Hello David,
The CAS Dashboard and the CAS Management are running on the same host.
The DNS is pointing on the CAS server :
C:\Users\Samuel.GARCON>nslookup ssp.emd-management.fr
Server: w-app-1.emd-management.fr
Address: 172.16.17.3
Name: ssp.emd-management.fr
Address: 192.168.200.11
root@L-APP-2:/etc/cas/config# ifconfig
ens192: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.200.11 netmask 255.255.255.0 broadcast
192.168.200.255
inet6 fe80::250:56ff:fe95:689b prefixlen 64 scopeid 0x20<link>
ether 00:50:56:95:68:9b txqueuelen 1000 (Ethernet)
RX packets 151921 bytes 27672266 (26.3 MiB)
RX errors 0 dropped 19 overruns 0 frame 0
TX packets 134584 bytes 171085379 (163.1 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
Thanks,
Sam
Le vendredi 30 août 2019 13:38:31 UTC+2, David Curry a écrit :
>
> Are the CAS dashboard and CAS management server running on the same host?
> Is your DNS doing the wrong thing and you're connecting to localhost
> (127.0.0.1) instead of the interface where Tomcat is listening?
>
> I would turn on some logging or tracing and verify that the IP/port your
> client is connecting to is the same one where the server is listening.
>
> --
>
> DAVID A. CURRY, CISSP
> *DIRECTOR • INFORMATION SECURITY & PRIVACY*
> THE NEW SCHOOL • INFORMATION TECHNOLOGY
>
> 71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003
> +1 646 909-4728 • david...@newschool.edu <javascript:>
>
>
> On Fri, Aug 30, 2019 at 7:30 AM Samuel GARÇON <samuel....@gmail.com
> <javascript:>> wrote:
>
>> Hi Matthew,
>>
>> SSL cert used is valid util 21-Oct-20.
>> There is a firewall between the server and the client, but nothing is
>> blocked, and some services (CAS/SAML) are working.
>>
>> When i'm testing from the cas dashboard or from the cas-management web
>> aps the connection is refused.
>> But if i'm testing from a wordpress using cas, it's working
>>
>> - G Suite (SAML via SAML SP Integration) OK
>> - WordPress Auth (CAS) OK
>> - SalesForce (SAML via SAML SP Integration) NOK
>> - CAS Admin Dashboard (CAS) NOK
>> - CAS Management Web (CAS) NOK
>>
>> I'm using CAS 5.3.11.
>>
>> Thanks for your help,
>>
>> Sam
>>
>> Le vendredi 30 août 2019 12:46:31 UTC+2, Matthew Uribe a écrit :
>>>
>>> Just my initial thoughts: is there an expired SSL cert or a closed port
>>> in a firewall? The connection refused seems to indicate something possibly
>>> along those lines.
>>>
>>> On Fri, Aug 30, 2019, 3:23 AM Samuel GARÇON <samuel....@gmail.com>
>>> wrote:
>>>
>>>> Hi,
>>>>
>>>> I'm sorry to post again, but i really need some help.
>>>>
>>>> Thanks,
>>>>
>>>> Sam
>>>>
>>>> Le jeudi 29 août 2019 18:11:25 UTC+2, Samuel GARÇON a écrit :
>>>>>
>>>>> Hi,
>>>>>
>>>>> After somme extensive debug, some services are working :
>>>>>
>>>>> - G Suite (SAML via SAML SP Integration) OK
>>>>> - WordPress Auth (CAS) OK
>>>>> - SalesForce (SAML via SAML SP Integration) NOK
>>>>> - CAS Admin Dashboard (CAS) NOK
>>>>>
>>>>> The problem seems to be located on the service validate side :
>>>>>
>>>>> 2019-08-29 18:08:50,183 ERROR [org.jasig.cas.client.util.CommonUtils]
>>>>> - <Error getting response from host: [ssp.emd-management.fr
>>>>> <https://urldefense.proofpoint.com/v2/url?u=http-3A__ssp.emd-2Dmanagement.fr&d=DwMFaQ&c=spdyCQlbcMzVK9-MvWb-WQ&r=auWoa16BPqAWqsx-0-lnCDVAVu-ZWi_vyIfKhfMtR_E&m=YZINWTVJE30_D-3MuipKkxIVSwlepv1keWK7XfgkfvU&s=g87YygvNpseLKNH9RZs5u6goZegMUTtixPJ5R3X9AHU&e=>]
>>>>>
>>>>> with path: [/cas/p3/serviceValidate] and protocol: [https] Error Message:
>>>>> Connection refused (Connection refused)>
>>>>>
>>>>>
>>>>> Thanks for your help.
>>>>>
>>>>> Sam
>>>>>
>>>>>
>>>>> Le jeudi 29 août 2019 14:11:02 UTC+2, Samuel GARÇON a écrit :
>>>>>>
>>>>>> This issue is very problematic for me.
>>>>>>
>>>>>> So please find below more informations about my configuration
>>>>>>
>>>>>> - Directory used : AD
>>>>>> - No logon_hour are configured
>>>>>>
>>>>>> Thanks for your help :)
>>>>>>
>>>>>> Sam
>>>>>>
>>>>>> Le jeudi 29 août 2019 09:51:21 UTC+2, Samuel GARÇON a écrit :
>>>>>>>
>>>>>>> Hi,
>>>>>>>
>>>>>>> After rebooting my cas server, i can't accessing services.
>>>>>>>
>>>>>>> Authentification seems to be OK, but ticket granting seems to fail :
>>>>>>>
>>>>>>> Error: java.net.ConnectException: Connection refused (Connection
>>>>>>> refused)
>>>>>>>
>>>>>>>
>>>>>>> Your account is forbidden to login at this thime ( web broswer
>>>>>>> header)
>>>>>>>
>>>>>>> Any ideas ?
>>>>>>>
>>>>>>> Thanks,
>>>>>>>
>>>>>> --
>>>> - Website: https://apereo.github.io/cas
>>>> <https://urldefense.proofpoint.com/v2/url?u=https-3A__apereo.github.io_cas&d=DwMFaQ&c=spdyCQlbcMzVK9-MvWb-WQ&r=auWoa16BPqAWqsx-0-lnCDVAVu-ZWi_vyIfKhfMtR_E&m=YZINWTVJE30_D-3MuipKkxIVSwlepv1keWK7XfgkfvU&s=zE3Ct49Q_3MrYuBuXNvaPWBo4AoGjmJkgjBGdRE7VQE&e=>
>>>> - Gitter Chatroom: https://gitter.im/apereo/cas
>>>> <https://urldefense.proofpoint.com/v2/url?u=https-3A__gitter.im_apereo_cas&d=DwMFaQ&c=spdyCQlbcMzVK9-MvWb-WQ&r=auWoa16BPqAWqsx-0-lnCDVAVu-ZWi_vyIfKhfMtR_E&m=YZINWTVJE30_D-3MuipKkxIVSwlepv1keWK7XfgkfvU&s=2Pek80yDCBI9EL8eq-9CUtIXLMTUKaATUIzkNSJ4OC4&e=>
>>>> - List Guidelines: https://goo.gl/1VRrw7
>>>> <https://urldefense.proofpoint.com/v2/url?u=https-3A__goo.gl_1VRrw7&d=DwMFaQ&c=spdyCQlbcMzVK9-MvWb-WQ&r=auWoa16BPqAWqsx-0-lnCDVAVu-ZWi_vyIfKhfMtR_E&m=YZINWTVJE30_D-3MuipKkxIVSwlepv1keWK7XfgkfvU&s=9PZDmIVK7jFBzUB93HKB6SfKi8DFTvV5ngu7rISGhYo&e=>
>>>> - Contributions: https://goo.gl/mh7qDG
>>>> <https://urldefense.proofpoint.com/v2/url?u=https-3A__goo.gl_mh7qDG&d=DwMFaQ&c=spdyCQlbcMzVK9-MvWb-WQ&r=auWoa16BPqAWqsx-0-lnCDVAVu-ZWi_vyIfKhfMtR_E&m=YZINWTVJE30_D-3MuipKkxIVSwlepv1keWK7XfgkfvU&s=c-hY__4t0Ioj2qGJlCYhStVWBV4oIIOnHTJsVW_zj3M&e=>
>>>> ---
>>>> You received this message because you are subscribed to the Google
>>>> Groups "CAS Community" group.
>>>> To unsubscribe from this group and stop receiving emails from it, send
>>>> an email to cas-...@apereo.org.
>>>> To view this discussion on the web visit
>>>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/0a8ace89-f67f-4e25-ae99-955909bed2a9%40apereo.org
>>>>
>>>> <https://urldefense.proofpoint.com/v2/url?u=https-3A__groups.google.com_a_apereo.org_d_msgid_cas-2Duser_0a8ace89-2Df67f-2D4e25-2Dae99-2D955909bed2a9-2540apereo.org-3Futm-5Fmedium-3Demail-26utm-5Fsource-3Dfooter&d=DwMFaQ&c=spdyCQlbcMzVK9-MvWb-WQ&r=auWoa16BPqAWqsx-0-lnCDVAVu-ZWi_vyIfKhfMtR_E&m=YZINWTVJE30_D-3MuipKkxIVSwlepv1keWK7XfgkfvU&s=l0gUyxc5Mbaaks948YqCTjihR8gI5hiB12iGowqeAFQ&e=>
>>>> .
>>>>
>>> --
>> - Website: https://apereo.github.io/cas
>> - Gitter Chatroom: https://gitter.im/apereo/cas
>> - List Guidelines: https://goo.gl/1VRrw7
>> - Contributions: https://goo.gl/mh7qDG
>> ---
>> You received this message because you are subscribed to the Google Groups
>> "CAS Community" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to cas-...@apereo.org <javascript:>.
>> To view this discussion on the web visit
>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/6abb7c4f-bf14-4588-b99c-3fca2637a3bc%40apereo.org
>>
>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/6abb7c4f-bf14-4588-b99c-3fca2637a3bc%40apereo.org?utm_medium=email&utm_source=footer>
>> .
>>
>
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/70d8a3d9-301b-44fe-acb0-b0a96f850231%40apereo.org.
