I'm currently using the latest cas phpClient (1.1.3) to let my Web application
access through a Cas Server (ver 2) . My application URL is
http://10.115.0.46/DDS, while my Cas Server URL is sublq11486.dom2.ad.sys (ip
83.103.115.222).
My application url is in my LAN, while the CAS Server is a public URL.
The authentication fails after typing user/password at Cas Server Login.
The question is about CASClient::getUrl() function; I have printed out
$_SERVER['HTTP_X_FORWARDED_SERVER'], $_SERVER['SERVER_NAME'],
$_SERVER['HTTP_HOST'] (tagged whith Eos debug at line 49,50,51) : I suppose the
_SERVER[] array is provided by CAS Server, but is it correct??
$_SERVER['HTTP_X_FORWARDED_SERVER'] should be my application URL?
The Final URI is http://SUBLQ11486.dom2.ad.sys/DDS/ which actualy does not
exist!
I attach the phpCas client log.
Thanks a lot
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
1254 .START phpCAS-1.1.3 ****************** [CAS.php:470]
1254 .=> phpCAS::client('2.0', 'sublq11486.dom2.ad.sys/cas', 443, '', false)
[users_controller.php:143]
1254 .| => CASClient::CASClient('2.0', false, 'sublq11486.dom2.ad.sys/cas',
443, '', false) [CAS.php:373]
1254 .| <= ''
1254 .<= ''
1254 .=> phpCAS::setNoCasServerValidation() [users_controller.php:146]
1254 .<= ''
1254 .=> phpCAS::forceAuthentication() [users_controller.php:149]
1254 .| => CASClient::forceAuthentication() [CAS.php:893]
1254 .| | => CASClient::isAuthenticated() [client.php:869]
1254 .| | | => CASClient::wasPreviouslyAuthenticated() [client.php:974]
1254 .| | | | no user found [client.php:1110]
1254 .| | | <= false
1254 .| | | no ticket found [client.php:1027]
1254 .| | <= false
1254 .| | => CASClient::redirectToCas(false) [client.php:878]
1254 .| | | => CASClient::getServerLoginURL(false, false)
[client.php:1127]
1254 .| | | | => CASClient::getURL() [client.php:361]
1254 .| | | | | Eos debug : server_name <== _SERVER[SERVER_NAME]
[client.php:2663]
1254 .| | | | | Eos debug : HTTP_X_FORWARDED_SERVER :empty
[client.php:2695]
1254 .| | | | | Eos debug : SERVER_NAME :10.115.0.46
[client.php:2704]
1254 .| | | | | Eos debug : HTTP_HOST :10.115.0.46
[client.php:2711]
1254 .| | | | | Final URI: http://10.115.0.46/DDS/
[client.php:2716]
1254 .| | | | <= 'http://10.115.0.46/DDS/'
1254 .| | | <=
'https://sublq11486.dom2.ad.sys/cas/login?service=http%3A%2F%2F10.115.0.46%2FDDS%2F'
1254 .| | | Redirect to :
https://sublq11486.dom2.ad.sys/cas/login?service=http%3A%2F%2F10.115.0.46%2FDDS%2F
1254 .| | | exit()
1254 .| | | -
1254 .| | -
1254 .| -
7F1C .START phpCAS-1.1.3 ****************** [CAS.php:470]
7F1C .=> phpCAS::client('2.0', 'sublq11486.dom2.ad.sys/cas', 443, '', false)
[users_controller.php:143]
7F1C .| => CASClient::CASClient('2.0', false, 'sublq11486.dom2.ad.sys/cas',
443, '', false) [CAS.php:373]
7F1C .| | ST or PT 'ST-739-L4mZVdSFXvKiVtssAKXF-cas' found
[client.php:677]
7F1C .| <= ''
7F1C .<= ''
7F1C .=> phpCAS::setNoCasServerValidation() [users_controller.php:146]
7F1C .<= ''
7F1C .=> phpCAS::forceAuthentication() [users_controller.php:149]
7F1C .| => CASClient::forceAuthentication() [CAS.php:893]
7F1C .| | => CASClient::isAuthenticated() [client.php:869]
7F1C .| | | => CASClient::wasPreviouslyAuthenticated() [client.php:974]
7F1C .| | | | no user found [client.php:1110]
7F1C .| | | <= false
7F1C .| | | PT `ST-739-L4mZVdSFXvKiVtssAKXF-cas' is present
[client.php:1005]
7F1C .| | | => CASClient::validatePT('', NULL, NULL) [client.php:1006]
7F1C .| | | | => CASClient::getURL() [client.php:481]
7F1C .| | | | | Eos debug : server_name <==
_SERVER[HTTP_X_FORWARDED_SERVER] [client.php:2668]
7F1C .| | | | | Eos debug : HTTP_X_FORWARDED_SERVER
:SUBLQ11486.dom2.ad.sys [client.php:2697]
7F1C .| | | | | Eos debug : SERVER_NAME :sublq11486.dom2.ad.sys
[client.php:2704]
7F1C .| | | | | Eos debug : HTTP_HOST :sublq11486.dom2.ad.sys
[client.php:2711]
7F1C .| | | | | Final URI: http://SUBLQ11486.dom2.ad.sys/DDS/
[client.php:2716]
7F1C .| | | | <= 'http://SUBLQ11486.dom2.ad.sys/DDS/'
7F1C .| | | | =>
CASClient::readURL('https://sublq11486.dom2.ad.sys/cas/proxyValidate?service=http%3A%2F%2FSUBLQ11486.dom2.ad.sys%2FDDS%2F&ticket=ST-739-L4mZVdSFXvKiVtssAKXF-cas',
'', NULL, NULL, NULL) [client.php:2536]
7F1C .| | | | <= true
7F1C .| | | | => CASClient::authError('PT not validated',
'https://sublq11486.dom2.ad.sys/cas/proxyValidate?service=http%3A%2F%2FSUBLQ11486.dom2.ad.sys%2FDDS%2F&ticket=ST-739-L4mZVdSFXvKiVtssAKXF-cas',
false, false, '<cas:serviceResponse xmlns:cas=\'http://www.yale.edu/tp/cas\'>
<cas:authenticationFailure code=\'INVALID_SERVICE\'> Il ticket
'ST-739-L4mZVdSFXvKiVtssAKXF-cas' non corrisponde a nessun servizio
disponibile </cas:authenticationFailure></cas:serviceResponse>',
'INVALID_SERVICE', 'Il ticket \'ST-739-L4mZVdSFXvKiVtssAKXF-cas\' non
corrisponde a nessun servizio disponibile') [client.php:2590]
7F1C .| | | | | => CASClient::getURL() [client.php:2776]
7F1C .| | | | | <= 'http://SUBLQ11486.dom2.ad.sys/DDS/'
7F1C .| | | | | CAS URL:
https://sublq11486.dom2.ad.sys/cas/proxyValidate?service=http%3A%2F%2FSUBLQ11486.dom2.ad.sys%2FDDS%2F&ticket=ST-739-L4mZVdSFXvKiVtssAKXF-cas
[client.php:2777]
7F1C .| | | | | Authentication failure: PT not validated
[client.php:2778]
7F1C .| | | | | Reason: [INVALID_SERVICE] CAS error: Il ticket
'ST-739-L4mZVdSFXvKiVtssAKXF-cas' non corrisponde a nessun servizio disponibile
[client.php:2793]
7F1C .| | | | | CAS response: <cas:serviceResponse
xmlns:cas='http://www.yale.edu/tp/cas'>
<cas:authenticationFailure code='INVALID_SERVICE'>
Il ticket 'ST-739-L4mZVdSFXvKiVtssAKXF-cas' non
corrisponde a nessun servizio disponibile
</cas:authenticationFailure>
</cas:serviceResponse>
[client.php:2797]
7F1C .| | | | | exit()
7F1C .| | | | | -
7F1C .| | | | -
7F1C .| | | -
7F1C .| | -
7F1C .| -
