catalina.connector.RequestFacade@56590bf4].
2014-04-28 14:03:24,038 TRACE [org.jasig.cas.web.flow.TerminateWebSessionListener] - Leaving method [sessionEnded] with return value [null].
2014-04-28 14:03:24,038 TRACE [org.jasig.cas.web.flow.TerminateWebSessionListener] - Leaving method [sessionEnded] with return value [null].
2014-04-28 14:03:24,038 TRACE [org.jasig.cas.web.flow.TerminateWebSessionListener] - Entering method [sessionStarted with arguments [[[RequestControlContextImpl@7c4e52e1 externalContext = org.springframework.webflow.mvc.servlet.MvcExternalContext@7a237188, currentEvent = success, requestScope = map['response' -> org.jasig.cas.authentication.principal.Response@4067eeca, 'serviceTicketId' -> 'ST-5-DOHYPnChEkq5RkyzHanL-cas01.example.org', 'ticketGrantingTicketId' -> 'TGT-4-BfjOxxNA9M3wBwXCfrNtHQfDGF4DKIJmWbXZRcDSqVU1qfLChU-cas01.example.org'], attributes = map[[empty]], messageContext = [DefaultMessageContext@2cf2d65d sourceMessages = map[[null] -> list[[empty]]]], flowExecution = [Ended execution of 'login']], [FlowSessionImpl@5cd47509 flow = 'login', state = 'redirectView', scope = map['loginTicket' -> 'LT-4-BdyOw4mylitb7DdTtoLP31sbYYPjKB', 'service' -> https://<HOSTNAME>/casshib/app1/, 'warnCookieValue' -> false, 'ticketGrantingTicketId' -> [null]]]]]
2014-04-28 14:03:24,038 TRACE [org.jasig.cas.web.flow.TerminateWebSessionListener] - Entering method [sessionStarted with arguments [[[RequestControlContextImpl@7c4e52e1 externalContext = org.springframework.webflow.mvc.servlet.MvcExternalContext@7a237188, currentEvent = success, requestScope = map['response' -> org.jasig.cas.authentication.principal.Response@4067eeca, 'serviceTicketId' -> 'ST-5-DOHYPnChEkq5RkyzHanL-cas01.example.org', 'ticketGrantingTicketId' -> 'TGT-4-BfjOxxNA9M3wBwXCfrNtHQfDGF4DKIJmWbXZRcDSqVU1qfLChU-cas01.example.org'], attributes = map[[empty]], messageContext = [DefaultMessageContext@2cf2d65d sourceMessages = map[[null] -> list[[empty]]]], flowExecution = [Ended execution of 'login']], [FlowSessionImpl@5cd47509 flow = 'login', state = 'redirectView', scope = map['loginTicket' -> 'LT-4-BdyOw4mylitb7DdTtoLP31sbYYPjKB', 'service' -> https://<HOSTNAME>/casshib/app1/, 'warnCookieValue' -> false, 'ticketGrantingTicketId' -> [null]]]]]
2014-04-28 14:03:24,038 TRACE [org.jasig.cas.aspect.LogAspect] - Entering method [getService with arguments [[[RequestControlContextImpl@7c4e52e1 externalContext = org.springframework.webflow.mvc.servlet.MvcExternalContext@7a237188, currentEvent = success, requestScope = map['response' -> org.jasig.cas.authentication.principal.Response@4067eeca, 'serviceTicketId' -> 'ST-5-DOHYPnChEkq5RkyzHanL-cas01.example.org', 'ticketGrantingTicketId' -> 'TGT-4-BfjOxxNA9M3wBwXCfrNtHQfDGF4DKIJmWbXZRcDSqVU1qfLChU-cas01.example.org'], attributes = map[[empty]], messageContext = [DefaultMessageContext@2cf2d65d sourceMessages = map[[null] -> list[[empty]]]], flowExecution = [Ended execution of 'login']]]]
2014-04-28 14:03:24,038 TRACE [org.jasig.cas.aspect.LogAspect] - Leaving method [getService] with return value [null].
2014-04-28 14:03:24,038 DEBUG [org.jasig.cas.web.flow.TerminateWebSessionListener] - Error getting service from flow state.
java.lang.IllegalStateException: No active FlowSession to access; this FlowExecution has ended
at org.springframework.webflow.engine.impl.FlowExecutionImpl.getActiveSession(FlowExecutionImpl.java:191)
at org.springframework.webflow.engine.impl.RequestControlContextImpl.getFlowScope(RequestControlContextImpl.java:134)
at org.jasig.cas.web.support.WebUtils.getService_aroundBody8(WebUtils.java:87)
at org.jasig.cas.web.support.WebUtils.getService_aroundBody9$advice(WebUtils.java:57)
at org.jasig.cas.web.support.WebUtils.getService(WebUtils.java:1)
at org.jasig.cas.web.flow.TerminateWebSessionListener.sessionStarted_aroundBody0(TerminateWebSessionListener.java:62)
at org.jasig.cas.web.flow.TerminateWebSessionListener.sessionStarted_aroundBody1$advice(TerminateWebSessionListener.java:57)
at org.jasig.cas.web.flow.TerminateWebSessionListener.sessionStarted(TerminateWebSessionListener.java:1)
at org.springframework.webflow.engine.impl.FlowExecutionListeners.fireSessionStarted(FlowExecutionListeners.java:126)
at org.springframework.webflow.engine.impl.FlowExecutionImpl.start(FlowExecutionImpl.java:367)
at org.springframework.webflow.engine.impl.FlowExecutionImpl.start(FlowExecutionImpl.java:225)
at org.springframework.webflow.executor.FlowExecutorImpl.launchExecution(FlowExecutorImpl.java:140)
at org.springframework.webflow.mvc.servlet.FlowHandlerAdapter.handle(FlowHandlerAdapter.java:193)
at org.springframework.webflow.mvc.servlet.FlowController.handleRequest(FlowController.java:174)
at org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter.handle(SimpleControllerHandlerAdapter.java:48)
at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:923)
at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:852)
at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:882)
at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:778)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:617)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
at org.jasig.cas.web.init.SafeDispatcherServlet.service_aroundBody2(SafeDispatcherServlet.java:128)
at org.jasig.cas.web.init.SafeDispatcherServlet.service_aroundBody3$advice(SafeDispatcherServlet.java:57)
at org.jasig.cas.web.init.SafeDispatcherServlet.service(SafeDispatcherServlet.java:1)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:88)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76)
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346)
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:259)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at com.github.inspektr.common.web.ClientInfoThreadLocalFilter.doFilter(ClientInfoThreadLocalFilter.java:63)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:298)
at org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:190)
at org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:291)
at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:769)
at org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:698)
at org.apache.jk.common.ChannelSocket$SocketConnection.runIt(ChannelSocket.java:891)
at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:690)
at java.lang.Thread.run(Thread.java:701)
Any help or pointers here would be appreciated. Thanks!
John
I am working on deploying the CASSHIB extension and thing seems to be working fine until after my authentication. The application displays "Application Not Authorized to use CAS". The components I am using are:
* Tomcat 6.0.24
* Shibboleth 2.5.3
* Apache 2.2.15 (using mod_jk)
* CentOS 6.5
* OpenJDK java version "1.6.0_30"
* CASSHIB Server 3.5.2a
* CASSHIB Demo 1.0.0
I am testing by authenticating through our Identity Provider to:
https://<HOSTNAME>/casshib/shib/app1/login
My logging level for cas.log is at TRACE, I noted the following:
2014-04-28 13:57:50,642 TRACE [org.jasig.cas.aspect.LogAspect] - Entering method [getService with arguments [[[org.jasig.cas.web.support.CasArgumentExtractor@3d2b92fd, org.jasig.cas.web.support.SamlArgumentExtractor@73a31895], org.apache.catalina.core.ApplicationHttpRequest@377c4d48]]
2014-04-28 13:57:50,642 TRACE [org.jasig.cas.web.support.CasArgumentExtractor] - Entering method [extractService with arguments [[org.apache.catalina.core.ApplicationHttpRequest@377c4d48]]
2014-04-28 13:57:50,642 TRACE [org.jasig.cas.web.support.CasArgumentExtractor] - Entering method [extractServiceInternal with arguments [[org.apache.catalina.core.ApplicationHttpRequest@377c4d48]]
2014-04-28 13:57:50,642 TRACE [org.jasig.cas.aspect.LogAspect] - Entering method [createServiceFrom with arguments [[org.apache.catalina.core.ApplicationHttpRequest@377c4d48, org.jasig.cas.util.HttpClient@60edf070]]
2014-04-28 13:57:50,642 TRACE [org.jasig.cas.aspect.LogAspect] - Leaving method [createServiceFrom] with return value [null].
2014-04-28 13:57:50,642 TRACE [org.jasig.cas.web.support.CasArgumentExtractor] - Leaving method [extractServiceInternal] with return value [null].
2014-04-28 13:57:50,642 DEBUG [org.jasig.cas.web.support.CasArgumentExtractor] - Extractor did not generate service.
2014-04-28 13:57:50,642 TRACE [org.jasig.cas.web.support.CasArgumentExtractor] - Leaving method [extractService] with return value [null].
2014-04-28 13:57:50,642 TRACE [org.jasig.cas.web.support.SamlArgumentExtractor] - Entering method [extractService with arguments [[org.apache.catalina.core.ApplicationHttpRequest@377c4d48]]
2014-04-28 13:57:50,643 TRACE [org.jasig.cas.web.support.SamlArgumentExtractor] - Entering method [extractServiceInternal with arguments [[org.apache.catalina.core.ApplicationHttpRequest@377c4d48]]
2014-04-28 13:57:50,643 TRACE [org.jasig.cas.aspect.LogAspect] - Entering method [createServiceFrom with arguments [[org.apache.catalina.core.ApplicationHttpRequest@377c4d48, org.jasig.cas.util.HttpClient@60edf070]]
2014-04-28 13:57:50,643 TRACE [org.jasig.cas.aspect.LogAspect] - Leaving method [createServiceFrom] with return value [null].
2014-04-28 13:57:50,643 TRACE [org.jasig.cas.web.support.SamlArgumentExtractor] - Leaving method [extractServiceInternal] with return value [null].
2014-04-28 13:57:50,643 DEBUG [org.jasig.cas.web.support.SamlArgumentExtractor] - Extractor did not generate service.
2014-04-28 13:57:50,643 TRACE [org.jasig.cas.web.support.SamlArgumentExtractor] - Leaving method [extractService] with return value [null].
2014-04-28 13:57:50,643 TRACE [org.jasig.cas.aspect.LogAspect] - Leaving method [getService] with return value [null].
2014-04-28 13:57:50,643 TRACE [org.jasig.cas.services.DefaultServicesManagerImpl] - Entering method [findServiceBy with arguments [[null]]
2014-04-28 13:57:50,643 TRACE [org.jasig.cas.services.RegexRegisteredService] - Entering method [getEvaluationOrder with arguments []
2014-04-28 13:57:50,643 TRACE [org.jasig.cas.services.RegexRegisteredService] - Leaving method [getEvaluationOrder] with return value [10000001].
2014-04-28 13:57:50,644 TRACE [org.jasig.cas.services.RegexRegisteredService] - Entering method [getName with arguments []
2014-04-28 13:57:50,644 TRACE [org.jasig.cas.services.RegexRegisteredService] - Leaving method [getName] with return value [HTTP and IMAP].
2014-04-28 13:57:50,644 TRACE [org.jasig.cas.services.RegexRegisteredService] - Entering method [matches with arguments [[null]]
2014-04-28 13:57:50,644 TRACE [org.jasig.cas.services.RegexRegisteredService] - Leaving method [matches] with return value [false].
2014-04-28 13:57:50,644 TRACE [org.jasig.cas.services.DefaultServicesManagerImpl] - Leaving method [findServiceBy] with return value [null].
2014-04-28 13:57:50,644 TRACE [org.jasig.cas.services.web.ServiceThemeResolver] - Leaving method [resolveThemeName] with return value [cas-theme-default].
2014-04-28 13:57:50,645 TRACE [org.jasig.cas.aspect.LogAspect] - Entering method [getVersion with arguments []
2014-04-28 13:57:50,645 TRACE [org.jasig.cas.aspect.LogAspect] - Leaving method [getVersion] with return value [3.5.2].
2014-04-28 13:57:50,645 TRACE [org.jasig.cas.web.flow.TerminateWebSessionListener] - Entering method [sessionEnded with arguments [[[RequestControlContextImpl@1b38657e externalContext = org.springframework.webflow.mvc.servlet.MvcExternalContext@138f4128, currentEvent = [null], requestScope = map[[empty]], attributes = map[[empty]], messageContext = [DefaultMessageContext@21feb320 sourceMessages = map[[null] -> list[[empty]]]], flowExecution = [Ended execution of 'login']], [FlowSessionImpl@76949cfe flow = 'login', state = 'viewServiceErrorView', scope = map['warnCookieValue' -> false, 'ticketGrantingTicketId' -> [null]]], viewServiceErrorView, map[[empty]]]]
2014-04-28 13:57:50,645 TRACE [org.jasig.cas.web.flow.TerminateWebSessionListener] - Entering method [sessionEnded with arguments [[[RequestControlContextImpl@1b38657e externalContext = org.springframework.webflow.mvc.servlet.MvcExternalContext@138f4128, currentEvent = [null], requestScope = map[[empty]], attributes = map[[empty]], messageContext = [DefaultMessageContext@21feb320 sourceMessages = map[[null] -> list[[empty]]]], flowExecution = [Ended execution of 'login']], [FlowSessionImpl@76949cfe flow = 'login', state = 'viewServiceErrorView', scope = map['warnCookieValue' -> false, 'ticketGrantingTicketId' -> [null]]], viewServiceErrorView, map[[empty]]]]
2014-04-28 13:57:50,645 TRACE [org.jasig.cas.aspect.LogAspect] - Entering method [getHttpServletRequest with arguments [[[RequestControlContextImpl@1b38657e externalContext = org.springframework.webflow.mvc.servlet.MvcExternalContext@138f4128, currentEvent = [null], requestScope = map[[empty]], attributes = map[[empty]], messageContext = [DefaultMessageContext@21feb320 sourceMessages = map[[null] -> list[[empty]]]], flowExecution = [Ended execution of 'login']]]]
2014-04-28 13:57:50,646 TRACE [org.jasig.cas.aspect.LogAspect] - Leaving method [getHttpServletRequest] with return value [org.apache.catalina.connector.RequestFacade@644ba31d].
2014-04-28 13:57:50,646 DEBUG [org.jasig.cas.web.flow.TerminateWebSessionListener] - Terminate web session 441AFFE826C1F07545BB287AE816AE9D in 2 seconds
2014-04-28 13:57:50,646 DEBUG [org.jasig.cas.web.flow.TerminateWebSessionListener] - Terminate web session 441AFFE826C1F07545BB287AE816AE9D in 2 seconds
2014-04-28 13:57:50,646 TRACE [org.jasig.cas.web.flow.TerminateWebSessionListener] - Leaving method [sessionEnded] with return value [null].
2014-04-28 13:57:50,646 TRACE [org.jasig.cas.web.flow.TerminateWebSessionListener] - Leaving method [sessionEnded] with return value [null].
2014-04-28 13:57:50,646 TRACE [org.jasig.cas.web.init.SafeDispatcherServlet] - Leaving method [service] with return value [null].
Can anyone point me in the right direction for what is mis-configured and preventing the service from being retrieved? I don't expect this is a service trust issue, it seems to me the service is not being passed as expected.
I have also tried explicitly passing the service as a query string at the end of the URL via:
https://<HOSTNAME>/casshib/shib/app1/login?service=https%3a%2f%2f<HOSTNAME>%2fcasshib%2fapp1
I seem to get a bit further in this case. I can see the following in the logs:
Leaving method [getService] with return value [https://<HOSTNAME>/casshib/app1/]
Generated login ticket LT-4-<SOME_TICKET>
Attribute map for <USERNAME>@<MY_DOMAIN>: {Shib-AuthnContext-Class=urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified, Shib-Session-Index=<SHIB_SESSION>, unscoped-affiliation=<MY_UNSCOPED_AFFILIATIONS>, eppn=<MY_EPPN>, Shib-Session-ID=<MY_SESSION>, Shib-Authentication-Method=urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified, Shib-Application-ID=app1, Shib-Authentication-Instant=<MY_AUTH_TIME_Z>, affiliation=<MY_SCOPED_AFFILIATIONS>, Shib-Identity-Provider=<MY_ENTITY_ID_IDP>}
CAS SHOWS THE FOLLOWING ACTIONS:
ACTION: AUTHENTICATION_SUCCESS
ACTION: TICKET_GRANTING_TICKET_CREATED
ACTION: SERVICE_TICKET_CREATED
2014-04-28 14:03:24,035 TRACE [org.jasig.cas.aspect.LogAspect] - Entering method [putServiceTicketInRequestScope with arguments [[[RequestControlContextImpl@7c4e52e1 externalContext = org.springframework.webflow.mvc.servlet.MvcExternalContext@7a237188, currentEvent = success, requestScope = map['ticketGrantingTicketId' -> 'TGT-4-BfjOxxNA9M3wBwXCfrNtHQfDGF4DKIJmWbXZRcDSqVU1qfLChU-cas01.example.org'], attributes = map[[empty]], messageContext = [DefaultMessageContext@2cf2d65d sourceMessages = map[[null] -> list[[empty]]]], flowExecution = [FlowExecutionImpl@7ad78ab8 flow = 'login', flowSessions = list[[FlowSessionImpl@5cd47509 flow = 'login', state = 'generateServiceTicket', scope = map['loginTicket' -> 'LT-4-BdyOw4mylitb7DdTtoLP31sbYYPjKB', 'service' -> https://<HOSTNAME>/casshib/app1/, 'warnCookieValue' -> false, 'ticketGrantingTicketId' -> [null]]]]]], ST-5-DOHYPnChEkq5RkyzHanL-cas01.example.org]]
2014-04-28 14:03:24,035 TRACE [org.jasig.cas.aspect.LogAspect] - Leaving method [putServiceTicketInRequestScope] with return value [null].
2014-04-28 14:03:24,036 TRACE [org.jasig.cas.aspect.LogAspect] - Entering method [getRedirectResponse with arguments [[https:/<HOSTNAME>/casshib/app1/, {ticket=ST-5-DOHYPnChEkq5RkyzHanL-cas01.example.org}]]
2014-04-28 14:03:24,036 TRACE [org.jasig.cas.aspect.LogAspect] - Leaving method [getRedirectResponse] with return value [org.jasig.cas.authentication.principal.Response@4067eeca].
2014-04-28 14:03:24,036 TRACE [org.jasig.cas.authentication.principal.Response] - Entering method [getResponseType with arguments []
2014-04-28 14:03:24,036 TRACE [org.jasig.cas.authentication.principal.Response] - Leaving method [getResponseType] with return value [REDIRECT].
2014-04-28 14:03:24,037 TRACE [org.jasig.cas.authentication.principal.Response] - Entering method [getUrl with arguments []
2014-04-28 14:03:24,037 TRACE [org.jasig.cas.authentication.principal.Response] - Leaving method [getUrl] with return value [https://<HOSTNAME>/casshib/app1/?ticket=ST-5-DOHYPnChEkq5RkyzHanL-cas01.example.org].
2014-04-28 14:03:24,037 TRACE [org.jasig.cas.web.flow.TerminateWebSessionListener] - Entering method [sessionEnded with arguments [[[RequestControlContextImpl@7c4e52e1 externalContext = org.springframework.webflow.mvc.servlet.MvcExternalContext@7a237188, currentEvent = success, requestScope = map['response' -> org.jasig.cas.authentication.principal.Response@4067eeca, 'serviceTicketId' -> 'ST-5-DOHYPnChEkq5RkyzHanL-cas01.example.org', 'ticketGrantingTicketId' -> 'TGT-4-BfjOxxNA9M3wBwXCfrNtHQfDGF4DKIJmWbXZRcDSqVU1qfLChU-cas01.example.org'], attributes = map[[empty]], messageContext = [DefaultMessageContext@2cf2d65d sourceMessages = map[[null] -> list[[empty]]]], flowExecution = [Ended execution of 'login']], [FlowSessionImpl@5cd47509 flow = 'login', state = 'redirectView', scope = map['loginTicket' -> 'LT-4-BdyOw4mylitb7DdTtoLP31sbYYPjKB', 'service' -> https://<HOSTNAME>/casshib/app1/, 'warnCookieValue' -> false, 'ticketGrantingTicketId' -> [null]]], redirectView, map[[empty]]]]
2014-04-28 14:03:24,037 TRACE [org.jasig.cas.web.flow.TerminateWebSessionListener] - Entering method [sessionEnded with arguments [[[RequestControlContextImpl@7c4e52e1 externalContext = org.springframework.webflow.mvc.servlet.MvcExternalContext@7a237188, currentEvent = success, requestScope = map['response' -> org.jasig.cas.authentication.principal.Response@4067eeca, 'serviceTicketId' -> 'ST-5-DOHYPnChEkq5RkyzHanL-cas01.example.org', 'ticketGrantingTicketId' -> 'TGT-4-BfjOxxNA9M3wBwXCfrNtHQfDGF4DKIJmWbXZRcDSqVU1qfLChU-cas01.example.org'], attributes = map[[empty]], messageContext = [DefaultMessageContext@2cf2d65d sourceMessages = map[[null] -> list[[empty]]]], flowExecution = [Ended execution of 'login']], [FlowSessionImpl@5cd47509 flow = 'login', state = 'redirectView', scope = map['loginTicket' -> 'LT-4-BdyOw4mylitb7DdTtoLP31sbYYPjKB', 'service' -> https://<HOSTNAME>/casshib/app1/, 'warnCookieValue' -> false, 'ticketGrantingTicketId' -> [null]]], redirectView, map[[empty]]]]
2014-04-28 14:03:24,037 TRACE [org.jasig.cas.aspect.LogAspect] - Entering method [getHttpServletRequest with arguments [[[RequestControlContextImpl@7c4e52e1 externalContext = org.springframework.webflow.mvc.servlet.MvcExternalContext@7a237188, currentEvent = success, requestScope = map['response' -> org.jasig.cas.authentication.principal.Response@4067eeca, 'serviceTicketId' -> 'ST-5-DOHYPnChEkq5RkyzHanL-cas01.example.org', 'ticketGrantingTicketId' -> 'TGT-4-BfjOxxNA9M3wBwXCfrNtHQfDGF4DKIJmWbXZRcDSqVU1qfLChU-cas01.example.org'], attributes = map[[empty]], messageContext = [DefaultMessageContext@2cf2d65d sourceMessages = map[[null] -> list[[empty]]]], flowExecution = [Ended execution of 'login']]]]
2014-04-28 14:03:24,038 TRACE [org.jasig.cas.aspect.LogAspect] - Leaving method [getHttpServletRequest] with return value [org.apache.catalina.connector.RequestFacade@56590bf4].
2014-04-28 14:03:24,038 TRACE [org.jasig.cas.web.flow.TerminateWebSessionListener] - Leaving method [sessionEnded] with return value [null].
2014-04-28 14:03:24,038 TRACE [org.jasig.cas.web.flow.TerminateWebSessionListener] - Leaving method [sessionEnded] with return value [null].
2014-04-28 14:03:24,038 TRACE [org.jasig.cas.web.flow.TerminateWebSessionListener] - Entering method [sessionStarted with arguments [[[RequestControlContextImpl@7c4e52e1 externalContext = org.springframework.webflow.mvc.servlet.MvcExternalContext@7a237188, currentEvent = success, requestScope = map['response' -> org.jasig.cas.authentication.principal.Response@4067eeca, 'serviceTicketId' -> 'ST-5-DOHYPnChEkq5RkyzHanL-cas01.example.org', 'ticketGrantingTicketId' -> 'TGT-4-BfjOxxNA9M3wBwXCfrNtHQfDGF4DKIJmWbXZRcDSqVU1qfLChU-cas01.example.org'], attributes = map[[empty]], messageContext = [DefaultMessageContext@2cf2d65d sourceMessages = map[[null] -> list[[empty]]]], flowExecution = [Ended execution of 'login']], [FlowSessionImpl@5cd47509 flow = 'login', state = 'redirectView', scope = map['loginTicket' -> 'LT-4-BdyOw4mylitb7DdTtoLP31sbYYPjKB', 'service' -> https://<HOSTNAME>/casshib/app1/, 'warnCookieValue' -> false, 'ticketGrantingTicketId' -> [null]]]]]
2014-04-28 14:03:24,038 TRACE [org.jasig.cas.web.flow.TerminateWebSessionListener] - Entering method [sessionStarted with arguments [[[RequestControlContextImpl@7c4e52e1 externalContext = org.springframework.webflow.mvc.servlet.MvcExternalContext@7a237188, currentEvent = success, requestScope = map['response' -> org.jasig.cas.authentication.principal.Response@4067eeca, 'serviceTicketId' -> 'ST-5-DOHYPnChEkq5RkyzHanL-cas01.example.org', 'ticketGrantingTicketId' -> 'TGT-4-BfjOxxNA9M3wBwXCfrNtHQfDGF4DKIJmWbXZRcDSqVU1qfLChU-cas01.example.org'], attributes = map[[empty]], messageContext = [DefaultMessageContext@2cf2d65d sourceMessages = map[[null] -> list[[empty]]]], flowExecution = [Ended execution of 'login']], [FlowSessionImpl@5cd47509 flow = 'login', state = 'redirectView', scope = map['loginTicket' -> 'LT-4-BdyOw4mylitb7DdTtoLP31sbYYPjKB', 'service' -> https://<HOSTNAME>/casshib/app1/, 'warnCookieValue' -> false, 'ticketGrantingTicketId' -> [null]]]]]
2014-04-28 14:03:24,038 TRACE [org.jasig.cas.aspect.LogAspect] - Entering method [getService with arguments [[[RequestControlContextImpl@7c4e52e1 externalContext = org.springframework.webflow.mvc.servlet.MvcExternalContext@7a237188, currentEvent = success, requestScope = map['response' -> org.jasig.cas.authentication.principal.Response@4067eeca, 'serviceTicketId' -> 'ST-5-DOHYPnChEkq5RkyzHanL-cas01.example.org', 'ticketGrantingTicketId' -> 'TGT-4-BfjOxxNA9M3wBwXCfrNtHQfDGF4DKIJmWbXZRcDSqVU1qfLChU-cas01.example.org'], attributes = map[[empty]], messageContext = [DefaultMessageContext@2cf2d65d sourceMessages = map[[null] -> list[[empty]]]], flowExecution = [Ended execution of 'login']]]]
2014-04-28 14:03:24,038 TRACE [org.jasig.cas.aspect.LogAspect] - Leaving method [getService] with return value [null].
2014-04-28 14:03:24,038 DEBUG [org.jasig.cas.web.flow.TerminateWebSessionListener] - Error getting service from flow state.
java.lang.IllegalStateException: No active FlowSession to access; this FlowExecution has ended
at org.springframework.webflow.engine.impl.FlowExecutionImpl.getActiveSession(FlowExecutionImpl.java:191)
at org.springframework.webflow.engine.impl.RequestControlContextImpl.getFlowScope(RequestControlContextImpl.java:134)
at org.jasig.cas.web.support.WebUtils.getService_aroundBody8(WebUtils.java:87)
at org.jasig.cas.web.support.WebUtils.getService_aroundBody9$advice(WebUtils.java:57)
at org.jasig.cas.web.support.WebUtils.getService(WebUtils.java:1)
at org.jasig.cas.web.flow.TerminateWebSessionListener.sessionStarted_aroundBody0(TerminateWebSessionListener.java:62)
at org.jasig.cas.web.flow.TerminateWebSessionListener.sessionStarted_aroundBody1$advice(TerminateWebSessionListener.java:57)
at org.jasig.cas.web.flow.TerminateWebSessionListener.sessionStarted(TerminateWebSessionListener.java:1)
at org.springframework.webflow.engine.impl.FlowExecutionListeners.fireSessionStarted(FlowExecutionListeners.java:126)
at org.springframework.webflow.engine.impl.FlowExecutionImpl.start(FlowExecutionImpl.java:367)
at org.springframework.webflow.engine.impl.FlowExecutionImpl.start(FlowExecutionImpl.java:225)
at org.springframework.webflow.executor.FlowExecutorImpl.launchExecution(FlowExecutorImpl.java:140)
at org.springframework.webflow.mvc.servlet.FlowHandlerAdapter.handle(FlowHandlerAdapter.java:193)
at org.springframework.webflow.mvc.servlet.FlowController.handleRequest(FlowController.java:174)
at org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter.handle(SimpleControllerHandlerAdapter.java:48)
at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:923)
at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:852)
at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:882)
at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:778)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:617)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
at org.jasig.cas.web.init.SafeDispatcherServlet.service_aroundBody2(SafeDispatcherServlet.java:128)
at org.jasig.cas.web.init.SafeDispatcherServlet.service_aroundBody3$advice(SafeDispatcherServlet.java:57)
at org.jasig.cas.web.init.SafeDispatcherServlet.service(SafeDispatcherServlet.java:1)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:88)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76)
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346)
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:259)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at com.github.inspektr.common.web.ClientInfoThreadLocalFilter.doFilter(ClientInfoThreadLocalFilter.java:63)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:298)
at org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:190)
at org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:291)
at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:769)
at org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:698)
at org.apache.jk.common.ChannelSocket$SocketConnection.runIt(ChannelSocket.java:891)
at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:690)
at java.lang.Thread.run(Thread.java:701)
Any help or pointers here would be appreciated. Thanks!
John
John Breen
Apr 28, 2014, 4:18:25 PM4/28/14
to cas...@googlegroups.com
I can add that I am getting valid tickets when I specify the service=<service id> as a query string. I can see the cookie in the URL bar as:
https://<HOSTNAME>/app1/?ticket=ST-5-<TICKETVALUE>-cas01.example.org
My browser only gets a TGT though.
Then if I check the validity of that ticket quickly via:
https://<HOSTNAME>/casshib/shib/96306/serviceValidate?service=https%3a%2f%2f<HOSTNAME>%2fapp1%2f&ticket=ST-5-<TICKETVALUE>-cas01.example.org
I see my shibboleth attributes and session information.
Krish Vr
Nov 9, 2015, 6:54:52 PM11/9/15
to casshib
John,
Did it work for you
I have done so far the below things.
My current environment :
I have CAS deployed with AD authentication.
Testing :
Deployed CASSHIB in my tomcat server.
Deployed apache in the front end with shibboleth SP. I also made my SP point to my external identity provider.
I have couple of questions here.
Where should the IDP post its assertion. What is the endpoint it has to hit. Does each application will have a separate end point? What are the attributes needs to be released by IDP. Is it just the username or something else? Does primary cas server has any connection to casshib?
Krish.
Reply all
Reply to author
Forward
0 new messages