After I logged in to Cas, I'm redirected back to my page, and the url showing in the address bar is: http://test-spots.fandm.edu/
No ticket query string is showing or anything else...I thought it should be something like http://test-spots.fandm.edu?ticket=.......but I do not see it. On Fri, Sep 12, 2014 at 1:21 PM, John Gasper <jgas...@unicon.net> wrote: > I'm not sure I follow. Are you authenticated to your app when you get > sent back? The .NET CAS Client will consume the "ticket" querystring data, > validate the service ticket, populates the page.identity object, and > redirects the page to itself removing the "ticket" querystring. > > > On 9/12/14 9:40 AM, Michelle Zhang wrote: > > Oh great. I see. After I clear the cookies I can see the CAS too. Thank > you John! > > Right now after I logged in to CAS, I'm redirected to my default page, > but the url is not in the format which contains the ticket info...what > might be the problem? > > > Michelle > > On Fri, Sep 12, 2014 at 12:17 PM, John Gasper <jgas...@unicon.net> wrote: > >> Hi Michelle, >> >> Nice sleuthing! So when I go to http://test-spots.fandm.edu/ I get sent >> to you test CAS Server. If you were already logged into the CAS server it >> would have looked like it was only taking you to your homepage. >> >> It's looking OK to me. >> >> >> On 9/12/14 9:06 AM, Michelle Zhang wrote: >> >> Thank you John! I renamed Web.config file to web.xml and opened it in >> IE, it compiled right. >> So I started to check the items in Web.config file, and found: >> 1. I need to comment this out, otherwise I get 500 Internal Error: >> <modules runAllManagedModulesForAllRequests="true"/> >> 2. I need to add this: <validation >> validateIntegratedModeConfiguration="false"/>, otherwise I get 500.22 Error >> The problem is now when I type my website URL in the address bar in the >> browser, it goes to my webpage default page directly, it does not go to the >> CAS log in page. >> >> Any ideas why is that? I just pasted the web.config file in the bottom >> of the email, in case you have time to take a look for me. >> >> >> Michelle >> >> >> >> Web.config >> >> <?xml version="1.0"?> >> >> <configuration> >> <configSections> >> <!--<section name="securitySwitch" >> type="SecuritySwitch.Configuration.Settings, SecuritySwitch" >> requirePermission="false" />--> >> <section name="casClientConfig" >> type="DotNetCasClient.Configuration.CasClientConfiguration, >> DotNetCasClient"/> >> </configSections> >> <casClientConfig casServerLoginUrl=" >> https://cas-test.fandm.edu/cas/login" >> casServerUrlPrefix="https://cas-test.fandm.edu/cas" >> serverName="test-spots.fandm.edu" >> notAuthorizedUrl="~/Failed.aspx" >> cookiesRequiredUrl="" >> redirectAfterValidation="true" >> renew="false" singleSignOut="true" >> ticketValidatorName="Cas20" >> serviceTicketManager="CacheServiceTicketManager"/> >> >> <!--<securitySwitch mode="RemoteOnly"> >> <paths> >> <add path="~/Login.aspx" /> >> </paths> >> </securitySwitch>--> >> >> >> <connectionStrings> >> <add name="ApplicationServices" connectionString="data >> source=.\SQLEXPRESS;Integrated >> Security=SSPI;AttachDBFilename=|DataDirectory|\aspnetdb.mdf;User >> Instance=true" >> providerName="System.Data.SqlClient" /> >> </connectionStrings> >> <system.web> >> >> <!--<customErrors mode="Off" defaultRedirect="Error.aspx"/>--> >> <customErrors mode="Off"/> >> <compilation debug="true" targetFramework="4.0"/> >> >> <authentication mode="Forms"> >> <forms loginUrl="https://cas-test.fandm.edu/cas/login" timeout="30" >> defaultUrl="Default.aspx" >> cookieless="UseCookies" >> slidingExpiration="true" >> path="/" /> >> </authentication> >> <authorization> >> <deny users="?"/> >> </authorization> >> <httpModules> >> <add name="DotNetCasClient" >> >> type="DotNetCasClient.CasAuthenticationModule,DotNetCasClient"/> >> </httpModules> >> >> <sessionState timeout="2880"> >> </sessionState> >> <membership> >> <providers> >> <clear/> >> <add name="AspNetSqlMembershipProvider" >> type="System.Web.Security.SqlMembershipProvider" >> connectionStringName="ApplicationServices" enablePasswordRetrieval="false" >> enablePasswordReset="true" requiresQuestionAndAnswer="false" >> requiresUniqueEmail="false" maxInvalidPasswordAttempts="5" >> minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" >> passwordAttemptWindow="10" applicationName="/"/> >> </providers> >> </membership> >> <profile> >> <providers> >> <clear/> >> <add name="AspNetSqlProfileProvider" >> type="System.Web.Profile.SqlProfileProvider" >> connectionStringName="ApplicationServices" applicationName="/"/> >> </providers> >> </profile> >> <roleManager enabled="false"> >> <providers> >> <clear/> >> <add name="AspNetSqlRoleProvider" >> type="System.Web.Security.SqlRoleProvider" >> connectionStringName="ApplicationServices" applicationName="/"/> >> <add name="AspNetWindowsTokenRoleProvider" >> type="System.Web.Security.WindowsTokenRoleProvider" applicationName="/"/> >> </providers> >> </roleManager> >> >> </system.web> >> <system.webServer> >> <!--just added this on 9/12/14 11:46. >> without it or set to true: >> HTTP Error 500.22 - Internal Server Error >> An ASP.NET setting has been detected that does not apply in Integrated >> managed pipeline mode. >> with it: >> do not go to cas log in, but only go to the default page.--> >> <validation validateIntegratedModeConfiguration="false"/> >> <modules> >> <remove name="DotNetCasClient"/> >> <add name="DotNetCasClient" >> >> type="DotNetCasClient.CasAuthenticationModule,DotNetCasClient"/> >> </modules> >> <!--<httpErrors errorMode="Custom"> >> <error statusCode="500" subStatusCode="5" path=" >> https://spots.fandm.edu" responseMode="Redirect"/> >> <error statusCode="403" subStatusCode="4" path=" >> https://spots.fandm.edu" responseMode="Redirect"/> >> </httpErrors>--> >> <httpErrors errorMode="Detailed" /> >> >> <asp scriptErrorSentToBrowser="true"/> >> >> <!--need to comment it, otherwise 500 Error--> >> <!--<modules runAllManagedModulesForAllRequests="true"/>--> >> >> <defaultDocument> >> <files> >> <clear/> >> <add value="Default.aspx"/> >> </files> >> >> </defaultDocument> >> </system.webServer> >> >> >> </configuration> >> >> >> >> >> >> >> >> >> >> >> On Thu, Sep 11, 2014 at 5:13 PM, John Gasper <jgas...@unicon.net> wrote: >> >>> Hi Michelle, >>> >>> When I get these kind of errors with IIS, the first thing I check is >>> that the web.config file is valid xml. I usually rename the file to end in >>> .xml and open it in IE to make sure it parses correctly. If that checks out >>> make sure the new elements were added to the appropriate areas. I'd guess >>> something wrong in the web.config is probably the problem. >>> >>> Next, I usually enable Failed Request Tracing. You'll need to work with >>> your sys admin to configure and enable it, but this usually uncovers >>> everything. An xml file will be created that will merge to the xsl file in >>> the output directory. Open the xml in IE and that will make it a lot easier >>> to review. >>> >>> Give those a try and see what you find. >>> >>> Good luck! >>> >>> John >>> >>> >>> On 9/11/14 11:40 AM, Michelle Zhang wrote: >>> >>> Carl, >>> >>> I do not have access to the event viewer in the windows server. I'll >>> check with the personnel who has access to it. >>> >>> Yes the website works very good before adding the CAS client code. >>> >>> I tried to test with a "Hello World" test page but got the same error. >>> >>> Not sure how to set the error log...I found as soon as I logged in the >>> Cas Log In page, I got this error message. How to find out if the error is >>> happening before or after the request is routed? I do not have much access >>> to the server so I cannot debug the web pages using break point on the web >>> server.... >>> >>> >>> Michelle >>> >>> >>> >>> On Thu, Sep 11, 2014 at 2:10 PM, Waldbieser, Carl < >>> waldb...@lafayette.edu> wrote: >>> >>>> Michelle, >>>> >>>> Did you check the Windows event log to see if the error was logged >>>> elsewhere (e.g. under "Applications")? >>>> Did the web site work *prior* to adding the CAS client code? >>>> Can you serve *any* resource? E.g. a basic "Hello World" test page? >>>> Can you emit messages to an error log from your ASP page to see if the >>>> request is reaching the page or if the error is happening before the >>>> request is routed? >>>> >>>> Without knowing much about your setup, I am afraid I am someone limited >>>> in the advice I can offer. >>>> >>>> Thanks, >>>> Carl >>>> >>>> ----- Original Message ----- >>>> From: "Michelle Zhang" <michelle.zh...@fandm.edu> >>>> To: cas-user@lists.jasig.org >>>> Sent: Thursday, September 11, 2014 2:03:36 PM >>>> Subject: Re: [cas-user] Possible cause of 500 - Internal server error >>>> >>>> Hi Carl, >>>> >>>> Thank you again for helping! I did check the Log files under >>>> inetpub/logs/LogFiles and I did not see any error messages at all. >>>> >>>> Michelle >>>> >>>> On Thu, Sep 11, 2014 at 1:58 PM, Waldbieser, Carl < >>>> waldb...@lafayette.edu> >>>> wrote: >>>> >>>> > Michelle, >>>> > >>>> > A 500 error doesn't tell you much. >>>> > Is it possible for you to get access the the web server logs (e.g. >>>> Windows >>>> > Event logs) to see if there is any more specific information >>>> available? >>>> > >>>> > Thanks, >>>> > Carl Waldbieser >>>> > >>>> > ----- Original Message ----- >>>> > From: "Michelle Zhang" <michelle.zh...@fandm.edu> >>>> > To: cas-user@lists.jasig.org >>>> > Sent: Thursday, September 11, 2014 1:52:08 PM >>>> > Subject: Re: [cas-user] Possible cause of 500 - Internal server error >>>> > >>>> > Thank you Linda! >>>> > >>>> > on the webserver, the web page is not even go to CAS log in page, it >>>> turns >>>> > the 500 - Internal server error without doing anything. And there's >>>> no way >>>> > I can debug to find out what's the problem because it does go to the >>>> CAS >>>> > log in page when I run it on my local machine. >>>> > >>>> > On Thu, Sep 11, 2014 at 1:11 PM, Linda Toth <ltt...@alaska.edu> >>>> wrote: >>>> > >>>> > > We normally receive that error when the user is authenticated, but >>>> not >>>> > > authorized to use the target application. In the case of Banner, >>>> e.g., >>>> > > that application seeks an attribute called the UDC Identifier which >>>> is >>>> > used >>>> > > to establish role permissions for the various Banner applications. >>>> Once >>>> > > authenticated, our LDAP returns that attribute. A similar failure >>>> would >>>> > > occur any attribute the target application is seeking has not been >>>> > gathered >>>> > > from the authentication source. >>>> > > >>>> > > Linda >>>> > > >>>> > > Linda Toth >>>> > > University of Alaska - Office of Information Technology (OIT) - >>>> Identity >>>> > > and Access Management >>>> > > 910 Yukon Drive, Suite 103 >>>> > > Fairbanks, Alaska 99775 >>>> > > Tel: 907-450-8320 >>>> > > Fax: 907-450-8381 >>>> > > linda.t...@alaska.edu | www.alaska.edu/oit/ >>>> > > >>>> > > >>>> > > On Thu, Sep 11, 2014 at 7:13 AM, Michelle Zhang < >>>> > michelle.zh...@fandm.edu> >>>> > > wrote: >>>> > > >>>> > >> I'm using ASP.Net and just started to use CAS. >>>> > >> >>>> > >> On my local machine, after authenticated by the CAS log in page, >>>> I'm not >>>> > >> re-directed back to my default url but get this 500 - Internal >>>> server >>>> > error >>>> > >> message. >>>> > >> >>>> > >> On the webserver, if I type the website url on browser, I'm not >>>> > >> re-directed to the CAS log in page but just get 500 - Internal >>>> server >>>> > error >>>> > >> directly. >>>> > >> >>>> > >> Anyone knows why's that? >>>> > >> >>>> > >> >>>> > >> >>>> > >> Michelle <michelle.zh...@fandm.edu> >>>> > >> >>>> > >> -- >>>> > >> You are currently subscribed to cas-user@lists.jasig.org as: >>>> > ltt...@alaska.edu >>>> > >> To unsubscribe, change settings or access archives, see >>>> > http://www.ja-sig.org/wiki/display/JSG/cas-user >>>> > >> >>>> > >> >>>> > > -- >>>> > > You are currently subscribed to cas-user@lists.jasig.org as: >>>> > michelle.zh...@fandm.edu >>>> > > To unsubscribe, change settings or access archives, see >>>> > http://www.ja-sig.org/wiki/display/JSG/cas-user >>>> > > >>>> > > >>>> > >>>> > >>>> > -- >>>> > Michelle Zhang >>>> > Floyd Institute Center for Opinion Research >>>> > Franklin & Marshall College >>>> > P.O. Box 3003 >>>> > Lancaster PA 17604-3003 >>>> > Phone: (717) 358-4764 <%28717%29%20358-4764> >>>> > michelle.zh...@fandm.edu >>>> > >>>> > -- >>>> > You are currently subscribed to cas-user@lists.jasig.org as: >>>> > waldb...@lafayette.edu >>>> > To unsubscribe, change settings or access archives, see >>>> > http://www.ja-sig.org/wiki/display/JSG/cas-user >>>> > >>>> > -- >>>> > You are currently subscribed to cas-user@lists.jasig.org as: >>>> > michelle.zh...@fandm.edu >>>> > To unsubscribe, change settings or access archives, see >>>> > http://www.ja-sig.org/wiki/display/JSG/cas-user >>>> > >>>> >>>> >>>> >>>> -- >>>> Michelle Zhang >>>> Floyd Institute Center for Opinion Research >>>> Franklin & Marshall College >>>> P.O. Box 3003 >>>> Lancaster PA 17604-3003 >>>> Phone: (717) 358-4764 <%28717%29%20358-4764> >>>> michelle.zh...@fandm.edu >>>> >>>> -- >>>> You are currently subscribed to cas-user@lists.jasig.org as: >>>> waldb...@lafayette.edu >>>> To unsubscribe, change settings or access archives, see >>>> http://www.ja-sig.org/wiki/display/JSG/cas-user >>>> >>>> -- >>>> You are currently subscribed to cas-user@lists.jasig.org as: >>>> michelle.zh...@fandm.edu >>>> To unsubscribe, change settings or access archives, see >>>> http://www.ja-sig.org/wiki/display/JSG/cas-user >>>> >>> >>> >>> >>> -- >>> Michelle Zhang >>> Floyd Institute Center for Opinion Research >>> Franklin & Marshall College >>> P.O. Box 3003 >>> Lancaster PA 17604-3003 >>> Phone: (717) 358-4764 >>> michelle.zh...@fandm.edu >>> >>> -- >>> You are currently subscribed to cas-user@lists.jasig.org as: >>> jgas...@unicon.net >>> To unsubscribe, change settings or access archives, see >>> http://www.ja-sig.org/wiki/display/JSG/cas-user >>> >>> >>> -- >>> You are currently subscribed to cas-user@lists.jasig.org as: >>> michelle.zh...@fandm.edu >>> To unsubscribe, change settings or access archives, see >>> http://www.ja-sig.org/wiki/display/JSG/cas-user >>> >>> >> >> >> -- >> Michelle Zhang >> Floyd Institute Center for Opinion Research >> Franklin & Marshall College >> P.O. Box 3003 >> Lancaster PA 17604-3003 >> Phone: (717) 358-4764 >> michelle.zh...@fandm.edu >> >> -- >> You are currently subscribed to cas-user@lists.jasig.org as: >> jgas...@unicon.net >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/display/JSG/cas-user >> >> >> -- >> You are currently subscribed to cas-user@lists.jasig.org as: >> michelle.zh...@fandm.edu >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/display/JSG/cas-user >> >> > > > -- > Michelle Zhang > Floyd Institute Center for Opinion Research > Franklin & Marshall College > P.O. Box 3003 > Lancaster PA 17604-3003 > Phone: (717) 358-4764 > michelle.zh...@fandm.edu > > -- > You are currently subscribed to cas-user@lists.jasig.org as: > jgas...@unicon.net > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > > -- > You are currently subscribed to cas-user@lists.jasig.org as: > michelle.zh...@fandm.edu > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- Michelle Zhang Floyd Institute Center for Opinion Research Franklin & Marshall College P.O. Box 3003 Lancaster PA 17604-3003 Phone: (717) 358-4764 michelle.zh...@fandm.edu -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user