On Mon, 10 Dec 2012, Tobias Quosigk wrote:
I'm in the process of diagnosing a potential issue with a third-party
application and it would help me tremendously, if I could turn on
logging for the XML response referenced below, specifically the username
that gets returned to the third-party application:
[From https://wiki.jasig.org/display/CASUM/Technical+Overview] "CAS
receives and validates this secure server-to-server request, then
fulfills the application server's HTTPS CAS client request and returns
an XML message of "success" along with the authenticated username."
I'm running CAS 3.4.10.
This doesn't give you the full XML, but have you looked at the audit log
in CAS? Here is an example of the log entry for a ticket validation:
2012-12-10 09:39:29,385 INFO
[com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit
trail record BEGIN
=============================================================
WHO: audit:unknown
WHAT: ST-471027-oySesJjITuWkeJUpOB2y-login1
ACTION: SERVICE_TICKET_VALIDATED
APPLICATION: CAS
WHEN: Mon Dec 10 09:39:29 PST 2012
CLIENT IP ADDRESS: 128.193.123.123
SERVER IP ADDRESS: login.oregonstate.edu
=============================================================
You could also turn on DEBUG logging for (just a guess):
org.jasig.cas.web.support.CasArgumentExtractor
org.jasig.cas.web.support.SamlArgumentExtractor
org.jasig.cas.util
Or... approach it from the networking side. Run tcpdump to capture the
traffic, then use Wireshark along with your CAS server's SSL cert and SSL
key to decrypt the traffic and view it.
Andy
--
You are currently subscribed to cas-user@lists.jasig.org as:
arch...@mail-archive.com
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
