Erik, Our Banner setup uses SAML 1.1. During the log in request it is /cas/login?TARGET=blah/banner/applicationnavigator 'service' is used for CAS protocol. Check your banner setup.
Ray On Thu, 2020-07-16 at 21:07 +0000, 'Mallory, Erik' via CAS Community wrote: Hello I think I've narrowed the problem and I *think* it's on the application side... but... is there any way to control the source parameter that we see below in the logs. If I could configure cas to always send source=TARGET I think this configuration would work for the banner apps. Log from inital login which produces "Invalid login/access denied" <Built response [org.apereo.cas.authentication.principal.DefaultResponse@323ac4df] for [AbstractWebApplicationService(id= <https://banxe-appdev.wichita.edu/applicationNavigator/j_spring_cas_security_check> https://banxe-appdev.wichita.edu/applicationNavigator/j_spring_cas_security_check , originalUrl= <https://banxe-appdev.wichita.edu/applicationNavigator/j_spring_cas_security_check> https://banxe-appdev.wichita.edu/applicationNavigator/j_spring_cas_security_check , artifactId=null, principal=f282c439, source=service, loggedOutAlready=false, format=XML, attributes={})]> ^^ Invalid login access denied. Log from the an established CAS/ADFS session gaining access to the application <Located service [AbstractWebApplicationService(id= <https://banxe-appdev.wichita.edu/applicationNavigator/j_spring_cas_security_check> https://banxe-appdev.wichita.edu/applicationNavigator/j_spring_cas_security_check , originalUrl= <https://banxe-appdev.wichita.edu/applicationNavigator/j_spring_cas_security_check> https://banxe-appdev.wichita.edu/applicationNavigator/j_spring_cas_security_check , artifactId=null, principal=f282c439, source=TARGET, loggedOutAlready=false, format=XML, attributes={})] from the context> ^^ works In the applications there is a groovy file with a parameter serviceParameter = 'TARGET' I tried changing it to 'service' but had no luck. -- Erik Mallory Server Analyst Wichita State University -- Ray Bon Programmer Analyst Development Services, University Systems 2507218831 | CLE 019 | r...@uvic.ca<mailto:r...@uvic.ca> I respectfully acknowledge that my place of work is located within the ancestral, traditional and unceded territory of the Songhees, Esquimalt and WSÁNEĆ Nations. -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/59e99d2ecf12319202385331d62deab86ef0f49d.camel%40uvic.ca.
