Thanks, I've temporarily been diverted from working on this issue, but will try this fix when I put back on it. Patrick
-----Original Message----- From: Stefan Paetow [mailto:stefan.pae...@ja.net] Sent: Thursday, July 17, 2014 6:08 AM To: cas-user@lists.jasig.org Subject: RE: [cas-user] Redirect loop from services mangagement console Hi Patrick, If anything, I'd try to do this manually... The default deployerConfigContext.xml file contains the InMemoryServiceRegistryDaoImpl registry. It expects to use the fixed defined services that are defined as part of its own definition (in the 'registeredServices' property). There is one default service registered, which is the RegexRegisteredService, and an example one that is commented out (which is more restrictive in its regular expression for which services it provides SSO). What that XML definition of the RegexRegisteredService does not list (but which you can set) is the list of names of the authentication handlers defined in deployerConfigContext.xml that should be used for that service. You should be able to define that set similar to (I haven't tried it but play with it): <bean id="serviceRegistryDao" ... > <property name="registeredServices"> <list> <bean class= "..."> <property name="..."> <property name="requiredHandlers"> <set> <ref bean="handler1"> : </set> </property> : : </bean> : </list> </property> </bean> Any : or ... means "fill in the blanks with what is in the example". This pre-supposes that you need to list your handlers as separate beans in the deployConfigContext. Like I say, I haven't tried this yet, but the basic concept is there. :-) Stefan -----Original Message----- From: Patrick Hunter [mailto:patrick.hun...@perficient.com] Sent: 15 July 2014 22:43 To: cas-user@lists.jasig.org Subject: RE: [cas-user] Redirect loop from services mangagement console Hi Stefan, Sadly the service-specific handlers are a hard requirement for the project I was planning to use CAS for, hopefully I'll just be able to figure the manual config out myself if the GUI issue doesn't get resolved. Patrick -----Original Message----- From: Stefan Paetow [mailto:stefan.pae...@ja.net] Sent: Tuesday, July 15, 2014 4:36 PM To: cas-user@lists.jasig.org Subject: RE: [cas-user] Redirect loop from services mangagement console Hi Patrick, At my previous employer we've had to specify the services manually in the deployerConfigContext.xml, but I haven't tried any of the service-specific handler invocation, primarily because we expect all the sources to be used for our authentication attempts. And I've seen the same as what you have… the j_acegi_cas_security_check URL doesn't do anything, and this is despite the service app being installed and present. *sigh* Stefan ________________________________ From: Patrick Hunter [patrick.hun...@perficient.com] Sent: 15 July 2014 17:46 To: cas-user@lists.jasig.org Subject: RE: [cas-user] Redirect loop from services mangagement console Thanks for getting back to me Jérôme. I found that I can go to the log in page and log in. However, when I then hit https://localhost:7002/cas/validate I get back “no”. I also get “no” if I go straight to the validate page, but have used firebug to confirm that logging in does put a result in my browser storing a ticket. I also looked in the properties file and saw; “server.name=http://localhost:7002/ server.prefix=${server.name}/cas cas.securityContext.serviceProperties.service=${server.prefix}/services/j_acegi_cas_security_check“ This suggested a slightly different url than what I had been using so I hit “https://localhost:7002/cas/services/j_acegi_cas_security_check”, but got: “Access Denied BadCredentialsException::Failed to provide a CAS service ticket to validate”. I was logged in at the time, and didn’t get any console output from hitting the services url. Stefan, have you had much success deploying CAS while manually configuring your services? In particular, have you been able to have some services only use some of the handlers for login -Patrick From: Stefan Paetow [mailto:stefan.pae...@ja.net] Sent: Tuesday, July 15, 2014 10:29 AM To: cas-user@lists.jasig.org Subject: RE: [cas-user] Redirect loop from services mangagement console Welcome to my hell, Patrick. I’ve not been able to make the service management app work – ever. Stefan From: Patrick Hunter [mailto:patrick.hun...@perficient.com] Sent: 15 July 2014 15:32 To: cas-user@lists.jasig.org<mailto:cas-user@lists.jasig.org> Subject: RE: [cas-user] Redirect loop from services mangagement console Sorry, there is a conspicuous lack of information in the logs regarding this problem. Logging is enabled in the code, and when I go to other pages it appears to be working (e.g. I see a ticket granting ticket being created when I log in), but I get nothing when I go to the services page. From: Jérôme LELEU [mailto:lel...@gmail.com] Sent: Tuesday, July 15, 2014 3:50 AM To: cas-user@lists.jasig.org<mailto:cas-user@lists.jasig.org> Subject: Re: [cas-user] Redirect loop from services mangagement console Hi, Infinite loop generally comes from service ticket validation failure. Don't you have more relevant logs, like errors and stacktraces? It would help... Thanks. Best regards, Jérôme LELEU Founder of CAS in the cloud: www.casinthecloud.com<http://www.casinthecloud.com> | Twitter: @leleuj Chairman of CAS: www.jasig.org/cas<http://www.jasig.org/cas> | Creator of pac4j: www.pac4j.org<http://www.pac4j.org> 2014-07-15 0:00 GMT+02:00 Patrick <patrick.hun...@perficient.com<mailto:patrick.hun...@perficient.com>>: I am new to CAS and am trying to set up the sample overlay https://github.com/UniconLabs/simple-cas-overlay-template with a dummy app before using CAS in production. The server starts up, but trying to access the services management console results in an infinite redirect loop. Specifically, going to https://localhost:7002/cas/services/ takes me to https://localhost:7002/cas/services/AdminServer/cas/AdminServer/cas/AdminServer/cas/AdminServer/cas/AdminServer/cas/AdminServer/cas/AdminServer/cas/AdminServer/cas/AdminServer/cas/AdminServer/cas/AdminServer/cas/AdminServer/cas/AdminServer/cas/AdminServer/cas/AdminServer/cas/AdminServer/cas/AdminServer/cas/AdminServer/cas/AdminServer/cas/AdminServer/cas/login?service=AdminServer%2Fcas%2Fservices%2Fj_acegi_cas_security_check I have a handler for “A*” in the deployerConfigContext, as well as the handler included in the github project (which should accept all https requests anyway). I am running CAS in Weblogic 12, and have edited the properties files to use Weblogic’s port numbers instead of Tomcat’s. I’ve also enabled SSL using the Weblogic demo certificate. Does anyone know what could cause this? Thank You Patrick -- You are currently subscribed to cas-user@lists.jasig.org<mailto:cas-user@lists.jasig.org> as: lel...@gmail.com<mailto:lel...@gmail.com> To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org<mailto:cas-user@lists.jasig.org> as: patrick.hun...@perficient.com<mailto:patrick.hun...@perficient.com> To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org<mailto:cas-user@lists.jasig.org> as: stefan.pae...@ja.net<mailto:stefan.pae...@ja.net> To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user Janet(UK) is a trading name of Jisc Collections and Janet Limited, a not-for-profit company which is registered in England under No. 2881024 and whose Registered Office is at Lumen House, Library Avenue, Harwell Oxford, Didcot, Oxfordshire. OX11 0SG. VAT No. 614944238 -- You are currently subscribed to cas-user@lists.jasig.org<mailto:cas-user@lists.jasig.org> as: patrick.hun...@perficient.com<mailto:patrick.hun...@perficient.com> To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org as: stefan.pae...@ja.net To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user Janet(UK) is a trading name of Jisc Collections and Janet Limited, a not-for-profit company which is registered in England under No. 2881024 and whose Registered Office is at Lumen House, Library Avenue, Harwell Oxford, Didcot, Oxfordshire. OX11 0SG. VAT No. 614944238 -- You are currently subscribed to cas-user@lists.jasig.org as: patrick.hun...@perficient.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org as: stefan.pae...@ja.net To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user Janet(UK) is a trading name of Jisc Collections and Janet Limited, a not-for-profit company which is registered in England under No. 2881024 and whose Registered Office is at Lumen House, Library Avenue, Harwell Oxford, Didcot, Oxfordshire. OX11 0SG. VAT No. 614944238 -- You are currently subscribed to cas-user@lists.jasig.org as: patrick.hun...@perficient.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
