Re: [cas-user] Possible cause of 500 - Internal server error
correctly. If that checks out make sure the new elements were added to the appropriate areas. I'd guess something wrong in the web.config is probably the problem. Next, I usually enable Failed Request Tracing. You'll need to work with your sys admin to configure and enable it, but this usually uncovers everything. An xml file will be created that will merge to the xsl file in the output directory. Open the xml in IE and that will make it a lot easier to review. Give those a try and see what you find. Good luck! John On 9/11/14 11:40 AM, Michelle Zhang wrote: Carl, I do not have access to the event viewer in the windows server. I'll check with the personnel who has access to it. Yes the website works very good before adding the CAS client code. I tried to test with a Hello World test page but got the same error. Not sure how to set the error log...I found as soon as I logged in the Cas Log In page, I got this error message. How to find out if the error is happening before or after the request is routed? I do not have much access to the server so I cannot debug the web pages using break point on the web server Michelle On Thu, Sep 11, 2014 at 2:10 PM, Waldbieser, Carl waldb...@lafayette.edu wrote: Michelle, Did you check the Windows event log to see if the error was logged elsewhere (e.g. under Applications)? Did the web site work *prior* to adding the CAS client code? Can you serve *any* resource? E.g. a basic Hello World test page? Can you emit messages to an error log from your ASP page to see if the request is reaching the page or if the error is happening before the request is routed? Without knowing much about your setup, I am afraid I am someone limited in the advice I can offer. Thanks, Carl - Original Message - From: Michelle Zhang michelle.zh...@fandm.edu To: cas-user@lists.jasig.org Sent: Thursday, September 11, 2014 2:03:36 PM Subject: Re: [cas-user] Possible cause of 500 - Internal server error Hi Carl, Thank you again for helping! I did check the Log files under inetpub/logs/LogFiles and I did not see any error messages at all. Michelle On Thu, Sep 11, 2014 at 1:58 PM, Waldbieser, Carl waldb...@lafayette.edu wrote: Michelle, A 500 error doesn't tell you much. Is it possible for you to get access the the web server logs (e.g. Windows Event logs) to see if there is any more specific information available? Thanks, Carl Waldbieser - Original Message - From: Michelle Zhang michelle.zh...@fandm.edu To: cas-user@lists.jasig.org Sent: Thursday, September 11, 2014 1:52:08 PM Subject: Re: [cas-user] Possible cause of 500 - Internal server error Thank you Linda! on the webserver, the web page is not even go to CAS log in page, it turns the 500 - Internal server error without doing anything. And there's no way I can debug to find out what's the problem because it does go to the CAS log in page when I run it on my local machine. On Thu, Sep 11, 2014 at 1:11 PM, Linda Toth ltt...@alaska.edu wrote: We normally receive that error when the user is authenticated, but not authorized to use the target application. In the case of Banner, e.g., that application seeks an attribute called the UDC Identifier which is used to establish role permissions for the various Banner applications. Once authenticated, our LDAP returns that attribute. A similar failure would occur any attribute the target application is seeking has not been gathered from the authentication source. Linda Linda Toth University of Alaska - Office of Information Technology (OIT) - Identity and Access Management 910 Yukon Drive, Suite 103 Fairbanks, Alaska 99775 Tel: 907-450-8320 Fax: 907-450-8381 linda.t...@alaska.edu | www.alaska.edu/oit/ On Thu, Sep 11, 2014 at 7:13 AM, Michelle Zhang michelle.zh...@fandm.edu wrote: I'm using ASP.Net and just started to use CAS. On my local machine, after authenticated by the CAS log in page, I'm not re-directed back to my default url but get this 500 - Internal server error message. On the webserver, if I type the website url on browser, I'm not re-directed to the CAS log in page but just get 500 - Internal server error directly. Anyone knows why's that? Michelle michelle.zh...@fandm.edu -- You are currently subscribed to cas-user@lists.jasig.org as: ltt...@alaska.edu To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org as: michelle.zh...@fandm.edu To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- Michelle Zhang Floyd Institute Center for Opinion Research Franklin Marshall College P.O. Box 3003 Lancaster PA 17604-3003
Re: [cas-user] Possible cause of 500 - Internal server error
Oh great. I see. After I clear the cookies I can see the CAS too. Thank you John! Right now after I logged in to CAS, I'm redirected to my default page, but the url is not in the format which contains the ticket info...what might be the problem? Michelle On Fri, Sep 12, 2014 at 12:17 PM, John Gasper jgas...@unicon.net wrote: Hi Michelle, Nice sleuthing! So when I go to http://test-spots.fandm.edu/ I get sent to you test CAS Server. If you were already logged into the CAS server it would have looked like it was only taking you to your homepage. It's looking OK to me. On 9/12/14 9:06 AM, Michelle Zhang wrote: Thank you John! I renamed Web.config file to web.xml and opened it in IE, it compiled right. So I started to check the items in Web.config file, and found: 1. I need to comment this out, otherwise I get 500 Internal Error: modules runAllManagedModulesForAllRequests=true/ 2. I need to add this: validation validateIntegratedModeConfiguration=false/, otherwise I get 500.22 Error The problem is now when I type my website URL in the address bar in the browser, it goes to my webpage default page directly, it does not go to the CAS log in page. Any ideas why is that? I just pasted the web.config file in the bottom of the email, in case you have time to take a look for me. Michelle Web.config ?xml version=1.0? configuration configSections !--section name=securitySwitch type=SecuritySwitch.Configuration.Settings, SecuritySwitch requirePermission=false /-- section name=casClientConfig type=DotNetCasClient.Configuration.CasClientConfiguration, DotNetCasClient/ /configSections casClientConfig casServerLoginUrl=https://cas-test.fandm.edu/cas/login casServerUrlPrefix=https://cas-test.fandm.edu/cas; serverName=test-spots.fandm.edu notAuthorizedUrl=~/Failed.aspx cookiesRequiredUrl= redirectAfterValidation=true renew=false singleSignOut=true ticketValidatorName=Cas20 serviceTicketManager=CacheServiceTicketManager/ !--securitySwitch mode=RemoteOnly paths add path=~/Login.aspx / /paths /securitySwitch-- connectionStrings add name=ApplicationServices connectionString=data source=.\SQLEXPRESS;Integrated Security=SSPI;AttachDBFilename=|DataDirectory|\aspnetdb.mdf;User Instance=true providerName=System.Data.SqlClient / /connectionStrings system.web !--customErrors mode=Off defaultRedirect=Error.aspx/-- customErrors mode=Off/ compilation debug=true targetFramework=4.0/ authentication mode=Forms forms loginUrl=https://cas-test.fandm.edu/cas/login; timeout=30 defaultUrl=Default.aspx cookieless=UseCookies slidingExpiration=true path=/ / /authentication authorization deny users=?/ /authorization httpModules add name=DotNetCasClient type=DotNetCasClient.CasAuthenticationModule,DotNetCasClient/ /httpModules sessionState timeout=2880 /sessionState membership providers clear/ add name=AspNetSqlMembershipProvider type=System.Web.Security.SqlMembershipProvider connectionStringName=ApplicationServices enablePasswordRetrieval=false enablePasswordReset=true requiresQuestionAndAnswer=false requiresUniqueEmail=false maxInvalidPasswordAttempts=5 minRequiredPasswordLength=6 minRequiredNonalphanumericCharacters=0 passwordAttemptWindow=10 applicationName=// /providers /membership profile providers clear/ add name=AspNetSqlProfileProvider type=System.Web.Profile.SqlProfileProvider connectionStringName=ApplicationServices applicationName=// /providers /profile roleManager enabled=false providers clear/ add name=AspNetSqlRoleProvider type=System.Web.Security.SqlRoleProvider connectionStringName=ApplicationServices applicationName=// add name=AspNetWindowsTokenRoleProvider type=System.Web.Security.WindowsTokenRoleProvider applicationName=// /providers /roleManager /system.web system.webServer !--just added this on 9/12/14 11:46. without it or set to true: HTTP Error 500.22 - Internal Server Error An ASP.NET setting has been detected that does not apply in Integrated managed pipeline mode. with it: do not go to cas log in, but only go to the default page.-- validation validateIntegratedModeConfiguration=false/ modules remove name=DotNetCasClient/ add name=DotNetCasClient type=DotNetCasClient.CasAuthenticationModule,DotNetCasClient/ /modules !--httpErrors errorMode=Custom error statusCode=500 subStatusCode=5 path= https://spots.fandm.edu; responseMode
Re: [cas-user] Possible cause of 500 - Internal server error
After I logged in to Cas, I'm redirected back to my page, and the url showing in the address bar is: http://test-spots.fandm.edu/ No ticket query string is showing or anything else...I thought it should be something like http://test-spots.fandm.edu?ticket=...but I do not see it. On Fri, Sep 12, 2014 at 1:21 PM, John Gasper jgas...@unicon.net wrote: I'm not sure I follow. Are you authenticated to your app when you get sent back? The .NET CAS Client will consume the ticket querystring data, validate the service ticket, populates the page.identity object, and redirects the page to itself removing the ticket querystring. On 9/12/14 9:40 AM, Michelle Zhang wrote: Oh great. I see. After I clear the cookies I can see the CAS too. Thank you John! Right now after I logged in to CAS, I'm redirected to my default page, but the url is not in the format which contains the ticket info...what might be the problem? Michelle On Fri, Sep 12, 2014 at 12:17 PM, John Gasper jgas...@unicon.net wrote: Hi Michelle, Nice sleuthing! So when I go to http://test-spots.fandm.edu/ I get sent to you test CAS Server. If you were already logged into the CAS server it would have looked like it was only taking you to your homepage. It's looking OK to me. On 9/12/14 9:06 AM, Michelle Zhang wrote: Thank you John! I renamed Web.config file to web.xml and opened it in IE, it compiled right. So I started to check the items in Web.config file, and found: 1. I need to comment this out, otherwise I get 500 Internal Error: modules runAllManagedModulesForAllRequests=true/ 2. I need to add this: validation validateIntegratedModeConfiguration=false/, otherwise I get 500.22 Error The problem is now when I type my website URL in the address bar in the browser, it goes to my webpage default page directly, it does not go to the CAS log in page. Any ideas why is that? I just pasted the web.config file in the bottom of the email, in case you have time to take a look for me. Michelle Web.config ?xml version=1.0? configuration configSections !--section name=securitySwitch type=SecuritySwitch.Configuration.Settings, SecuritySwitch requirePermission=false /-- section name=casClientConfig type=DotNetCasClient.Configuration.CasClientConfiguration, DotNetCasClient/ /configSections casClientConfig casServerLoginUrl= https://cas-test.fandm.edu/cas/login; casServerUrlPrefix=https://cas-test.fandm.edu/cas; serverName=test-spots.fandm.edu notAuthorizedUrl=~/Failed.aspx cookiesRequiredUrl= redirectAfterValidation=true renew=false singleSignOut=true ticketValidatorName=Cas20 serviceTicketManager=CacheServiceTicketManager/ !--securitySwitch mode=RemoteOnly paths add path=~/Login.aspx / /paths /securitySwitch-- connectionStrings add name=ApplicationServices connectionString=data source=.\SQLEXPRESS;Integrated Security=SSPI;AttachDBFilename=|DataDirectory|\aspnetdb.mdf;User Instance=true providerName=System.Data.SqlClient / /connectionStrings system.web !--customErrors mode=Off defaultRedirect=Error.aspx/-- customErrors mode=Off/ compilation debug=true targetFramework=4.0/ authentication mode=Forms forms loginUrl=https://cas-test.fandm.edu/cas/login; timeout=30 defaultUrl=Default.aspx cookieless=UseCookies slidingExpiration=true path=/ / /authentication authorization deny users=?/ /authorization httpModules add name=DotNetCasClient type=DotNetCasClient.CasAuthenticationModule,DotNetCasClient/ /httpModules sessionState timeout=2880 /sessionState membership providers clear/ add name=AspNetSqlMembershipProvider type=System.Web.Security.SqlMembershipProvider connectionStringName=ApplicationServices enablePasswordRetrieval=false enablePasswordReset=true requiresQuestionAndAnswer=false requiresUniqueEmail=false maxInvalidPasswordAttempts=5 minRequiredPasswordLength=6 minRequiredNonalphanumericCharacters=0 passwordAttemptWindow=10 applicationName=// /providers /membership profile providers clear/ add name=AspNetSqlProfileProvider type=System.Web.Profile.SqlProfileProvider connectionStringName=ApplicationServices applicationName=// /providers /profile roleManager enabled=false providers clear/ add name=AspNetSqlRoleProvider type=System.Web.Security.SqlRoleProvider connectionStringName=ApplicationServices applicationName=// add name=AspNetWindowsTokenRoleProvider type=System.Web.Security.WindowsTokenRoleProvider applicationName=// /providers /roleManager
Re: [cas-user] Possible cause of 500 - Internal server error
Thank you Linda! on the webserver, the web page is not even go to CAS log in page, it turns the 500 - Internal server error without doing anything. And there's no way I can debug to find out what's the problem because it does go to the CAS log in page when I run it on my local machine. On Thu, Sep 11, 2014 at 1:11 PM, Linda Toth ltt...@alaska.edu wrote: We normally receive that error when the user is authenticated, but not authorized to use the target application. In the case of Banner, e.g., that application seeks an attribute called the UDC Identifier which is used to establish role permissions for the various Banner applications. Once authenticated, our LDAP returns that attribute. A similar failure would occur any attribute the target application is seeking has not been gathered from the authentication source. Linda Linda Toth University of Alaska - Office of Information Technology (OIT) - Identity and Access Management 910 Yukon Drive, Suite 103 Fairbanks, Alaska 99775 Tel: 907-450-8320 Fax: 907-450-8381 linda.t...@alaska.edu | www.alaska.edu/oit/ On Thu, Sep 11, 2014 at 7:13 AM, Michelle Zhang michelle.zh...@fandm.edu wrote: I'm using ASP.Net and just started to use CAS. On my local machine, after authenticated by the CAS log in page, I'm not re-directed back to my default url but get this 500 - Internal server error message. On the webserver, if I type the website url on browser, I'm not re-directed to the CAS log in page but just get 500 - Internal server error directly. Anyone knows why's that? Michelle michelle.zh...@fandm.edu -- You are currently subscribed to cas-user@lists.jasig.org as: ltt...@alaska.edu To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org as: michelle.zh...@fandm.edu To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- Michelle Zhang Floyd Institute Center for Opinion Research Franklin Marshall College P.O. Box 3003 Lancaster PA 17604-3003 Phone: (717) 358-4764 michelle.zh...@fandm.edu -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
Re: [cas-user] Possible cause of 500 - Internal server error
Hi Carl, Thank you again for helping! I did check the Log files under inetpub/logs/LogFiles and I did not see any error messages at all. Michelle On Thu, Sep 11, 2014 at 1:58 PM, Waldbieser, Carl waldb...@lafayette.edu wrote: Michelle, A 500 error doesn't tell you much. Is it possible for you to get access the the web server logs (e.g. Windows Event logs) to see if there is any more specific information available? Thanks, Carl Waldbieser - Original Message - From: Michelle Zhang michelle.zh...@fandm.edu To: cas-user@lists.jasig.org Sent: Thursday, September 11, 2014 1:52:08 PM Subject: Re: [cas-user] Possible cause of 500 - Internal server error Thank you Linda! on the webserver, the web page is not even go to CAS log in page, it turns the 500 - Internal server error without doing anything. And there's no way I can debug to find out what's the problem because it does go to the CAS log in page when I run it on my local machine. On Thu, Sep 11, 2014 at 1:11 PM, Linda Toth ltt...@alaska.edu wrote: We normally receive that error when the user is authenticated, but not authorized to use the target application. In the case of Banner, e.g., that application seeks an attribute called the UDC Identifier which is used to establish role permissions for the various Banner applications. Once authenticated, our LDAP returns that attribute. A similar failure would occur any attribute the target application is seeking has not been gathered from the authentication source. Linda Linda Toth University of Alaska - Office of Information Technology (OIT) - Identity and Access Management 910 Yukon Drive, Suite 103 Fairbanks, Alaska 99775 Tel: 907-450-8320 Fax: 907-450-8381 linda.t...@alaska.edu | www.alaska.edu/oit/ On Thu, Sep 11, 2014 at 7:13 AM, Michelle Zhang michelle.zh...@fandm.edu wrote: I'm using ASP.Net and just started to use CAS. On my local machine, after authenticated by the CAS log in page, I'm not re-directed back to my default url but get this 500 - Internal server error message. On the webserver, if I type the website url on browser, I'm not re-directed to the CAS log in page but just get 500 - Internal server error directly. Anyone knows why's that? Michelle michelle.zh...@fandm.edu -- You are currently subscribed to cas-user@lists.jasig.org as: ltt...@alaska.edu To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org as: michelle.zh...@fandm.edu To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- Michelle Zhang Floyd Institute Center for Opinion Research Franklin Marshall College P.O. Box 3003 Lancaster PA 17604-3003 Phone: (717) 358-4764 michelle.zh...@fandm.edu -- You are currently subscribed to cas-user@lists.jasig.org as: waldb...@lafayette.edu To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org as: michelle.zh...@fandm.edu To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- Michelle Zhang Floyd Institute Center for Opinion Research Franklin Marshall College P.O. Box 3003 Lancaster PA 17604-3003 Phone: (717) 358-4764 michelle.zh...@fandm.edu -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
Re: [cas-user] Possible cause of 500 - Internal server error
Carl, I do not have access to the event viewer in the windows server. I'll check with the personnel who has access to it. Yes the website works very good before adding the CAS client code. I tried to test with a Hello World test page but got the same error. Not sure how to set the error log...I found as soon as I logged in the Cas Log In page, I got this error message. How to find out if the error is happening before or after the request is routed? I do not have much access to the server so I cannot debug the web pages using break point on the web server Michelle On Thu, Sep 11, 2014 at 2:10 PM, Waldbieser, Carl waldb...@lafayette.edu wrote: Michelle, Did you check the Windows event log to see if the error was logged elsewhere (e.g. under Applications)? Did the web site work *prior* to adding the CAS client code? Can you serve *any* resource? E.g. a basic Hello World test page? Can you emit messages to an error log from your ASP page to see if the request is reaching the page or if the error is happening before the request is routed? Without knowing much about your setup, I am afraid I am someone limited in the advice I can offer. Thanks, Carl - Original Message - From: Michelle Zhang michelle.zh...@fandm.edu To: cas-user@lists.jasig.org Sent: Thursday, September 11, 2014 2:03:36 PM Subject: Re: [cas-user] Possible cause of 500 - Internal server error Hi Carl, Thank you again for helping! I did check the Log files under inetpub/logs/LogFiles and I did not see any error messages at all. Michelle On Thu, Sep 11, 2014 at 1:58 PM, Waldbieser, Carl waldb...@lafayette.edu wrote: Michelle, A 500 error doesn't tell you much. Is it possible for you to get access the the web server logs (e.g. Windows Event logs) to see if there is any more specific information available? Thanks, Carl Waldbieser - Original Message - From: Michelle Zhang michelle.zh...@fandm.edu To: cas-user@lists.jasig.org Sent: Thursday, September 11, 2014 1:52:08 PM Subject: Re: [cas-user] Possible cause of 500 - Internal server error Thank you Linda! on the webserver, the web page is not even go to CAS log in page, it turns the 500 - Internal server error without doing anything. And there's no way I can debug to find out what's the problem because it does go to the CAS log in page when I run it on my local machine. On Thu, Sep 11, 2014 at 1:11 PM, Linda Toth ltt...@alaska.edu wrote: We normally receive that error when the user is authenticated, but not authorized to use the target application. In the case of Banner, e.g., that application seeks an attribute called the UDC Identifier which is used to establish role permissions for the various Banner applications. Once authenticated, our LDAP returns that attribute. A similar failure would occur any attribute the target application is seeking has not been gathered from the authentication source. Linda Linda Toth University of Alaska - Office of Information Technology (OIT) - Identity and Access Management 910 Yukon Drive, Suite 103 Fairbanks, Alaska 99775 Tel: 907-450-8320 Fax: 907-450-8381 linda.t...@alaska.edu | www.alaska.edu/oit/ On Thu, Sep 11, 2014 at 7:13 AM, Michelle Zhang michelle.zh...@fandm.edu wrote: I'm using ASP.Net and just started to use CAS. On my local machine, after authenticated by the CAS log in page, I'm not re-directed back to my default url but get this 500 - Internal server error message. On the webserver, if I type the website url on browser, I'm not re-directed to the CAS log in page but just get 500 - Internal server error directly. Anyone knows why's that? Michelle michelle.zh...@fandm.edu -- You are currently subscribed to cas-user@lists.jasig.org as: ltt...@alaska.edu To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org as: michelle.zh...@fandm.edu To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- Michelle Zhang Floyd Institute Center for Opinion Research Franklin Marshall College P.O. Box 3003 Lancaster PA 17604-3003 Phone: (717) 358-4764 michelle.zh...@fandm.edu -- You are currently subscribed to cas-user@lists.jasig.org as: waldb...@lafayette.edu To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org as: michelle.zh...@fandm.edu To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- Michelle Zhang Floyd Institute Center for Opinion Research Franklin Marshall College P.O. Box 3003 Lancaster PA 17604-3003
Re: [cas-user] Redirect page after authenticated
Seems now it redirected to the wrong page. I'm looking at the server name attribute under casClientConfig. Shall I use the webserver name ( webserver.bb.edu) here or the name of the website (https://aa.bb.edu)? According to https://wiki.jasig.org/display/casc/.net+cas+client - *serverName* REQUIRED Host name of the server hosting this application. This is used to generate URLs that will be sent to the CAS server for redirection. The CAS server must be able to resolve this host name. If your web application is behind a load balancer, SSL offloader, or any other type of device that accepts incoming requests on behalf of the web application, you will generally need to supply the public facing host name unless your CAS server is in the same private network as the application server. The protocol prefix is optional (http:// or https://). If you are using a non-standard port number, be sure to include it (i.e., server.school.edu:8443 or https://server.school.edu:8443). Do not include the trailing backslash. On Mon, Sep 8, 2014 at 4:41 PM, Michelle Zhang michelle.zh...@fandm.edu wrote: Thank you Carl! Do I need to add it as a class to my App_Code? or just register it in web.config? Michelle On Mon, Sep 8, 2014 at 4:34 PM, Waldbieser, Carl waldb...@lafayette.edu wrote: Michelle, I am looking at the source on GitHub: https://github.com/Jasig/dotnet-cas-client/blob/master/DotNetCasClient/CasAuthenticationModule.cs Thanks, Carl - Original Message - From: Michelle Zhang michelle.zh...@fandm.edu To: cas-user@lists.jasig.org Sent: Monday, September 8, 2014 4:24:42 PM Subject: Re: [cas-user] Redirect page after authenticated Carl, where can I find DotNetCasClient/CasAuthenticationModule.cs? The only classes I included are DotNetCasAttributePrincipal.cs and DotNetCASClient.cs. If I just type in the path: https://CASServerName/cas/login?requesturl=https://myWebServerName/Account/login.aspx https://CASServerName/cas/login?service=https://myWebServerName I'm redirected to the cas login successful page. Just now I uncommentted this modules block in web.config file: modules remove name=DotNetCasClient/ add name=DotNetCasClient type=DotNetCasClient.CasAuthenticationModule,DotNetCasClient/ /modules And now after log in, it redirected me to one of my web pages, not the account/login.aspx. I'm thinking this is kind of a small step forward. Still need to figure out how to get the return url right. Thanks again, Michelle https://CASServerName/cas/login?service=https://myWebServerName On Mon, Sep 8, 2014 at 3:45 PM, Waldbieser, Carl waldb...@lafayette.edu wrote: Michelle, The source code file DotNetCasClient/CasAuthenticationModule.cs has some comments that may partially explain why you are seeing ReturnUrl instead of service. It seems like the ASP.NET framework is not intercepting the request as it is routed to FormsLoginUrl. Do you have debugging turned on? That would probably help you determine what configuration you may be missing. You can try hitting the CAS server directly with: https://CASServerName/cas/login?service=https://myWebServerName to see if service ticket validation is working. Thanks, Carl - Original Message - From: Michelle Zhang michelle.zh...@fandm.edu To: cas-user@lists.jasig.org Sent: Monday, September 8, 2014 3:09:14 PM Subject: Re: [cas-user] Redirect page after authenticated Carl, I made such change now: casClientConfig casServerLoginUrl=https://CASServerName/cas/login https://CASEServerName/cas casServerUrlPrefix=https://CASServerName/cas https://CASEServerName/cas serverName=https://myWebServerName https://CASEServerName/cas notAuthorizedUrl=~/Failed.aspx cookiesRequiredUrl= https://myWebServerName/Account/Login.aspx; redirectAfterValidation=true renew=false singleSignOut=true ticketValidatorName=Cas20 serviceTicketManager=CacheServiceTicketManager/ and still have the problem. Thanks again! Michelle On Mon, Sep 8, 2014 at 3:01 PM, Waldbieser, Carl waldb...@lafayette.edu wrote: Michelle, It looks like serverName in casClientConfig ought to be https://myWebServerName;. From the instructions: Host name of the server hosting this application. This is used to generate URLs that will be sent to the CAS server for redirection. Thanks, Carl - Original Message - From: Michelle Zhang michelle.zh...@fandm.edu To: cas-user@lists.jasig.org Sent: Monday, September 8, 2014 2:50:34 PM Subject: Re: [cas-user] Redirect page after authenticated Carl, Thank you for checking for me! I made the change, now the code in web.config shows: authentication mode=Forms forms loginUrl=https
[cas-user] Redirect page after authenticated
Hi there, I'm a .Net developer and now just started to work with CAS. I have made associate changes on the web.config files so now after I typed in the url ( https://servername), I'm directed to the CAS log in page. After I logged in, I'm supposed to be redirected to my default page which specified in web.config file: files clear/ add value=Account/Login.aspx/ /files However I am always being directed to the same log in successful page with the url showing as: https://servername/cas/login?ReturnUrl=%2f Any suggestions? michelle.zh...@fandm.edu -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
Re: [cas-user] Redirect page after authenticated
Dear Carl, Thank you very much for the reply! I do not see the service parameter on the URL. The URL is just showing as: https://CASEServerName/cas/login?ReturnUrl=%2f In my web.config file, I have set the url in the defaultUrl attribute: authentication mode=Forms forms loginUrl=https://CASEServerName/cas; timeout=30 defaultUrl=https://myWebServerName/Account/Login.aspx; cookieless=UseCookies slidingExpiration=true path=/SPOT/ name=.ASPXFORMSAUTH/ !--path=/ApplicationName/-- /authentication Do you know where else should I set the service parameter? Michelle On Mon, Sep 8, 2014 at 2:05 PM, Waldbieser, Carl waldb...@lafayette.edu wrote: Michelle, When you are sent to the CAS login page, what is the value of the `service` parameter on the URL? That is the URL you will be redirected to on successful login. If that URL is *not* correct, your CAS client is sending the wrong service parameter. If it is correct, you should check to see if your web app is redirecting from the service URL to the final URL. Thanks, Carl Waldbieser Lafayette College - Original Message - From: Michelle Zhang michelle.zh...@fandm.edu To: cas-user@lists.jasig.org Sent: Monday, September 8, 2014 10:42:22 AM Subject: [cas-user] Redirect page after authenticated Hi there, I'm a .Net developer and now just started to work with CAS. I have made associate changes on the web.config files so now after I typed in the url ( https://servername), I'm directed to the CAS log in page. After I logged in, I'm supposed to be redirected to my default page which specified in web.config file: files clear/ add value=Account/Login.aspx/ /files However I am always being directed to the same log in successful page with the url showing as: https://servername/cas/login?ReturnUrl=%2f Any suggestions? michelle.zh...@fandm.edu -- You are currently subscribed to cas-user@lists.jasig.org as: waldb...@lafayette.edu To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org as: michelle.zh...@fandm.edu To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- Michelle Zhang Floyd Institute Center for Opinion Research Franklin Marshall College P.O. Box 3003 Lancaster PA 17604-3003 Phone: (717) 358-4764 michelle.zh...@fandm.edu -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
Re: [cas-user] Redirect page after authenticated
Carl, Thank you for checking for me! I made the change, now the code in web.config shows: authentication mode=Forms forms loginUrl=https://CASServerName/cas/login https://CASEServerName/cas timeout=30 defaultUrl=https://myWebServerName/Account/Login.aspx; cookieless=UseCookies slidingExpiration=true path=/SPOT/ name=.ASPXFORMSAUTH/ /authentication Same to the casClientConfig: casClientConfig casServerLoginUrl=https://CASServerName/cas/login https://CASEServerName/cas casServerUrlPrefix=https://CASServerName/cas https://CASEServerName/cas serverName=https://CASServerName https://CASEServerName/cas:8443 notAuthorizedUrl=~/Failed.aspx cookiesRequiredUrl= https://myWebServerName/Account/Login.aspx; redirectAfterValidation=true renew=false singleSignOut=true ticketValidatorName=Cas20 serviceTicketManager=CacheServiceTicketManager/ When I upload and test again, nothing changed Michelle On Mon, Sep 8, 2014 at 2:42 PM, Waldbieser, Carl waldb...@lafayette.edu wrote: Michelle, Shouldn't your loginUrl be https://CASEServerName/cas/login;? It should match the casServerLoginUrl in your casClientConfig section [1] Thanks, Carl [1] https://wiki.jasig.org/display/casc/.net+cas+client - Original Message - From: Michelle Zhang michelle.zh...@fandm.edu To: cas-user@lists.jasig.org Sent: Monday, September 8, 2014 2:12:02 PM Subject: Re: [cas-user] Redirect page after authenticated Dear Carl, Thank you very much for the reply! I do not see the service parameter on the URL. The URL is just showing as: https://CASEServerName/cas/login?ReturnUrl=%2f In my web.config file, I have set the url in the defaultUrl attribute: authentication mode=Forms forms loginUrl=https://CASEServerName/cas; timeout=30 defaultUrl=https://myWebServerName/Account/Login.aspx; cookieless=UseCookies slidingExpiration=true path=/SPOT/ name=.ASPXFORMSAUTH/ !--path=/ApplicationName/-- /authentication Do you know where else should I set the service parameter? Michelle On Mon, Sep 8, 2014 at 2:05 PM, Waldbieser, Carl waldb...@lafayette.edu wrote: Michelle, When you are sent to the CAS login page, what is the value of the `service` parameter on the URL? That is the URL you will be redirected to on successful login. If that URL is *not* correct, your CAS client is sending the wrong service parameter. If it is correct, you should check to see if your web app is redirecting from the service URL to the final URL. Thanks, Carl Waldbieser Lafayette College - Original Message - From: Michelle Zhang michelle.zh...@fandm.edu To: cas-user@lists.jasig.org Sent: Monday, September 8, 2014 10:42:22 AM Subject: [cas-user] Redirect page after authenticated Hi there, I'm a .Net developer and now just started to work with CAS. I have made associate changes on the web.config files so now after I typed in the url ( https://servername), I'm directed to the CAS log in page. After I logged in, I'm supposed to be redirected to my default page which specified in web.config file: files clear/ add value=Account/Login.aspx/ /files However I am always being directed to the same log in successful page with the url showing as: https://servername/cas/login?ReturnUrl=%2f Any suggestions? michelle.zh...@fandm.edu -- You are currently subscribed to cas-user@lists.jasig.org as: waldb...@lafayette.edu To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org as: michelle.zh...@fandm.edu To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- Michelle Zhang Floyd Institute Center for Opinion Research Franklin Marshall College P.O. Box 3003 Lancaster PA 17604-3003 Phone: (717) 358-4764 michelle.zh...@fandm.edu -- You are currently subscribed to cas-user@lists.jasig.org as: waldb...@lafayette.edu To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org as: michelle.zh...@fandm.edu To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- Michelle Zhang Floyd Institute Center for Opinion Research Franklin Marshall College P.O. Box 3003 Lancaster PA 17604-3003 Phone: (717) 358-4764 michelle.zh...@fandm.edu -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http
Re: [cas-user] Redirect page after authenticated
Carl, I made such change now: casClientConfig casServerLoginUrl=https://CASServerName/cas/login https://CASEServerName/cas casServerUrlPrefix=https://CASServerName/cas https://CASEServerName/cas serverName=https://myWebServerName https://CASEServerName/cas notAuthorizedUrl=~/Failed.aspx cookiesRequiredUrl= https://myWebServerName/Account/Login.aspx; redirectAfterValidation=true renew=false singleSignOut=true ticketValidatorName=Cas20 serviceTicketManager=CacheServiceTicketManager/ and still have the problem. Thanks again! Michelle On Mon, Sep 8, 2014 at 3:01 PM, Waldbieser, Carl waldb...@lafayette.edu wrote: Michelle, It looks like serverName in casClientConfig ought to be https://myWebServerName;. From the instructions: Host name of the server hosting this application. This is used to generate URLs that will be sent to the CAS server for redirection. Thanks, Carl - Original Message - From: Michelle Zhang michelle.zh...@fandm.edu To: cas-user@lists.jasig.org Sent: Monday, September 8, 2014 2:50:34 PM Subject: Re: [cas-user] Redirect page after authenticated Carl, Thank you for checking for me! I made the change, now the code in web.config shows: authentication mode=Forms forms loginUrl=https://CASServerName/cas/login https://CASEServerName/cas timeout=30 defaultUrl=https://myWebServerName/Account/Login.aspx; cookieless=UseCookies slidingExpiration=true path=/SPOT/ name=.ASPXFORMSAUTH/ /authentication Same to the casClientConfig: casClientConfig casServerLoginUrl=https://CASServerName/cas/login https://CASEServerName/cas casServerUrlPrefix=https://CASServerName/cas https://CASEServerName/cas serverName=https://CASServerName https://CASEServerName/cas:8443 notAuthorizedUrl=~/Failed.aspx cookiesRequiredUrl= https://myWebServerName/Account/Login.aspx; redirectAfterValidation=true renew=false singleSignOut=true ticketValidatorName=Cas20 serviceTicketManager=CacheServiceTicketManager/ When I upload and test again, nothing changed Michelle On Mon, Sep 8, 2014 at 2:42 PM, Waldbieser, Carl waldb...@lafayette.edu wrote: Michelle, Shouldn't your loginUrl be https://CASEServerName/cas/login;? It should match the casServerLoginUrl in your casClientConfig section [1] Thanks, Carl [1] https://wiki.jasig.org/display/casc/.net+cas+client - Original Message - From: Michelle Zhang michelle.zh...@fandm.edu To: cas-user@lists.jasig.org Sent: Monday, September 8, 2014 2:12:02 PM Subject: Re: [cas-user] Redirect page after authenticated Dear Carl, Thank you very much for the reply! I do not see the service parameter on the URL. The URL is just showing as: https://CASEServerName/cas/login?ReturnUrl=%2f In my web.config file, I have set the url in the defaultUrl attribute: authentication mode=Forms forms loginUrl=https://CASEServerName/cas; timeout=30 defaultUrl=https://myWebServerName/Account/Login.aspx; cookieless=UseCookies slidingExpiration=true path=/SPOT/ name=.ASPXFORMSAUTH/ !--path=/ApplicationName/-- /authentication Do you know where else should I set the service parameter? Michelle On Mon, Sep 8, 2014 at 2:05 PM, Waldbieser, Carl waldb...@lafayette.edu wrote: Michelle, When you are sent to the CAS login page, what is the value of the `service` parameter on the URL? That is the URL you will be redirected to on successful login. If that URL is *not* correct, your CAS client is sending the wrong service parameter. If it is correct, you should check to see if your web app is redirecting from the service URL to the final URL. Thanks, Carl Waldbieser Lafayette College - Original Message - From: Michelle Zhang michelle.zh...@fandm.edu To: cas-user@lists.jasig.org Sent: Monday, September 8, 2014 10:42:22 AM Subject: [cas-user] Redirect page after authenticated Hi there, I'm a .Net developer and now just started to work with CAS. I have made associate changes on the web.config files so now after I typed in the url ( https://servername), I'm directed to the CAS log in page. After I logged in, I'm supposed to be redirected to my default page which specified in web.config file: files clear/ add value=Account/Login.aspx/ /files However I am always being directed to the same log in successful page with the url showing as: https://servername/cas/login
Re: [cas-user] Redirect page after authenticated
Carl, where can I find DotNetCasClient/CasAuthenticationModule.cs? The only classes I included are DotNetCasAttributePrincipal.cs and DotNetCASClient.cs. If I just type in the path: https://CASServerName/cas/login?requesturl=https://myWebServerName/Account/login.aspx https://CASServerName/cas/login?service=https://myWebServerName I'm redirected to the cas login successful page. Just now I uncommentted this modules block in web.config file: modules remove name=DotNetCasClient/ add name=DotNetCasClient type=DotNetCasClient.CasAuthenticationModule,DotNetCasClient/ /modules And now after log in, it redirected me to one of my web pages, not the account/login.aspx. I'm thinking this is kind of a small step forward. Still need to figure out how to get the return url right. Thanks again, Michelle https://CASServerName/cas/login?service=https://myWebServerName On Mon, Sep 8, 2014 at 3:45 PM, Waldbieser, Carl waldb...@lafayette.edu wrote: Michelle, The source code file DotNetCasClient/CasAuthenticationModule.cs has some comments that may partially explain why you are seeing ReturnUrl instead of service. It seems like the ASP.NET framework is not intercepting the request as it is routed to FormsLoginUrl. Do you have debugging turned on? That would probably help you determine what configuration you may be missing. You can try hitting the CAS server directly with: https://CASServerName/cas/login?service=https://myWebServerName to see if service ticket validation is working. Thanks, Carl - Original Message - From: Michelle Zhang michelle.zh...@fandm.edu To: cas-user@lists.jasig.org Sent: Monday, September 8, 2014 3:09:14 PM Subject: Re: [cas-user] Redirect page after authenticated Carl, I made such change now: casClientConfig casServerLoginUrl=https://CASServerName/cas/login https://CASEServerName/cas casServerUrlPrefix=https://CASServerName/cas https://CASEServerName/cas serverName=https://myWebServerName https://CASEServerName/cas notAuthorizedUrl=~/Failed.aspx cookiesRequiredUrl= https://myWebServerName/Account/Login.aspx; redirectAfterValidation=true renew=false singleSignOut=true ticketValidatorName=Cas20 serviceTicketManager=CacheServiceTicketManager/ and still have the problem. Thanks again! Michelle On Mon, Sep 8, 2014 at 3:01 PM, Waldbieser, Carl waldb...@lafayette.edu wrote: Michelle, It looks like serverName in casClientConfig ought to be https://myWebServerName;. From the instructions: Host name of the server hosting this application. This is used to generate URLs that will be sent to the CAS server for redirection. Thanks, Carl - Original Message - From: Michelle Zhang michelle.zh...@fandm.edu To: cas-user@lists.jasig.org Sent: Monday, September 8, 2014 2:50:34 PM Subject: Re: [cas-user] Redirect page after authenticated Carl, Thank you for checking for me! I made the change, now the code in web.config shows: authentication mode=Forms forms loginUrl=https://CASServerName/cas/login https://CASEServerName/cas timeout=30 defaultUrl=https://myWebServerName/Account/Login.aspx; cookieless=UseCookies slidingExpiration=true path=/SPOT/ name=.ASPXFORMSAUTH/ /authentication Same to the casClientConfig: casClientConfig casServerLoginUrl=https://CASServerName/cas/login https://CASEServerName/cas casServerUrlPrefix=https://CASServerName/cas https://CASEServerName/cas serverName=https://CASServerName https://CASEServerName/cas:8443 notAuthorizedUrl=~/Failed.aspx cookiesRequiredUrl= https://myWebServerName/Account/Login.aspx; redirectAfterValidation=true renew=false singleSignOut=true ticketValidatorName=Cas20 serviceTicketManager=CacheServiceTicketManager/ When I upload and test again, nothing changed Michelle On Mon, Sep 8, 2014 at 2:42 PM, Waldbieser, Carl waldb...@lafayette.edu wrote: Michelle, Shouldn't your loginUrl be https://CASEServerName/cas/login;? It should match the casServerLoginUrl in your casClientConfig section [1] Thanks, Carl [1] https://wiki.jasig.org/display/casc/.net+cas+client - Original Message - From: Michelle Zhang michelle.zh...@fandm.edu To: cas-user@lists.jasig.org Sent: Monday, September 8, 2014 2:12:02 PM Subject: Re: [cas-user] Redirect page after authenticated Dear Carl, Thank you very much for the reply! I do not see the service parameter on the URL. The URL is just showing as: https://CASEServerName/cas/login
Re: [cas-user] Redirect page after authenticated
Thank you Carl! Do I need to add it as a class to my App_Code? or just register it in web.config? Michelle On Mon, Sep 8, 2014 at 4:34 PM, Waldbieser, Carl waldb...@lafayette.edu wrote: Michelle, I am looking at the source on GitHub: https://github.com/Jasig/dotnet-cas-client/blob/master/DotNetCasClient/CasAuthenticationModule.cs Thanks, Carl - Original Message - From: Michelle Zhang michelle.zh...@fandm.edu To: cas-user@lists.jasig.org Sent: Monday, September 8, 2014 4:24:42 PM Subject: Re: [cas-user] Redirect page after authenticated Carl, where can I find DotNetCasClient/CasAuthenticationModule.cs? The only classes I included are DotNetCasAttributePrincipal.cs and DotNetCASClient.cs. If I just type in the path: https://CASServerName/cas/login?requesturl=https://myWebServerName/Account/login.aspx https://CASServerName/cas/login?service=https://myWebServerName I'm redirected to the cas login successful page. Just now I uncommentted this modules block in web.config file: modules remove name=DotNetCasClient/ add name=DotNetCasClient type=DotNetCasClient.CasAuthenticationModule,DotNetCasClient/ /modules And now after log in, it redirected me to one of my web pages, not the account/login.aspx. I'm thinking this is kind of a small step forward. Still need to figure out how to get the return url right. Thanks again, Michelle https://CASServerName/cas/login?service=https://myWebServerName On Mon, Sep 8, 2014 at 3:45 PM, Waldbieser, Carl waldb...@lafayette.edu wrote: Michelle, The source code file DotNetCasClient/CasAuthenticationModule.cs has some comments that may partially explain why you are seeing ReturnUrl instead of service. It seems like the ASP.NET framework is not intercepting the request as it is routed to FormsLoginUrl. Do you have debugging turned on? That would probably help you determine what configuration you may be missing. You can try hitting the CAS server directly with: https://CASServerName/cas/login?service=https://myWebServerName to see if service ticket validation is working. Thanks, Carl - Original Message - From: Michelle Zhang michelle.zh...@fandm.edu To: cas-user@lists.jasig.org Sent: Monday, September 8, 2014 3:09:14 PM Subject: Re: [cas-user] Redirect page after authenticated Carl, I made such change now: casClientConfig casServerLoginUrl=https://CASServerName/cas/login https://CASEServerName/cas casServerUrlPrefix=https://CASServerName/cas https://CASEServerName/cas serverName=https://myWebServerName https://CASEServerName/cas notAuthorizedUrl=~/Failed.aspx cookiesRequiredUrl= https://myWebServerName/Account/Login.aspx; redirectAfterValidation=true renew=false singleSignOut=true ticketValidatorName=Cas20 serviceTicketManager=CacheServiceTicketManager/ and still have the problem. Thanks again! Michelle On Mon, Sep 8, 2014 at 3:01 PM, Waldbieser, Carl waldb...@lafayette.edu wrote: Michelle, It looks like serverName in casClientConfig ought to be https://myWebServerName;. From the instructions: Host name of the server hosting this application. This is used to generate URLs that will be sent to the CAS server for redirection. Thanks, Carl - Original Message - From: Michelle Zhang michelle.zh...@fandm.edu To: cas-user@lists.jasig.org Sent: Monday, September 8, 2014 2:50:34 PM Subject: Re: [cas-user] Redirect page after authenticated Carl, Thank you for checking for me! I made the change, now the code in web.config shows: authentication mode=Forms forms loginUrl=https://CASServerName/cas/login https://CASEServerName/cas timeout=30 defaultUrl=https://myWebServerName/Account/Login.aspx; cookieless=UseCookies slidingExpiration=true path=/SPOT/ name=.ASPXFORMSAUTH/ /authentication Same to the casClientConfig: casClientConfig casServerLoginUrl=https://CASServerName/cas/login https://CASEServerName/cas casServerUrlPrefix=https://CASServerName/cas https://CASEServerName/cas serverName=https://CASServerName https://CASEServerName/cas:8443 notAuthorizedUrl=~/Failed.aspx cookiesRequiredUrl= https://myWebServerName/Account/Login.aspx; redirectAfterValidation=true renew=false singleSignOut=true ticketValidatorName=Cas20 serviceTicketManager=CacheServiceTicketManager/ When I upload and test again, nothing changed Michelle On Mon, Sep 8, 2014 at 2:42 PM