Many thanks.
I have got the CAS system talking to IDM now and getting as far as the
IDM login screen, but getting a general error saying user doesn't exist
in CAS resource. It appears there could be a mismatch somewhere between
my users credentials in IDM and the CAS server resource, which is using
Active Directory.
A few comments to make on getting this far I had to make the following
changes:
1. I was using the latest CAS client version 3 jar. However this
doesn't work as the paths to the classes have changed, so it only works
with version 2 at present.
2. My server has a port number assigned so that was needed in the
server name in the web.xml
3. As pointed out the location back to IDM in web.xml needs to be
set to /*
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Shivani Chandna
Sent: 29 November 2008 04:05
To: Mailing list for CAS developers
Subject: Re: [cas-dev] CASifying Sun Identity Manager Help Needed
You need to give url pattern in web.xml as follows:
<url-pattern>/*</url-pattern>
instead of
<url-pattern>http:// my-IDM-Server:8081/idm/user/login.jsp</url-pattern>
Regards,
Shivani
On Fri, Nov 28, 2008 at 5:24 PM, Michael A Jones <[EMAIL PROTECTED]>
wrote:
Hi there,
I am trying to setup SSO to Sun Identity Manager 8.0 through CAS using
instructions posted in the CAS Wiki by the University of California
merced. I successfully got IDM to recognise the custom compiled java
class to create a new CAS resource and associated this with my IDM
users. Then associated this with a new login group, which is set to be
used in place of the default user login.
I then made the various changes needed in the IDM web.xml and
userLogout.jsp and restarted my tomcat webserver. I then began the
process of testing and below is the URL I use to login to CAS:
https://mycas-server/cas/login?service=http://my-IDM-Server:8081/idm/use
r/login.jsp
I login with one of my casified IDM users and a ticket is generated ok,
but then when the system redirects back to the IDM CASified login page
I am getting an HTTP 404 not found page error in my browser, being
generated by my IDM web server. I think the problem is something to do
with the IDM web.xml entry, as in my webserver catalina logs it is
reporting an error with parsing my IDM web.xml as follows:
Invalid <url-pattern> http:// my-IDM-Server:8081/idm/user/login.jsp in
filter mapping
Below is the xml code for my IDM web.xml:
<filter>
<filter-name>CAS Filter</filter-name>
<filter-class>edu.yale.its.tp.cas.client.filter.CASFilter</filter-class>
<init-param>
<param-name>edu.yale.its.tp.cas.client.filter.loginUrl</param-name>
<param-value>https://mycas-server/cas/login</param-value>
</init-param>
<init-param>
<param-name>edu.yale.its.tp.cas.client.filter.validateUrl</param-name>
<param-value>https:// mycas-server
/cas/serviceValidate</param-value>
</init-param>
<init-param>
<param-name>edu.yale.its.tp.cas.client.filter.serverName</param-name>
<param-value> my-IDM-Server </param-value>
</init-param>
<!-- wrap request such that getRemoteUser() returns username -->
<init-param>
<param-name>edu.yale.its.tp.cas.client.filter.wrapRequest</param-name>
<param-value>true</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CAS Filter</filter-name>
<url-pattern>http://
my-IDM-Server:8081/idm/user/login.jsp</url-pattern>
</filter-mapping>
Could anyone who has managed to get this working or the authors of this
method give some advice.
Regards
Mike Jones
Identity Management Systems Administrator
e-sig
University of Hull
************************************************************************
*****************
To view the terms under which this email is distributed, please go to
http://www.hull.ac.uk/legal/email_disclaimer.html
************************************************************************
*****************
_______________________________________________
cas-dev mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas-dev
*****************************************************************************************
To view the terms under which this email is distributed, please go to
http://www.hull.ac.uk/legal/email_disclaimer.html
*****************************************************************************************
_______________________________________________
cas-dev mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas-dev
