On Tue, Mar 30, 2010 at 2:22 PM, Francisco Estanqueiro <fwestanque...@fc.ul.pt> wrote: > I've installed the web app > http://www.ja-sig.org/wiki/display/CASC/JA-SIG+Java+Client+Simple+WebApp+Sample, > and verified that the PT's are being issued correctly. > > I've the ClearPass extension working. > > I've a virtual directory named coa in the Default Web Site tree (the same as > owa), in the DefaultAppPool. > > I've web.config changed to this: (only changed <appSettings> and > <casClientConfig>) > <appSettings> > <add key="CasOwa.ClearPassUrl" > value="https://winserver.xtanki.local:8443/cas/clearPass"/> > <add key="CasOwa.OwaUrl" value="https://winserver.xtanki.local/owa"/> > <add key="CasOwa.skipOwaUrlCertificateValidation" value="false" /> > </appSettings> > > <connectionStrings /> > > <casClientConfig > casServerLoginUrl="https://winserver.xtanki.local:8443/cas/login"; > serverName="https://winserver.xtanki.local:8443"; > secureUriRegex="(?i)/auth" > > casServerUrlPrefix="https://winserver.xtanki.local:8443/cas"; > redirectAfterValidation="false" > useSession="false" > gateway="false" > renew="false" > ticketValidatorName="Cas20" > ticketTimeTolerance="5000" > singleSignOut="false" > proxyGrantingTicketReceptor="true" > > proxyCallbackUrl="https://winserver.xtanki.local/coa/proxyCallback"; > proxyReceptorUrl="/coa/proxyCallback" /> > > > So, now what I'm suppose to see in the link > https://winserver.xtanki.local/coa/.
The Default.aspx page, which currently just contains the string 'coa'. It could be contain link to the /coa/auth which should redirect you to CAS if you are not yet authenticated, and then to the OWA via the CasOwa.OwaUrl config above. > > Verified also that https://winserver.xtanki.local/coa/auth or > https://winserver.xtanki.local/coa/proxyCallback gives me a 404 IIS error. You're almost there...you need the Http Handler Mappings configured for the coa directory. Http Handler Mappings CasOwa requires two HandlerMapping configurations, one for CasOwaAuthHandler and one for the DotNetCasProxyCallback. CasOwaAuthHandler Mapping Request path: auth Type: CasOwa.CasOwaAuthHandler Name: CasOwaAuthHandler DotNetCasProxyCallback Mapping Request path: proxyCallback Type: CasOwa.CasOwaAuthHandler Name: DotNetCasProxyCallback Bill > > Francisco > > > ________________________________________ > De: William G. Thompson, Jr. [wgt...@gmail.com] > Enviado: terça-feira, 30 de Março de 2010 19:06 > Para: Francisco Estanqueiro > Cc: cas-user@lists.jasig.org > Assunto: Re: CasOwa - help please > > On Tue, Mar 30, 2010 at 1:49 PM, Francisco Estanqueiro > <fwestanque...@fc.ul.pt> wrote: >> But the handlers arent automaticly configured by having them in the >> web.config on COA Virtual Directory? Or I have to add another handler >> somewhere? I'm not understanding how this works.. how the redirection from >> owa to coa works? The only thing I've done is create a coa virtual directory >> and changed the web.config url's. > > There aren't any step-by-step instructions available for your > configuration. You'll need to understand well how to configure http > modules and handlers in IIS6, I would start there. You'll also need > to understand SSL certs and how to configure them for IIS and Java. > > The current CasOwa distribution doesn't provide any redirection from > owa to coa. Users can authenticated by going directly to the coa Url. > > Cheers, > Bill > >> >> Cumprimentos, >> -------------------------------- >> Francisco Estanqueiro (https://www.ci.fc.ul.pt/rh/fwestanqueiro) >> Suporte | Centro Informática | FCUL >> E-mail: supo...@fc.ul.pt | Ext: 21248 | Tel: 21 750 00 67 >> -------------------------------- >> Por favor consulte sempre http://www.ci.fc.ul.pt antes de recorrer ao nosso >> Suporte a Utilizadores >> ________________________________________ >> De: William G. Thompson, Jr. [wgt...@gmail.com] >> Enviado: terça-feira, 30 de Março de 2010 18:44 >> Para: Francisco Estanqueiro >> Cc: cas-user@lists.jasig.org >> Assunto: Re: CasOwa - help please >> >> On Tue, Mar 30, 2010 at 1:36 PM, Francisco Estanqueiro >> <fwestanque...@fc.ul.pt> wrote: >>>> >>>> 5) Whats the managed pipeline mode and How do I set it to Integrated? >>>> >>> >>> Managed Pipeline mode is a new unified request processing pipeline >>> that is exposed to both native and managed components in IIS7. Is is >>> not available on IIS6. >>> http://learn.iis.net/page.aspx/244/how-to-take-advantage-of-the-iis7-integrated-pipeline/ >>> >>> >>> This means I cant use casowa with windows server 2003? (since there's no >>> IIS7 for ws2003) >> >> No. It should work with IIS6 just find. Configuration of the Modules >> and Handlers is a little different though. This might help: >> http://arcware.net/use-a-single-web-config-for-iis6-and-iis7/ >> >> Bill >> >>> >>> Francisco >>> >>> William G. Thompson, Jr. wrote: >>>> >>>> On Mon, Mar 29, 2010 at 10:32 PM, Francisco Estanqueiro >>>> <fwestanque...@fc.ul.pt> wrote: >>>> >>>>> >>>>> Hi, >>>>> >>>> >>>> Hi, Francisco. I'll respond inline below... >>>> >>>> >>>> >>>>> >>>>> I'm trying to figure out a way to casify Outlook Web Access and I found >>>>> out >>>>> about this CasOwa. >>>>> >>>>> I read this thread (the few information there is about casowa), >>>>> http://www.mail-archive.com/cas-user@lists.jasig.org/msg03914.html, but >>>>> since I'm really a noob in the IIS bussiness so I have some questions. >>>>> >>>>> Here's what I've done: >>>>> _________________________________________________________________ >>>>> clearPass installed in my CAS server (3.4.1) with this Maven's >>>>> dependency: >>>>> >>>>> <artifactId>clearpass-webapp</artifactId> >>>>> <version>1.0.1.GA</version> >>>>> >>>>> in the URL: https://winserver.xtanki.local:8443/cas/clearPass >>>>> _________________________________________________________________ >>>>> >>>>> I have Windows Server 2003 with Exchange 2007, the Outlook Web Access is >>>>> running: >>>>> >>>>> OWA: https://winserver.xtanki.local/owa >>>>> >>>>> _________________________________________________________________ >>>>> >>>>> I've downloaded the casowa zip file, changed the web.config beans: >>>>> <appSettings> and <casClientConfig>. >>>>> >>>>> <appSettings> >>>>> <add key="CasOwa.ClearPassUrl" >>>>> value="https://winserver.xtanki.local:8443/cas/clearPass"/> >>>>> <add key="CasOwa.OwaUrl" value="https://winserver.xtanki.local/owa"/> >>>>> <add key="CasOwa.skipOwaUrlCertificateValidation" value="false" /> >>>>> </appSettings> >>>>> >>>>> <connectionStrings /> >>>>> >>>>> >>>>> <casClientConfig >>>>> casServerLoginUrl="https://winserver.xtanki.local:8443/cas/login"; >>>>> serverName="https://winserver.xtanki.local:8443"; >>>>> secureUriRegex="(?i)/auth" >>>>> >>>>> casServerUrlPrefix="https://winserver.xtanki.local:8443/cas"; >>>>> redirectAfterValidation="false" >>>>> useSession="false" >>>>> gateway="false" >>>>> renew="false" >>>>> ticketValidatorName="Cas20" >>>>> ticketTimeTolerance="5000" >>>>> singleSignOut="false" >>>>> proxyGrantingTicketReceptor="true" >>>>> >>>>> proxyCallbackUrl="https://winserver.xtanki.local/coa/proxyCallback"; >>>>> proxyReceptorUrl="/coa/proxyCallback" /> >>>>> _________________________________________________________________ >>>>> >>>>> Created a virtual directory in my IIS 6.0 on the Default Web Site tree >>>>> with >>>>> the name "coa". >>>>> _________________________________________________________________ >>>>> >>>>> So now here's my questions: >>>>> >>>>> 1) The properties (authentication, httphandlers, etc) in the web.config >>>>> file >>>>> supplied in the casowa zip, are to copy to the web.config file in the OWA >>>>> virtual directory? Or just leave it like that in the coa Virtual >>>>> Directory? >>>>> >>>> >>>> They go in the coa virtual directory. Nothing in casowa.zip goes into >>>> OWA directory. >>>> >>>> >>>> >>>>> >>>>> 2) The property proxyCallbackUrl in casClientConfig bean.. what does it >>>>> mean? Its automatically created by the casowa client? >>>>> >>>> >>>> This the URL that CAS will use to authenticated and fulfill coa >>>> requests for a ProxyTickets. >>>> >>>> >>>> >>>>> >>>>> 3) How do I test if clearPass is working? If i go to the address >>>>> https://winserver.xtanki.local:8443/cas/clearPass it redirects me to the >>>>> /login servlet.. >>>>> >>>> >>>> See: http://www.unicon.net/blog/3/deploying_clearpass >>>> >>>> You could also deploy the Java Client Simple WebApp Sample to ensure >>>> ProxyTickets are working properly. >>>> >>>> http://www.ja-sig.org/wiki/display/CASC/JA-SIG+Java+Client+Simple+WebApp+Sample >>>> >>>> >>>> >>>>> >>>>> 4) The Http HandlerMappins / Http Modules are supposed to be hardcoded >>>>> into >>>>> the web.config file of owa? Where do I configure that in IIS 6?? >>>>> >>>> >>>> Handlers and Modules are configured in Web.config either by hand or >>>> using the IIS Manager: >>>> >>>> http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/b0c14479-83e3-435d-a935-819fe396e7d2.mspx?mfr=true >>>> >>>> >>>> >>>>> >>>>> 5) Whats the managed pipeline mode and How do I set it to Integrated? >>>>> >>>> >>>> Managed Pipeline mode is a new unified request processing pipeline >>>> that is exposed to both native and managed components in IIS7. Is is >>>> not available on IIS6. >>>> >>>> http://learn.iis.net/page.aspx/244/how-to-take-advantage-of-the-iis7-integrated-pipeline/ >>>> >>>> Hope this helps. >>>> >>>> Cheers, >>>> Bill >>>> >>>> >>>>> >>>>> Thanks for your time, >>>>> >>>>> Francisco >>>>> >>>>> >>> >>> -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
