Neha, There may be other settings that need to be modified when switching from SAML11 to CAS20. ST are being created but not validated. Your ASP.NET client is not configured correctly.
Ray On Tue, 2018-05-08 at 03:56 -0700, Neha Gupta wrote: Hello Andy, Thanks for reply. I was also wondering about the TARGET in the URL and i think its because of the ticketValidatorName="Saml11" mentioned in the web.config file of ASP.NET application and when i change the value of "ticketValidatorName" to Cas10 or Cas20 then it does not work at all.Also please find attached traces of the same. Hope this will help. Regards Neha Gupta On Tuesday, May 8, 2018 at 3:40:21 AM UTC+2, Andy Ng wrote: Hi Neha, Would like to know in which documentation do you know about the parameter TARGET in "https://idiv-dev1:8443/cas/login?TARGET=http%3a%2f%2flocalhost%3a60397%2f";, I didn't see this parameter in the official documentation. Maybe it is something related to ASP.NET<http://ASP.NET>? Anyway, the usual parameter for defining service in CAS is "service", that means your url should be "https://idiv-dev1:8443/cas/login?service=http%3a%2f%2flocalhost%3a60397%2f"; It is nice that you attached the debug log: - I can see that the service is register successfully based on "<Adding registered service [^(https|imaps|http)://.*]>", so your service registration is correct. Regarding the part related to ASP.NET<http://ASP.NET>, I have no idea so I would not comment on that. But i think since you can login success, the ASP.NET<http://ASP.NET> part should be fine as is. Cheers! - Andy On Monday, 7 May 2018 22:12:34 UTC+8, Neha Gupta wrote: Dear All, I am trying to integrate CAS with ASP.NET<http://ASP.NET> application. Everything is working fine but CAS is not able to redirect to the destination service and showing its own logged in page. Final URL is: - https://idiv-dev1:8443/cas/login?TARGET=http%3a%2f%2flocalhost%3a60397%2f where in TARGET my service URL is defined where i want CAS to redirect . Following configuration i have done in "web.config" file: - <casClientConfig casServerLoginUrl="https://idiv-dev1:8443/cas/login"; casServerUrlPrefix="https://idiv-dev1:8443/cas/"; serverName="http://localhost:60397/"; notAuthorizedUrl="~/NotAuthorized.aspx" redirectAfterValidation="true" renew="false" singleSignOut="true" ticketValidatorName="Saml11" serviceTicketManager="CacheServiceTicketManager" /> <authentication mode="Forms"> <forms name=".DotNetCasClientAuth" loginUrl="https://idiv-dev1:8443/cas/login"; cookieless="UseCookies" /> </authentication> Along with this configuration i have also mentioned in "FilterConfig.cs" below two lines: - filters.Add(new System.Web.Mvc.AuthorizeAttribute()); filters.Add(new RequireHttpsAttribute()); Please let me know where is the problem as i have no clue. PS: - I have registered the service with CAS and also below service is present which authorizes all services to pass through CAS: - { "@class" : "org.apereo.cas.services.RegexRegisteredService", "serviceId" : "^(https|imaps|http)://.*", "name" : "Apereo", "theme" : "apereo", "id" : 10000002, "description" : "Apereo foundation sample service", "evaluationOrder" : 1 "accessStrategy" : { "@class" : "org.apereo.cas.services.DefaultRegisteredServiceAccessStrategy", "enabled" : true, "ssoEnabled" : true } } Regards Neha Gupta -- Ray Bon Programmer analyst Development Services, University Systems 2507218831 | CLE 019 | r...@uvic.ca -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/1525797572.1797.17.camel%40uvic.ca.
