>So now I wondering if its still pertains to the F5 not properly allowing the >traffic back to the application.
Anything in the firewall logs? Or/and set F5 to verbose logging? _______________________________ From: Juan Quintanilla [jquin...@fiu.edu] Sent: Friday, July 10, 2015 09:29 To: cas-user@lists.jasig.org Cc: Joseph Wong Subject: Re: [cas-user] CAS SSO User stuck on Login Page Hi, I will be changing the logging for the tomcat access logs so that I can see a little more details. Regarding the ldap logs we checked and it seems that during the time when the user is having this issue on the CAS login page there is no entries in our Ldap logs for an authentication attempt. So it seems that I would probably not find a post in the access logs. The only entry that I found for this particular user was after they closed their browser and tried logging in again which did generate an error on the login page for invalid credentials and once the correct credentials were entered they were able to access the page. So the next check is to see if there is a post being made in the access logs for tomcat. Would there not being enough ldap connections in the pool display an error in the cas.log? Or what could cause the page to go dead between tomcat and CAS. So now I wondering if its still pertains to the F5 not properly allowing the traffic back to the application. We are removing one of the webservers from the loop so that traffic can go to one server but any other tips or suggestions would be greatly appreciated. ___________________ Juan Quintanilla UTS - Enterprise Group 305-348-6573 jquin...@fiu.edu ________________________________________ From: Waldbieser, Carl <waldb...@lafayette.edu> Sent: Friday, July 10, 2015 11:38 AM To: cas-user@lists.jasig.org Cc: Joseph Wong Subject: Re: [cas-user] CAS SSO User stuck on Login Page If you crank up the log levels on Tomcat, you should see an HTTP POST in the access logs. That would indicate the credentials are delivered successfully to the CAS application. Do you see any evidence in your LDAP logs that an LDAP connection was dropped mid-stream? Thanks, Carl Waldbieser Lafayette College ----- Original Message ----- From: "Juan Quintanilla" <jquin...@fiu.edu> To: cas-user@lists.jasig.org Cc: "Joseph Wong" <jos...@fiu.edu> Sent: Friday, July 10, 2015 10:54:22 AM Subject: [cas-user] CAS SSO User stuck on Login Page Hi, I reached out the list earlier in the week regarding some issues we were having with some users remaining on the CAS Login page after being redirected by the client application. The user when they enter good credentials are presented with the login page again, if they enter bad credentials no error message is displayed on the login page. The transaction is not even recorded on the catalina.out, or the cas.log. The environment is running CAS 3.6.0 on tomcat 8 with ldap backend for authentication and Oracle Db for ticketing and the web servers are being load balanced on an F5. The issue is sporadic so its not consistent but once the user closes their browser and tries to login again they can access the application. My question, if a connection cannot be pulled from the ldap connection pool would an error be thrown? Our guess is that when the user hits the login page and enters their credentials the connection from the CAS web server on the F5 to the Ldap vip address which is on a different load balancer is being dropped or reset. What debugging on CAS could I enable to see whether that communication login info is even being received on the CAS application, or if the CAS application is seeing when the user enters the information on the login page. ___________________ Juan Quintanilla UTS - Enterprise Group 305-348-6573 jquin...@fiu.edu<mailto:jquin...@fiu.edu> -- You are currently subscribed to cas-user@lists.jasig.org as: waldb...@lafayette.edu To unsubscribe, change settings or access archives, see https://urldefense.proofpoint.com/v2/url?u=http-3A__www.ja-2Dsig.org_wiki_display_JSG_cas-2Duser&d=AwICAg&c=1QsCMERiq7JOmEnKpsSyjg&r=NauC5-J1X4CCd25sdSxQCA&m=P1Vy6kUPDQHHsV-zmWDbHAMHYMHV6yNx31MZXNU0M1c&s=ZUCT_hNKkfwBdQsctz0SxWt43Yi_j00ohT0mSByu7qE&e= -- You are currently subscribed to cas-user@lists.jasig.org as: jquin...@fiu.edu To unsubscribe, change settings or access archives, see https://urldefense.proofpoint.com/v2/url?u=http-3A__www.ja-2Dsig.org_wiki_display_JSG_cas-2Duser&d=AwICAg&c=1QsCMERiq7JOmEnKpsSyjg&r=NauC5-J1X4CCd25sdSxQCA&m=P1Vy6kUPDQHHsV-zmWDbHAMHYMHV6yNx31MZXNU0M1c&s=ZUCT_hNKkfwBdQsctz0SxWt43Yi_j00ohT0mSByu7qE&e= -- You are currently subscribed to cas-user@lists.jasig.org as: hari.mailvaga...@ubc.ca To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
