Hi, folks,
We are having issue to migrate SP from an old CAS 3.5.2 to a new CAS 6.2.2
server.
In the old server 3.5.2, it was configured as:
<bean class="org.jasig.cas.services.RegexRegisteredService">
<property name="id" value="6"/>
<property name="name" value="Banner XE"/>
<property name="description" value="CAS Client for Banner XE
Services"/>
<property name="serviceId"
value="^https://ban.*.wccnet.edu(:443)?/.*"/>
<property name="allowedAttributes">
<list>
<value>UDC_IDENTIFIER</value>
</list>
</property>
<property name="evaluationOrder" value="1050"/>
</bean>
On the new server 6.2.2 we tried different ways (no luck on any one), now
it is:
{
"@class": "org.apereo.cas.services.RegexRegisteredService",
"serviceId": "https://banner-dev.wccnet.edu/balancer-manager";,
"name": "CASbanfrontdev",
"id": 1010,
"evaluationOrder": 20,
"usernameAttributeProvider" : {
"@class" :
"org.apereo.cas.services.DefaultRegisteredServiceUsernameProvider",
"usernameAttribute" : "username"
}
"attributeReleasePolicy" : {
"@class" :
"org.apereo.cas.services.ReturnAllowedAttributeReleasePolicy",
"allowedAttributes" : [ "java.util.ArrayList", ["username"]]
}
}
When connecting to the old server, we got in the SP httpd log (the SP needs
username):
207.73.128.2 - hpjozou [27/Jan/2021:17:23:08 -0500] "GET
/balancer-manager?ticket=ST-235770-aDCGnkjkNkZDuaZ11w
1f-login.wccnet.edu HTTP/1.1" 302 234
"https://login.wccnet.edu/cas/login?service=https%3a%2f%2fbanner-dev.wc
cnet.edu%2fbalancer-manager" "Mozilla/5.0 (Windows NT 10.0; Win64; x64;
rv:78.0) Gecko/20100101 Firefox/78.0"
"-" - 443 banner-dev.wccnet.edu 0 43528 98087m -,-
207.73.128.2 - hpjozou [27/Jan/2021:17:23:08 -0500] "GET /balancer-manager
HTTP/1.1" 200 980 "https://login.wc
cnet.edu/cas/login?service=https%3a%2f%2fbanner-dev.wccnet.edu%2fbalancer-manager"
"Mozilla/5.0 (Windows NT 1
0.0; Win64; x64; rv:78.0) Gecko/20100101 Firefox/78.0" "-" on 443
banner-dev.wccnet.edu 0 43528 877m -,-
On connecting to the new one, we got in the SP httpd log:
207.73.128.2 - - [27/Jan/2021:17:31:34 -0500] "GET /balancer-manager
HTTP/1.1" 302 280 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64)
AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36"
"-" - 443 banner-dev.wccnet.edu 0 43962 260m -,-
207.73.128.2 - - [27/Jan/2021:17:31:59 -0500] "GET
/balancer-manager?ticket=ST-1-mm7K5F-4Bu-nqhrLD-3DDcJiuws-cas2 HTTP/1.1"
401 381 "https://cas2.wccnet.edu/"; "Mozilla/5.0 (Windows NT 10.0; Win64;
x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141
Safari/537.36" "-" - 443 banner-dev.wccnet.edu 0 43962 93523m -,-
Then, we ended up to Unauthorized in the SP page after CAS authentication
going through the new CAS.
Our questions:
- How could we make sure the username was responded to the SP?
- How could we see the xml file responded in the new CAS 6.2.2 server for
CAS 2.0?
- How could we see the xml file responded in the SP httpd log?
Thank you very much for your help!
Joe
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/d7342927-4d68-410b-af27-51fb7ebd2c2fn%40apereo.org.
