Hi Everyone, I am currently trying to create a client application for my cas server using Apache2 on ubuntu 20.04 LTS.
But at this time I encountered an obstacle. After successfully logging in using sso cas. The following problems arise: // Unauthorized This server could not verify that you are authorized to access the document requested. Either you supplied the wrong credentials (e.g., bad password), or your browser doesn't understand how to supply the credentials required. Apache / 2.4.41 (Ubuntu) Server at cas.example.org Port 80 // Is there a cas configuration that I missed? Here is the configuration I have made on my server. I hope this helps make it easier to answer this question. Apache / 2.4.41 (Ubuntu) Server at cas.example.org Port 80 // Is there a cas configuration that I missed? Here is the configuration I have made on my server. I hope this helps make it easier to answer this question. ----------------------------------------------------------- Service Registry Files (/etc/cas/services/ApacheSecuredByCAS-1609235681.json) : { "@class" : "org.apereo.cas.services.RegexRegisteredService", "serviceId":"^http://cas.example.org/secured-by-cas", "name" : "Apache", "id" : 1609235681, "evaluationOrder" : 1, "authenticationPolicy" : { "@class" : "org.apereo.cas.services.DefaultRegisteredServiceAuthenticationPolicy", "requiredAuthenticationHandlers" : ["java.util.TreeSet", [ "Radius" ]] } } ------------------- cas.properties (/etc/cas/config) : cas.server.name=https://cas.example.org:8443 cas.server.prefix=${cas.server.name}/cas logging.config=file:/etc/cas/config/log4j2.xml cas.service-registry.json.location=file:/etc/cas/services cas.authn.accept.users= #cas.authn.accept.enabled= server.port = 8443 #cas.adminPagesSecurity.ip=127\.0\.0\.1 # SSL server.ssl.enabled=true server.ssl.keyStore=file:/etc/cas/thekeystore server.ssl.keyStorePassword=changeit server.ssl.keyPassword=changeit # AUTHENTICATION PROPERTIES #cas.authn.radius.server.nasIpAddress=192.168.1.2 #EAP_MSCHAPv2 cas.authn.radius.name=Radius cas.authn.radius.server.protocol=PAP cas.authn.radius.server.retries=1 cas.authn.radius.client.authenticationPort=1812 cas.authn.radius.client.sharedSecret=casserver cas.authn.radius.client.inetAddress=192.168.56.2 cas.authn.radius.client.accountingPort=1813 # TICKETING PROPERTIES # Enable the backing map to be cacheable cas.ticket.registry.in-memory.cache=true cas.ticket.registry.in-memory.load-factor=1 cas.ticket.registry.in-memory.concurrency=20 cas.ticket.registry.in-memory.initial-capacity=1000 --------------- Dependencies (build.gradle) : dependencies { // Other CAS dependencies/modules may be listed here... implementation "org.apereo.cas:cas-server-support-json-service-registry:${casServerVersion}" implementation "org.apereo.cas:cas-server-support-radius:${project.'cas.version'}" } --------- APACHE2 CONFIG (/etc/apache2) (I'm not using httpd) auth_cas.conf : <IfModule mod_auth_cas.c> CASLoginUrl https://localhost:8443/cas/login CASValidateUrl https://localhost:8443/cas/serviceValidate CASCookiePath /var/cache/apache2/mod_auth_cas/ CASSSOEnabled On CASDebug On logLevel Debug </IfModule> /etc/apache2/sites-enabled/000-default.conf : <VirtualHost *:80> # The ServerName directive sets the request scheme, hostname and port that # the server uses to identify itself. This is used when creating # redirection URLs. In the context of virtual hosts, the ServerName # specifies what hostname must appear in the request's Host: header to # match this virtual host. For the default virtual host (this file) this # value is not decisive as it is used as a last resort host regardless. # However, you must set it for any further virtual host explicitly. ServerName cas.example.org ServerAdmin webmaster@localhost DocumentRoot /var/www/html # Available loglevels: trace8, ..., trace1, debug, info, notice, warn, # error, crit, alert, emerg. # It is also possible to configure the loglevel for particular # modules, e.g. # LogLevel info ssl:warn ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined # For most configuration files from conf-available/, which are # enabled or disabled at a global level, it is possible to # include a line for only one particular virtual host. For example the # following line enables the CGI configuration for this host only # after it has been globally disabled with "a2disconf". #Include conf-available/serve-cgi-bin.conf <location /secured-by-cas> // I've been change to <Directory "/var/www/html/secured-by-cas"> but still same. <IfModule mod_auth_cas.c> AuthType CAS CASAuthNHeader On </IfModule> Require valid-user </location> </VirtualHost> # vim: syntax=apache ts=4 sw=4 sts=4 sr noet ------------------------------------ I hope you guys understand about this email, im not that good english guys. Than you, Irvan -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/ef1f5ad5-fe94-46bd-88b8-a6ef9f734d64n%40apereo.org.