Oh great. I see. After I clear the cookies I can see the CAS too. Thank you John!
Right now after I logged in to CAS, I'm redirected to my default page, but the url is not in the format which contains the ticket info...what might be the problem? Michelle On Fri, Sep 12, 2014 at 12:17 PM, John Gasper <jgas...@unicon.net> wrote: > Hi Michelle, > > Nice sleuthing! So when I go to http://test-spots.fandm.edu/ I get sent > to you test CAS Server. If you were already logged into the CAS server it > would have looked like it was only taking you to your homepage. > > It's looking OK to me. > > > On 9/12/14 9:06 AM, Michelle Zhang wrote: > > Thank you John! I renamed Web.config file to web.xml and opened it in > IE, it compiled right. > So I started to check the items in Web.config file, and found: > 1. I need to comment this out, otherwise I get 500 Internal Error: > <modules runAllManagedModulesForAllRequests="true"/> > 2. I need to add this: <validation > validateIntegratedModeConfiguration="false"/>, otherwise I get 500.22 Error > The problem is now when I type my website URL in the address bar in the > browser, it goes to my webpage default page directly, it does not go to the > CAS log in page. > > Any ideas why is that? I just pasted the web.config file in the bottom > of the email, in case you have time to take a look for me. > > > Michelle > > > > Web.config > > <?xml version="1.0"?> > > <configuration> > <configSections> > <!--<section name="securitySwitch" > type="SecuritySwitch.Configuration.Settings, SecuritySwitch" > requirePermission="false" />--> > <section name="casClientConfig" > type="DotNetCasClient.Configuration.CasClientConfiguration, > DotNetCasClient"/> > </configSections> > <casClientConfig casServerLoginUrl="https://cas-test.fandm.edu/cas/login > " > casServerUrlPrefix="https://cas-test.fandm.edu/cas"; > serverName="test-spots.fandm.edu" > notAuthorizedUrl="~/Failed.aspx" > cookiesRequiredUrl="" > redirectAfterValidation="true" > renew="false" singleSignOut="true" > ticketValidatorName="Cas20" > serviceTicketManager="CacheServiceTicketManager"/> > > <!--<securitySwitch mode="RemoteOnly"> > <paths> > <add path="~/Login.aspx" /> > </paths> > </securitySwitch>--> > > > <connectionStrings> > <add name="ApplicationServices" connectionString="data > source=.\SQLEXPRESS;Integrated > Security=SSPI;AttachDBFilename=|DataDirectory|\aspnetdb.mdf;User > Instance=true" > providerName="System.Data.SqlClient" /> > </connectionStrings> > <system.web> > > <!--<customErrors mode="Off" defaultRedirect="Error.aspx"/>--> > <customErrors mode="Off"/> > <compilation debug="true" targetFramework="4.0"/> > > <authentication mode="Forms"> > <forms loginUrl="https://cas-test.fandm.edu/cas/login"; timeout="30" > defaultUrl="Default.aspx" > cookieless="UseCookies" > slidingExpiration="true" > path="/" /> > </authentication> > <authorization> > <deny users="?"/> > </authorization> > <httpModules> > <add name="DotNetCasClient" > type="DotNetCasClient.CasAuthenticationModule,DotNetCasClient"/> > </httpModules> > > <sessionState timeout="2880"> > </sessionState> > <membership> > <providers> > <clear/> > <add name="AspNetSqlMembershipProvider" > type="System.Web.Security.SqlMembershipProvider" > connectionStringName="ApplicationServices" enablePasswordRetrieval="false" > enablePasswordReset="true" requiresQuestionAndAnswer="false" > requiresUniqueEmail="false" maxInvalidPasswordAttempts="5" > minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" > passwordAttemptWindow="10" applicationName="/"/> > </providers> > </membership> > <profile> > <providers> > <clear/> > <add name="AspNetSqlProfileProvider" > type="System.Web.Profile.SqlProfileProvider" > connectionStringName="ApplicationServices" applicationName="/"/> > </providers> > </profile> > <roleManager enabled="false"> > <providers> > <clear/> > <add name="AspNetSqlRoleProvider" > type="System.Web.Security.SqlRoleProvider" > connectionStringName="ApplicationServices" applicationName="/"/> > <add name="AspNetWindowsTokenRoleProvider" > type="System.Web.Security.WindowsTokenRoleProvider" applicationName="/"/> > </providers> > </roleManager> > > </system.web> > <system.webServer> > <!--just added this on 9/12/14 11:46. > without it or set to true: > HTTP Error 500.22 - Internal Server Error > An ASP.NET setting has been detected that does not apply in Integrated > managed pipeline mode. > with it: > do not go to cas log in, but only go to the default page.--> > <validation validateIntegratedModeConfiguration="false"/> > <modules> > <remove name="DotNetCasClient"/> > <add name="DotNetCasClient" > type="DotNetCasClient.CasAuthenticationModule,DotNetCasClient"/> > </modules> > <!--<httpErrors errorMode="Custom"> > <error statusCode="500" subStatusCode="5" path=" > https://spots.fandm.edu"; responseMode="Redirect"/> > <error statusCode="403" subStatusCode="4" path=" > https://spots.fandm.edu"; responseMode="Redirect"/> > </httpErrors>--> > <httpErrors errorMode="Detailed" /> > > <asp scriptErrorSentToBrowser="true"/> > > <!--need to comment it, otherwise 500 Error--> > <!--<modules runAllManagedModulesForAllRequests="true"/>--> > > <defaultDocument> > <files> > <clear/> > <add value="Default.aspx"/> > </files> > > </defaultDocument> > </system.webServer> > > > </configuration> > > > > > > > > > > > On Thu, Sep 11, 2014 at 5:13 PM, John Gasper <jgas...@unicon.net> wrote: > >> Hi Michelle, >> >> When I get these kind of errors with IIS, the first thing I check is that >> the web.config file is valid xml. I usually rename the file to end in .xml >> and open it in IE to make sure it parses correctly. If that checks out make >> sure the new elements were added to the appropriate areas. I'd guess >> something wrong in the web.config is probably the problem. >> >> Next, I usually enable Failed Request Tracing. You'll need to work with >> your sys admin to configure and enable it, but this usually uncovers >> everything. An xml file will be created that will merge to the xsl file in >> the output directory. Open the xml in IE and that will make it a lot easier >> to review. >> >> Give those a try and see what you find. >> >> Good luck! >> >> John >> >> >> On 9/11/14 11:40 AM, Michelle Zhang wrote: >> >> Carl, >> >> I do not have access to the event viewer in the windows server. I'll >> check with the personnel who has access to it. >> >> Yes the website works very good before adding the CAS client code. >> >> I tried to test with a "Hello World" test page but got the same error. >> >> Not sure how to set the error log...I found as soon as I logged in the >> Cas Log In page, I got this error message. How to find out if the error is >> happening before or after the request is routed? I do not have much access >> to the server so I cannot debug the web pages using break point on the web >> server.... >> >> >> Michelle >> >> >> >> On Thu, Sep 11, 2014 at 2:10 PM, Waldbieser, Carl <waldb...@lafayette.edu >> > wrote: >> >>> Michelle, >>> >>> Did you check the Windows event log to see if the error was logged >>> elsewhere (e.g. under "Applications")? >>> Did the web site work *prior* to adding the CAS client code? >>> Can you serve *any* resource? E.g. a basic "Hello World" test page? >>> Can you emit messages to an error log from your ASP page to see if the >>> request is reaching the page or if the error is happening before the >>> request is routed? >>> >>> Without knowing much about your setup, I am afraid I am someone limited >>> in the advice I can offer. >>> >>> Thanks, >>> Carl >>> >>> ----- Original Message ----- >>> From: "Michelle Zhang" <michelle.zh...@fandm.edu> >>> To: cas-user@lists.jasig.org >>> Sent: Thursday, September 11, 2014 2:03:36 PM >>> Subject: Re: [cas-user] Possible cause of 500 - Internal server error >>> >>> Hi Carl, >>> >>> Thank you again for helping! I did check the Log files under >>> inetpub/logs/LogFiles and I did not see any error messages at all. >>> >>> Michelle >>> >>> On Thu, Sep 11, 2014 at 1:58 PM, Waldbieser, Carl < >>> waldb...@lafayette.edu> >>> wrote: >>> >>> > Michelle, >>> > >>> > A 500 error doesn't tell you much. >>> > Is it possible for you to get access the the web server logs (e.g. >>> Windows >>> > Event logs) to see if there is any more specific information available? >>> > >>> > Thanks, >>> > Carl Waldbieser >>> > >>> > ----- Original Message ----- >>> > From: "Michelle Zhang" <michelle.zh...@fandm.edu> >>> > To: cas-user@lists.jasig.org >>> > Sent: Thursday, September 11, 2014 1:52:08 PM >>> > Subject: Re: [cas-user] Possible cause of 500 - Internal server error >>> > >>> > Thank you Linda! >>> > >>> > on the webserver, the web page is not even go to CAS log in page, it >>> turns >>> > the 500 - Internal server error without doing anything. And there's no >>> way >>> > I can debug to find out what's the problem because it does go to the >>> CAS >>> > log in page when I run it on my local machine. >>> > >>> > On Thu, Sep 11, 2014 at 1:11 PM, Linda Toth <ltt...@alaska.edu> wrote: >>> > >>> > > We normally receive that error when the user is authenticated, but >>> not >>> > > authorized to use the target application. In the case of Banner, >>> e.g., >>> > > that application seeks an attribute called the UDC Identifier which >>> is >>> > used >>> > > to establish role permissions for the various Banner applications. >>> Once >>> > > authenticated, our LDAP returns that attribute. A similar failure >>> would >>> > > occur any attribute the target application is seeking has not been >>> > gathered >>> > > from the authentication source. >>> > > >>> > > Linda >>> > > >>> > > Linda Toth >>> > > University of Alaska - Office of Information Technology (OIT) - >>> Identity >>> > > and Access Management >>> > > 910 Yukon Drive, Suite 103 >>> > > Fairbanks, Alaska 99775 >>> > > Tel: 907-450-8320 >>> > > Fax: 907-450-8381 >>> > > linda.t...@alaska.edu | www.alaska.edu/oit/ >>> > > >>> > > >>> > > On Thu, Sep 11, 2014 at 7:13 AM, Michelle Zhang < >>> > michelle.zh...@fandm.edu> >>> > > wrote: >>> > > >>> > >> I'm using ASP.Net and just started to use CAS. >>> > >> >>> > >> On my local machine, after authenticated by the CAS log in page, >>> I'm not >>> > >> re-directed back to my default url but get this 500 - Internal >>> server >>> > error >>> > >> message. >>> > >> >>> > >> On the webserver, if I type the website url on browser, I'm not >>> > >> re-directed to the CAS log in page but just get 500 - Internal >>> server >>> > error >>> > >> directly. >>> > >> >>> > >> Anyone knows why's that? >>> > >> >>> > >> >>> > >> >>> > >> Michelle <michelle.zh...@fandm.edu> >>> > >> >>> > >> -- >>> > >> You are currently subscribed to cas-user@lists.jasig.org as: >>> > ltt...@alaska.edu >>> > >> To unsubscribe, change settings or access archives, see >>> > http://www.ja-sig.org/wiki/display/JSG/cas-user >>> > >> >>> > >> >>> > > -- >>> > > You are currently subscribed to cas-user@lists.jasig.org as: >>> > michelle.zh...@fandm.edu >>> > > To unsubscribe, change settings or access archives, see >>> > http://www.ja-sig.org/wiki/display/JSG/cas-user >>> > > >>> > > >>> > >>> > >>> > -- >>> > Michelle Zhang >>> > Floyd Institute Center for Opinion Research >>> > Franklin & Marshall College >>> > P.O. Box 3003 >>> > Lancaster PA 17604-3003 >>> > Phone: (717) 358-4764 <%28717%29%20358-4764> >>> > michelle.zh...@fandm.edu >>> > >>> > -- >>> > You are currently subscribed to cas-user@lists.jasig.org as: >>> > waldb...@lafayette.edu >>> > To unsubscribe, change settings or access archives, see >>> > http://www.ja-sig.org/wiki/display/JSG/cas-user >>> > >>> > -- >>> > You are currently subscribed to cas-user@lists.jasig.org as: >>> > michelle.zh...@fandm.edu >>> > To unsubscribe, change settings or access archives, see >>> > http://www.ja-sig.org/wiki/display/JSG/cas-user >>> > >>> >>> >>> >>> -- >>> Michelle Zhang >>> Floyd Institute Center for Opinion Research >>> Franklin & Marshall College >>> P.O. Box 3003 >>> Lancaster PA 17604-3003 >>> Phone: (717) 358-4764 <%28717%29%20358-4764> >>> michelle.zh...@fandm.edu >>> >>> -- >>> You are currently subscribed to cas-user@lists.jasig.org as: >>> waldb...@lafayette.edu >>> To unsubscribe, change settings or access archives, see >>> http://www.ja-sig.org/wiki/display/JSG/cas-user >>> >>> -- >>> You are currently subscribed to cas-user@lists.jasig.org as: >>> michelle.zh...@fandm.edu >>> To unsubscribe, change settings or access archives, see >>> http://www.ja-sig.org/wiki/display/JSG/cas-user >>> >> >> >> >> -- >> Michelle Zhang >> Floyd Institute Center for Opinion Research >> Franklin & Marshall College >> P.O. Box 3003 >> Lancaster PA 17604-3003 >> Phone: (717) 358-4764 >> michelle.zh...@fandm.edu >> >> -- >> You are currently subscribed to cas-user@lists.jasig.org as: >> jgas...@unicon.net >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/display/JSG/cas-user >> >> >> -- >> You are currently subscribed to cas-user@lists.jasig.org as: >> michelle.zh...@fandm.edu >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/display/JSG/cas-user >> >> > > > -- > Michelle Zhang > Floyd Institute Center for Opinion Research > Franklin & Marshall College > P.O. Box 3003 > Lancaster PA 17604-3003 > Phone: (717) 358-4764 > michelle.zh...@fandm.edu > > -- > You are currently subscribed to cas-user@lists.jasig.org as: > jgas...@unicon.net > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > > -- > You are currently subscribed to cas-user@lists.jasig.org as: > michelle.zh...@fandm.edu > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- Michelle Zhang Floyd Institute Center for Opinion Research Franklin & Marshall College P.O. Box 3003 Lancaster PA 17604-3003 Phone: (717) 358-4764 michelle.zh...@fandm.edu -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
