Now it's getting somewhere. Did you install the CAS app as ROOT? Otherwise the Location header URL points to something else. What value do you have set for "server.prefix" in cas.properties?
Since you're not getting the CASTGC, CAS will respond with the login page, exactly as you're seeing. Best regards, -- Carlos. -----Original Message----- From: Zac Harvey [mailto:zhar...@commercehub.com] Sent: Thursday, 15 May, 2014 10:12 To: cas-user@lists.jasig.org Subject: RE: [cas-user] Minimal code for custom casLoginView.jsp form? The value of the response's "Location" header is "https://my-cas-server.ourcompany.org:5443/login" (obviously "my-cas-server.ourcompany.org" is not the real value!). There was no "Set-Cookie" header (for response or request), however there was a "Pragma" response header with a value of "no-cache". There was also a "JSESSIONID" cookie with a value as well. Does any of this make sense to you? Thanks again for all the help so far! -----Original Message----- From: Carlos Fernandez [mailto:cfern...@sju.edu] Sent: Thursday, May 15, 2014 10:05 AM To: cas-user@lists.jasig.org Subject: RE: [cas-user] Minimal code for custom casLoginView.jsp form? What URL did the "302 Found" response contain in the "Location" header? Any "Set-Cookie" headers with CASTGC and/or CASPRIVACY? Best regards, -- Carlos. -----Original Message----- From: Zac Harvey [mailto:zhar...@commercehub.com] Sent: Thursday, 15 May, 2014 07:00 To: cas-user@lists.jasig.org Subject: RE: [cas-user] Minimal code for custom casLoginView.jsp form? Thanks for the help Carlos. Any chance you (or anyone else) can take a look at my form and see if anything seems off? <%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %> <%@ taglib prefix="spring" uri="http://www.springframework.org/tags" %> <%@ taglib prefix="form" uri="http://www.springframework.org/tags/form" %> <%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %> <!-- For debugging and trying your suggestions. --> <h2>loginTicket is ${loginTicket}, and flowExecutionKey is ${flowExecutionKey}.</h2> <form:form method="post" id="fm1" commandName="${commandName}" htmlEscape="true"> <div class="errors"> <img src="<c:url value="/img/alert_red_20px.png"/>"/><form:errors path="*" cssClass="error" delimiter=" "/> </div> <label for="username"><spring:message code="screen.welcome.label.netid"/></label> <spring:message code="screen.welcome.label.netid.accesskey" var="userNameAccessKey"/> <form:input cssClass="required" cssErrorClass="error" id="username" tabindex="1" accesskey="${userNameAccessKey}" path="username" autocomplete="false" htmlEscape="true"/> <label for="password" class="fl-label"><spring:message code="screen.welcome.label.password"/></label> <spring:message code="screen.welcome.label.password.accesskey" var="passwordAccessKey"/> <form:password cssClass="required" cssErrorClass="error" id="password" tabindex="2" path="password" accesskey="${passwordAccessKey}" htmlEscape="true" autocomplete="off"/> <div class="button_bar"> <input type="hidden" name="lt" value="${loginTicket}"/> <input type="hidden" name="execution" value="${flowExecutionKey}"/> <input type="hidden" name="_eventId" value="submit"/> <input name="submit" accesskey="l" value="<spring:message code="screen.welcome.button.login"/>" tabindex="4" type="submit" class="orangebutton"/> </div> </form:form> When the above code renders in a browser, I get the following printout in the <h2> element: loginTicket is LT-19-gn3zqvf3Q3vWX6j39KhbTjRkbCLcLh, and flowExecutionKey is e19s1. So it looks like my "lt" and "flowExecutionKey" are valid, yes? If everything else above looks good to you, any ideas as to where I could start troubleshooting next? Again when I enter a username and password, and then submit the form, it just: - Refreshes the screen, clearing the text out of the username/password fields (like a form reset); and - I get different values for "lt" and "flowExecutionKey"; and - The HTTP POST (the form submission itself) comes back "302 Found" but doesn't seem to have anything in the HTTP response Could the fact that I'm getting different vals for lt and flowExecutionKey every time the form loads be the culprit? Thanks again for all the help so far! -----Original Message----- From: Carlos Fernandez [mailto:cfern...@sju.edu] Sent: Wednesday, May 14, 2014 2:49 PM To: cas-user@lists.jasig.org Subject: RE: [cas-user] Minimal code for custom casLoginView.jsp form? Zac, Based on the default casLoginView in 3.5.2, the form will send 'username', 'password', 'warn', 'lt' (login ticket), 'execution', and '_eventId'. The behavior that you see usually happens when the login ticket in the POST request is invalid or missing. This is what the form looks like stripped of DIVs and stand-alone <spring:message> tags, and without the OpenID conditional code: <form:form method="post" id="fm1" cssClass="fm-v clearfix" commandName="${commandName}" htmlEscape="true"> <label for="username" class="fl-label"><spring:message code="screen.welcome.label.netid" /></label> <form:input cssClass="required" cssErrorClass="error" id="username" size="25" tabindex="1" accesskey="${userNameAccessKey}" path="username" autocomplete="false" htmlEscape="true" /> <label for="password" class="fl-label"><spring:message code="screen.welcome.label.password" /></label> <form:password cssClass="required" cssErrorClass="error" id="password" size="25" tabindex="2" path="password" accesskey="${passwordAccessKey}" htmlEscape="true" autocomplete="off" /> <input id="warn" name="warn" value="true" tabindex="3" accesskey="<spring:message code="screen.welcome.label.warn.accesskey" />" type="checkbox" /> <label for="warn"><spring:message code="screen.welcome.label.warn" /></label> <input type="hidden" name="lt" value="${loginTicket}" /> <input type="hidden" name="execution" value="${flowExecutionKey}" /> <input type="hidden" name="_eventId" value="submit" /> <input class="btn-submit" name="submit" accesskey="l" value="<spring:message code="screen.welcome.button.login" />" tabindex="4" type="submit" /> <input class="btn-reset" name="reset" accesskey="c" value="<spring:message code="screen.welcome.button.clear" />" tabindex="5" type="reset" /> </form:form> Best regards, -- Carlos. -----Original Message----- From: Zac [mailto:zhar...@commercehub.com] Sent: Wednesday, 14 May, 2014 13:41 To: cas-user@lists.jasig.org Subject: [cas-user] Minimal code for custom casLoginView.jsp form? I just tried to implement my own casLoginView.jsp form and have CAS displaying it beautifully when the user goes to log in to the system. The problem is that when you click the login button, the screen just refreshes and gives no indication as to whether they successfully logged in or not. So I ask: what is the minimal <form> code necessary to POST a username and password to CAS (from inside the casLoginView.jsp)? What attributes does it need? -- You are currently subscribed to cas-user@lists.jasig.org as: cfern...@sju.edu To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org as: zhar...@commercehub.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org as: cfern...@sju.edu To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org as: zhar...@commercehub.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org as: cfern...@sju.edu To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user