Please see the following configuration changes that I did and I have also attached the files CasOwa - Web.config
<appSettings>
<add key="CasOwa.ClearPassUrl"
value="https://cas.lynntestnet.com:8443/cas/clearPass"; />
<add key="CasOwa.OwaUrl" value="https://mail3.lynntestnet.com/owa"; />
<add key="CasOwa.skipOwaUrlCertificateValidation" value="true" />
</appSettings>
<casClientConfig casServerLoginUrl="https://cas.lynntestnet.com:8443/cas/login";
serverName="https://mail3.lynntestnet.com/";
secureUriRegex="(?i)/auth"
casServerUrlPrefix="https://cas.lynntestnet.com:8443/cas/";
redirectAfterValidation="false"
useSession="false"
gateway="false" renew="false"
ticketValidatorName="Cas20"
ticketTimeTolerance="5000"
singleSignOut="false"
proxyGrantingTicketReceptor="true"
proxyCallbackUrl="https://mail3.lynntestnet.com/coa/proxyCallback";
proxyReceptorUrl="/coa/proxyCallback" />
CAS - web.xml
<!-- Filters for ClearPass Security -->
<filter>
<filter-name>CAS Validation Filter</filter-name>
<filter-class>org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter</filter-class>
<init-param>
<param-name>casServerUrlPrefix</param-name>
<param-value>https://cas.lynntestnet.com:8443/cas</param-value>
</init-param>
<init-param>
<param-name>serverName</param-name>
<param-value>https://cas.lynntestnet.com:8443</param-value>
</init-param>
<init-param>
<param-name>exceptionOnValidationFailure</param-name>
<param-value>false</param-value>
</init-param>
<init-param>
<param-name>allowedProxyChains</param-name>
<param-value>https://mail3.lynntestnet.com/coa/proxyCallback</param-value>
</init-param>
<init-param>
<param-name>useSession</param-name>
<param-value>false</param-value>
</init-param>
<init-param>
<param-name>redirectAfterValidation</param-name>
<param-value>false</param-value>
</init-param>
</filter>
<filter>
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
<filter-class>org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>CAS Validation Filter</filter-name>
<url-pattern>/clearPass</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
<url-pattern>/clearPass</url-pattern>
</filter-mapping>
deployerConfigContext.xml
<!-- ClearPass extention -->
<property name="authenticationMetaDataPopulators">
<list>
<bean
class="org.jasig.cas3.extensions.clearpass.CacheCredentialsMetaDataPopulator">
<constructor-arg index="0"
ref="credentialsCache" />
</bean>
</list>
</property>
Thanks,
Malar
-----Original Message-----
From: William G. Thompson, Jr. [mailto:wgt...@gmail.com]
Sent: Thursday, March 03, 2011 7:15 PM
To: cas-user@lists.jasig.org
Cc: Malarvizhi Perumalraja
Subject: Re: [cas-user] CASifying OWA Proxy Ticket Issue
Malar,
Can you post our config? That might help folks help troubleshoot.
Bill
On Thu, Mar 3, 2011 at 4:50 PM, Malarvizhi Perumalraja
<mperumalr...@lynn.edu> wrote:
> Hi all,
>
> I am trying to Casify OWA. I have configured CAS 3.4.4 with
> Clearpass 1.0.6. deployed CasOwa client on the Exchange server (Exchange
> 2007, windows 2008). I followed step by step instruction at
> https://wiki.jasig.org/pages/viewpage.action?pageId=29133913
>
>
>
> When I go to https://mail3.lynntestnet.com/coa/auth it redirects to the CAS
> login page but after I enter the credentials it redirects to the OWA login
> screen without automatically logging into the inbox.
>
>
>
> The following is the cas.log. It granted proxy ticket but then it says No
> Proxy Ticket found.
>
>
>
> Cas.log
>
> 2011-03-01 17:13:08,113 INFO
> [org.jasig.cas.authentication.AuthenticationManagerImpl] -
> AuthenticationHandler:
> org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler successfully
> authenticated the user which provided the following credentials: [username:
> malarperumalraja]
>
> 2011-03-01 17:13:08,113 INFO
> [org.jasig.cas.CentralAuthenticationServiceImpl] - Granted service ticket
> [ST-5-dIeA0zhZM9fNbkqxNluC-cas] for service
> [https://mail3.lynntestnet.com/coa/auth] for user [malarperumalraja]
>
> 2011-03-01 17:13:08,144 INFO
> [org.jasig.cas.authentication.AuthenticationManagerImpl] -
> AuthenticationHandler:
> org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler
> successfully authenticated the user which provided the following
> credentials: [callbackUrl: https://mail3.lynntestnet.com/coa/proxyCallback]
>
> 2011-03-01 17:13:08,144 INFO
> [org.jasig.cas.CentralAuthenticationServiceImpl] - Granted proxy ticket
> [ST-6-rqUW9opjjx3cpYhlTdKl-cas] for service
> [https://cas.lynntestnet.com:8443/cas/clearPass] for user [malarperumalraja]
>
> 2011-03-01 17:13:08,191 INFO
> [org.jasig.cas.client.proxy.ProxyGrantingTicketStorageImpl] - No Proxy
> Ticket found for
>
>
>
> Any help is greatly appreciated
>
>
>
> Thanks,
>
> Malar Perumalraja
>
>
>
> This email is intended for the designated recipient only, and may be
> confidential, non-public, proprietary, protected by the attorney/client or
> other privilege. Unauthorized reading, distribution, copying or other use of
> this communication is prohibited and may be unlawful. Receipt by anyone
> other than the intended recipients should not be deemed a waiver of any
> privilege or protection. If you are not the intended recipient or if you
> believe that you have received this email in error, please notify the sender
> immediately and delete all copies from your computer system without reading,
> saving, or using it in any manner. Although it has been checked for viruses
> and other malicious software, malware, we do not warrant, represent or
> guarantee in any way that this communication is free of malware or
> potentially damaging defects. All liability for any actual or alleged loss,
> damage, or injury arising out of or resulting in any way from the receipt,
> opening or use of this email is expressly disclaimed.
>
> --
> You are currently subscribed to cas-user@lists.jasig.org as:
> wgt...@gmail.com
> To unsubscribe, change settings or access archives, see
> http://www.ja-sig.org/wiki/display/JSG/cas-user
This email is intended for the designated recipient only, and may be
confidential, non-public, proprietary, protected by the attorney/client or
other privilege. Unauthorized reading, distribution, copying or other use of
this communication is prohibited and may be unlawful. Receipt by anyone other
than the intended recipients should not be deemed a waiver of any privilege or
protection. If you are not the intended recipient or if you believe that you
have received this email in error, please notify the sender immediately and
delete all copies from your computer system without reading, saving, or using
it in any manner. Although it has been checked for viruses and other malicious
software, malware, we do not warrant, represent or guarantee in any way that
this communication is free of malware or potentially damaging defects. All
liability for any actual or alleged loss, damage, or injury arising out of or
resulting in any way from the receipt, opening or use of this email is
expressly disclaimed.
--
You are currently subscribed to cas-user@lists.jasig.org as:
arch...@mail-archive.com
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user<?xml version="1.0" encoding="ISO-8859-1"?> <web-app xmlns="http://java.sun.com/xml/ns/j2ee"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"; version="2.4"> <display-name>Central Authentication System (CAS) 3.4.4 with ClearPass 1.0.6.GA</display-name> <context-param> <param-name>contextConfigLocation</param-name> <param-value> /WEB-INF/spring-configuration/*.xml /WEB-INF/deployerConfigContext.xml </param-value> </context-param> <!-- - Location of the Log4J config file, for initialization and refresh checks. - Applied by Log4jConfigListener. --> <context-param> <param-name>log4jConfigLocation</param-name> <param-value>classpath:log4j.xml</param-value> </context-param> <context-param> <param-name>log4jExposeWebAppRoot</param-name> <param-value>false</param-value> </context-param> <!-- Specify that the log4j configuration should be reloaded periodically to pick up changes --> <context-param> <param-name>log4jRefreshInterval</param-name> <param-value>60000</param-value> </context-param> <filter> <filter-name>CAS Client Info Logging Filter</filter-name> <filter-class>com.github.inspektr.common.web.ClientInfoThreadLocalFilter</filter-class> </filter> <filter> <filter-name>springSecurityFilterChain</filter-name> <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class> </filter> <filter> <filter-name>characterEncodingFilter</filter-name> <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class> </filter> <filter-mapping> <filter-name>characterEncodingFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <filter-mapping> <filter-name>springSecurityFilterChain</filter-name> <url-pattern>/services/*</url-pattern> </filter-mapping> <filter-mapping> <filter-name>CAS Client Info Logging Filter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <!-- Filters for ClearPass Security --> <filter> <filter-name>CAS Validation Filter</filter-name> <filter-class>org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter</filter-class> <init-param> <param-name>casServerUrlPrefix</param-name> <param-value>https://cas.lynntestnet.com:8443/cas</param-value> </init-param> <init-param> <param-name>serverName</param-name> <param-value>https://cas.lynntestnet.com:8443</param-value> </init-param> <init-param> <param-name>exceptionOnValidationFailure</param-name> <param-value>false</param-value> </init-param> <init-param> <param-name>allowedProxyChains</param-name> <param-value>https://mail3.lynntestnet.com/coa/proxyCallback</param-value> </init-param> <!-- - <init-param> - <param-name>acceptAnyProxy</param-name> - <param-value>true</param-value> - </init-param> --> <init-param> <param-name>useSession</param-name> <param-value>false</param-value> </init-param> <init-param> <param-name>redirectAfterValidation</param-name> <param-value>false</param-value> </init-param> </filter> <filter> <filter-name>CAS HttpServletRequest Wrapper Filter</filter-name> <filter-class>org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filter-class> </filter> <filter-mapping> <filter-name>CAS Validation Filter</filter-name> <url-pattern>/clearPass</url-pattern> </filter-mapping> <filter-mapping> <filter-name>CAS HttpServletRequest Wrapper Filter</filter-name> <url-pattern>/clearPass</url-pattern> </filter-mapping> <!-- - Configures Log4J for this web app. - As this context specifies a context-param "log4jConfigLocation", its file path - is used to load the Log4J configuration, including periodic refresh checks. - - Would fall back to default Log4J initialization (non-refreshing) if no special - context-params are given. - - Exports a "web app root key", i.e. a system property that specifies the root - directory of this web app, for usage in log file paths. - This web app specifies "cas.root" (see log4j.properties file). --> <!-- Leave the listener commented-out if using JBoss --> <listener> <listener-class> org.springframework.web.util.Log4jConfigListener </listener-class> </listener> <!-- - Loads the CAS ApplicationContext. - The deployer choice here is how to handle Throwables thrown by Spring's - ContextLoaderListener. The Spring ContextLoaderListener will throw an exception when the - application context cannot be loaded, say because the bean XML files are not valid XML or do not - refer to real classes and properties or because a bean configured via Spring throws an exception - at construction, property setting, or on an afterPropertiesSet() lifecycle method. - - If you'd like these errors to be fatal and prevent the CAS servlet context from loading at all, - use org.springframework.web.context.ContextLoaderListener. - - If you'd like these errors to result in all requests for CAS getting a "CAS is Unavailable" response, - use org.jasig.cas.web.init.SafeContextLoaderListener --> <listener> <listener-class> org.jasig.cas.web.init.SafeContextLoaderListener </listener-class> </listener> <!-- - This is the Spring dispatcher servlet which delegates all requests to the - Spring WebMVC controllers as configured in cas-servlet.xml. - - The choice made above about how to handle a broken ApplicationContext at - context initialization applies here as well, since this servlet is load-on-startup. - - If you'd like these errors to be fatal and prevent the CAS servlet from loading at all, - use org.springframework.web.servlet.DispatcherServlet. - - If you'd like these errors to result in all requests for CAS getting a "CAS is Unavailable" response, - use org.jasig.cas.web.init.SafeDispatcherServlet --> <servlet> <servlet-name>cas</servlet-name> <servlet-class> org.jasig.cas.web.init.SafeDispatcherServlet </servlet-class> <init-param> <param-name>publishContext</param-name> <param-value>false</param-value> </init-param> <load-on-startup>1</load-on-startup> </servlet> <servlet-mapping> <servlet-name>cas</servlet-name> <url-pattern>/clearPass</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>cas</servlet-name> <url-pattern>/login</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>cas</servlet-name> <url-pattern>/logout</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>cas</servlet-name> <url-pattern>/validate</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>cas</servlet-name> <url-pattern>/serviceValidate</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>cas</servlet-name> <url-pattern>/samlValidate</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>cas</servlet-name> <url-pattern>/proxy</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>cas</servlet-name> <url-pattern>/proxyValidate</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>cas</servlet-name> <url-pattern>/CentralAuthenticationService</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>cas</servlet-name> <url-pattern>/services/add.html</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>cas</servlet-name> <url-pattern>/services/viewStatistics.html</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>cas</servlet-name> <url-pattern>/services/logout.html</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>cas</servlet-name> <url-pattern>/services/loggedOut.html</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>cas</servlet-name> <url-pattern>/services/manage.html</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>cas</servlet-name> <url-pattern>/services/edit.html</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>cas</servlet-name> <url-pattern>/openid/*</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>cas</servlet-name> <url-pattern>/services/deleteRegisteredService.html</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>cas</servlet-name> <url-pattern>/authorizationFailure.html</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>cas</servlet-name> <url-pattern>/403.html</url-pattern> </servlet-mapping> <session-config> <!-- Default to 5 minute session timeouts --> <session-timeout>5</session-timeout> </session-config> <error-page> <exception-type>org.springframework.context.ApplicationContextException</exception-type> <location>/WEB-INF/view/jsp/brokenContext.jsp</location> </error-page> <error-page> <error-code>500</error-code> <location>/WEB-INF/view/jsp/errors.jsp</location> </error-page> <error-page> <error-code>404</error-code> <location>/</location> </error-page> <error-page> <error-code>403</error-code> <location>/403.html</location> </error-page> <welcome-file-list> <welcome-file>index.jsp</welcome-file> </welcome-file-list> </web-app>
Web.config
Description: Web.config
