Re: [cas-user] troubleshooting login using MySQL
Did you login immediately? There is a login ticket, if you let it sit there, the login ticket expires. Not sure if that's related to whatever version of CAS you're using. On 15-01-09 01:35 PM, Chris Adams wrote: Hello all, I am troubleshooting login problems using a mysql database. I have verified that the connection to the database works through CAS and that the credentials eventually work. I clear all related cookies from the browser, then go to the login page. If I check the browser cookies, I can see a cookie set with a JSESSIONID. When I submit the form, it says ‘Invalid Credentials’. If I enter the password again, the login succeeds and the URL shows the SESSIONID. Another browser cookie is set and is labelled ‘CASTGC’. Does anyone have tips for troubleshooting this? I have looked in the cas.log and it only shows the credentials as if all submissions are successful. I can’t see anything in the mysql logs that helps, so I just at a standstill. I hope that is clear. Thank you. -- You are currently subscribed to cas-user@lists.jasig.org as: tre...@athabascau.ca To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- Trenton D. Adams Senior Systems Analyst/Web Software Developer Navy Penguins at your service! Learning & Research Systems Unit, Information Technology Services, Athabasca University (780) 675-6195 :wq! -- This communication is intended for the use of the recipient to whom it is addressed, and may contain confidential, personal, and or privileged information. Please contact us immediately if you are not the intended recipient of this communication, and do not copy, distribute, or take action relying on it. Any communications received in error, or subsequent reply, should be deleted or destroyed. --- -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
RE: [cas-user] troubleshooting login using MySQL
Yes, I logged in immediately. I also had previously modified the timeout to greater than 5 minutes. That should give me enough time. :>). I am using CAS 4.0.0. -Original Message- From: Trenton D. Adams [mailto:tre...@athabascau.ca] Sent: Friday, January 09, 2015 12:39 PM To: cas-user@lists.jasig.org Subject: Re: [cas-user] troubleshooting login using MySQL Did you login immediately? There is a login ticket, if you let it sit there, the login ticket expires. Not sure if that's related to whatever version of CAS you're using. On 15-01-09 01:35 PM, Chris Adams wrote: > Hello all, > > I am troubleshooting login problems using a mysql database. I have > verified that the connection to the database works through CAS and > that the credentials eventually work. > > I clear all related cookies from the browser, then go to the login page. > If I check the browser cookies, I can see a cookie set with a > JSESSIONID. When I submit the form, it says 'Invalid Credentials'. If > I enter the password again, the login succeeds and the URL shows the > SESSIONID. > > Another browser cookie is set and is labelled 'CASTGC'. > > Does anyone have tips for troubleshooting this? I have looked in the > cas.log and it only shows the credentials as if all submissions are > successful. I can't see anything in the mysql logs that helps, so I > just at a standstill. > > I hope that is clear. Thank you. > > -- > You are currently subscribed to cas-user@lists.jasig.org as: > tre...@athabascau.ca To unsubscribe, change settings or access > archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user > -- Trenton D. Adams Senior Systems Analyst/Web Software Developer Navy Penguins at your service! Learning & Research Systems Unit, Information Technology Services, Athabasca University (780) 675-6195 :wq! -- This communication is intended for the use of the recipient to whom it is addressed, and may contain confidential, personal, and or privileged information. Please contact us immediately if you are not the intended recipient of this communication, and do not copy, distribute, or take action relying on it. Any communications received in error, or subsequent reply, should be deleted or destroyed. --- -- You are currently subscribed to cas-user@lists.jasig.org as: chris.a.ad...@state.or.us To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
RE: [cas-user] troubleshooting login using MySQL
Here is the log from cas.log that follow the failure, then success. Not sure if it helps. 2015-01-09 12:55:36,626 INFO [com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit trail record BEGIN = WHO: audit:unknown WHAT: supplied credentials: [USERID+password] ACTION: AUTHENTICATION_FAILED APPLICATION: CAS WHEN: Fri Jan 09 12:55:36 PST 2015 CLIENT IP ADDRESS: xxx.xxx.xxx.xxx SERVER IP ADDRESS: xxx.xxx.xxx.xxx = 2015-01-09 12:55:36,627 INFO [com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit trail record BEGIN = WHO: audit:unknown WHAT: 1 errors, 0 successes ACTION: TICKET_GRANTING_TICKET_NOT_CREATED APPLICATION: CAS WHEN: Fri Jan 09 12:55:36 PST 2015 CLIENT IP ADDRESS: xxx.xxx.xxx.xxx SERVER IP ADDRESS: xxx.xxx.xxx.xxx = 2015-01-09 12:55:42,511 INFO [org.jasig.cas.authentication.PolicyBasedAuthenticationManager] - SearchModeSearchDatabaseAuthenticationHandler successfully authenticated USERID+password 2015-01-09 12:55:42,511 INFO [org.jasig.cas.authentication.PolicyBasedAuthenticationManager] - Authenticated USERID with credentials [USERID+password]. 2015-01-09 12:55:42,512 INFO [com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit trail record BEGIN = WHO: audit:unknown WHAT: supplied credentials: [USERID+password] ACTION: AUTHENTICATION_SUCCESS APPLICATION: CAS WHEN: Fri Jan 09 12:55:42 PST 2015 CLIENT IP ADDRESS: xxx.xxx.xxx.xxx SERVER IP ADDRESS: xxx.xxx.xxx.xxx = 2015-01-09 12:55:42,513 INFO [com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit trail record BEGIN = WHO: audit:unknown WHAT: TGT-11-xaHYKGFBbFcOBAmNqZWPWbvsSYOtfLY7TkgCBIrfMll0hFBJQd-cas01.example.org ACTION: TICKET_GRANTING_TICKET_CREATED APPLICATION: CAS WHEN: Fri Jan 09 12:55:42 PST 2015 CLIENT IP ADDRESS: xxx.xxx.xxx.xxx SERVER IP ADDRESS: xxx.xxx.xxx.xxx = -Original Message- From: Chris Adams [mailto:chris.a.ad...@state.or.us] Sent: Friday, January 09, 2015 12:41 PM To: cas-user@lists.jasig.org Subject: RE: [cas-user] troubleshooting login using MySQL Yes, I logged in immediately. I also had previously modified the timeout to greater than 5 minutes. That should give me enough time. :>). I am using CAS 4.0.0. -Original Message- From: Trenton D. Adams [mailto:tre...@athabascau.ca] Sent: Friday, January 09, 2015 12:39 PM To: cas-user@lists.jasig.org Subject: Re: [cas-user] troubleshooting login using MySQL Did you login immediately? There is a login ticket, if you let it sit there, the login ticket expires. Not sure if that's related to whatever version of CAS you're using. On 15-01-09 01:35 PM, Chris Adams wrote: > Hello all, > > I am troubleshooting login problems using a mysql database. I have > verified that the connection to the database works through CAS and > that the credentials eventually work. > > I clear all related cookies from the browser, then go to the login page. > If I check the browser cookies, I can see a cookie set with a > JSESSIONID. When I submit the form, it says 'Invalid Credentials'. If > I enter the password again, the login succeeds and the URL shows the > SESSIONID. > > Another browser cookie is set and is labelled 'CASTGC'. > > Does anyone have tips for troubleshooting this? I have looked in the > cas.log and it only shows the credentials as if all submissions are > successful. I can't see anything in the mysql logs that helps, so I > just at a standstill. > > I hope that is clear. Thank you. > > -- > You are currently subscribed to cas-user@lists.jasig.org as: > tre...@athabascau.ca To unsubscribe, change settings or access > archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user > -- Trenton D. Adams Senior Systems Analyst/Web Software Developer Navy Penguins at your service! Learning & Research Systems Unit, Information Technology Services, Athabasca University (780) 675-6195 :wq! -- This communication is intended for the use of the recipient to whom it is addressed, and may contain confidential, personal, and or privileged information. Please contact us immediately if you are not the intended recipient of this communication, and do not copy, distribute, or take action relying on it. Any communications received in error, or subsequent reply, should be deleted or destroyed. --- -- You are currently subscribed to cas-user@lists.jasi
RE: [cas-user] troubleshooting login using MySQL
Hello again. I have not been able to resolve this problem, though I have done much tinkering and checking logs. Nothing has changed. Here is how I tested it: 1. Clear cookies from browser and close browser. 2. Log in to the CAS server and a specific service with MySQL username/password #2 Fails and says "Invalid Credentials" 3. Add same password again #3 results in successful login The cas.log shows just what is happening. If the login succeeds, it shows that the user has been authenticated, a ticket has been granted, and a service ticket created. The catalina.out log shows the same information. I spoze it could be a MySQL issue, but I really don't think so. Interestingly, sometimes, but very rarely, the initial login succeeds. I immediately log in, so the timeout should not be in play here. Does anyone have some tips as to what I can look for to get this working as it should? Many thanks. -Original Message- From: Chris Adams [mailto:chris.a.ad...@state.or.us] Sent: Friday, January 09, 2015 1:10 PM To: cas-user@lists.jasig.org Subject: RE: [cas-user] troubleshooting login using MySQL Here is the log from cas.log that follow the failure, then success. Not sure if it helps. 2015-01-09 12:55:36,626 INFO [com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit trail record BEGIN = WHO: audit:unknown WHAT: supplied credentials: [USERID+password] ACTION: AUTHENTICATION_FAILED APPLICATION: CAS WHEN: Fri Jan 09 12:55:36 PST 2015 CLIENT IP ADDRESS: xxx.xxx.xxx.xxx SERVER IP ADDRESS: xxx.xxx.xxx.xxx = 2015-01-09 12:55:36,627 INFO [com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit trail record BEGIN = WHO: audit:unknown WHAT: 1 errors, 0 successes ACTION: TICKET_GRANTING_TICKET_NOT_CREATED APPLICATION: CAS WHEN: Fri Jan 09 12:55:36 PST 2015 CLIENT IP ADDRESS: xxx.xxx.xxx.xxx SERVER IP ADDRESS: xxx.xxx.xxx.xxx = 2015-01-09 12:55:42,511 INFO [org.jasig.cas.authentication.PolicyBasedAuthenticationManager] - SearchModeSearchDatabaseAuthenticationHandler successfully authenticated USERID+password 2015-01-09 12:55:42,511 INFO [org.jasig.cas.authentication.PolicyBasedAuthenticationManager] - Authenticated USERID with credentials [USERID+password]. 2015-01-09 12:55:42,512 INFO [com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit trail record BEGIN = WHO: audit:unknown WHAT: supplied credentials: [USERID+password] ACTION: AUTHENTICATION_SUCCESS APPLICATION: CAS WHEN: Fri Jan 09 12:55:42 PST 2015 CLIENT IP ADDRESS: xxx.xxx.xxx.xxx SERVER IP ADDRESS: xxx.xxx.xxx.xxx = 2015-01-09 12:55:42,513 INFO [com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit trail record BEGIN = WHO: audit:unknown WHAT: TGT-11-xaHYKGFBbFcOBAmNqZWPWbvsSYOtfLY7TkgCBIrfMll0hFBJQd-cas01.example.org ACTION: TICKET_GRANTING_TICKET_CREATED APPLICATION: CAS WHEN: Fri Jan 09 12:55:42 PST 2015 CLIENT IP ADDRESS: xxx.xxx.xxx.xxx SERVER IP ADDRESS: xxx.xxx.xxx.xxx = -Original Message- From: Chris Adams [mailto:chris.a.ad...@state.or.us] Sent: Friday, January 09, 2015 12:41 PM To: cas-user@lists.jasig.org Subject: RE: [cas-user] troubleshooting login using MySQL Yes, I logged in immediately. I also had previously modified the timeout to greater than 5 minutes. That should give me enough time. :>). I am using CAS 4.0.0. -Original Message- From: Trenton D. Adams [mailto:tre...@athabascau.ca] Sent: Friday, January 09, 2015 12:39 PM To: cas-user@lists.jasig.org Subject: Re: [cas-user] troubleshooting login using MySQL Did you login immediately? There is a login ticket, if you let it sit there, the login ticket expires. Not sure if that's related to whatever version of CAS you're using. On 15-01-09 01:35 PM, Chris Adams wrote: > Hello all, > > I am troubleshooting login problems using a mysql database. I have > verified that the connection to the database works through CAS and > that the credentials eventually work. > > I clear all related cookies from the browser, then go to the login page. > If I check the browser cookies, I can see a cookie set with a > JSESSIONID. When I submit the form, it says 'Invalid Credentials'. If > I enter the password again, the login succeeds and the URL shows the > SESSIONID. > > Another browser cookie is set and is labelled 'CASTGC'. > > Does anyone have tips for troubleshooting this? I have looked in
Re: [cas-user] troubleshooting login using MySQL
Hi, I had some similar symptoms with CAS 3.5 and mysql and was told to configure the query to validate the database connection. You may want to check that, because that solved my problem. Here is the thread for the record : https://groups.google.com/forum/#!topic/jasig-cas-user/0CesCbG7DtQ cheers, -- Raphaël Le 14/01/2015 21:43, Chris Adams a écrit : Hello again. I have not been able to resolve this problem, though I have done much tinkering and checking logs. Nothing has changed. Here is how I tested it: 1. Clear cookies from browser and close browser. 2. Log in to the CAS server and a specific service with MySQL username/password #2 Fails and says "Invalid Credentials" 3. Add same password again #3 results in successful login The cas.log shows just what is happening. If the login succeeds, it shows that the user has been authenticated, a ticket has been granted, and a service ticket created. The catalina.out log shows the same information. I spoze it could be a MySQL issue, but I really don't think so. Interestingly, sometimes, but very rarely, the initial login succeeds. I immediately log in, so the timeout should not be in play here. Does anyone have some tips as to what I can look for to get this working as it should? Many thanks. -Original Message- From: Chris Adams [mailto:chris.a.ad...@state.or.us] Sent: Friday, January 09, 2015 1:10 PM To: cas-user@lists.jasig.org Subject: RE: [cas-user] troubleshooting login using MySQL Here is the log from cas.log that follow the failure, then success. Not sure if it helps. 2015-01-09 12:55:36,626 INFO [com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit trail record BEGIN = WHO: audit:unknown WHAT: supplied credentials: [USERID+password] ACTION: AUTHENTICATION_FAILED APPLICATION: CAS WHEN: Fri Jan 09 12:55:36 PST 2015 CLIENT IP ADDRESS: xxx.xxx.xxx.xxx SERVER IP ADDRESS: xxx.xxx.xxx.xxx = 2015-01-09 12:55:36,627 INFO [com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit trail record BEGIN = WHO: audit:unknown WHAT: 1 errors, 0 successes ACTION: TICKET_GRANTING_TICKET_NOT_CREATED APPLICATION: CAS WHEN: Fri Jan 09 12:55:36 PST 2015 CLIENT IP ADDRESS: xxx.xxx.xxx.xxx SERVER IP ADDRESS: xxx.xxx.xxx.xxx = 2015-01-09 12:55:42,511 INFO [org.jasig.cas.authentication.PolicyBasedAuthenticationManager] - SearchModeSearchDatabaseAuthenticationHandler successfully authenticated USERID+password 2015-01-09 12:55:42,511 INFO [org.jasig.cas.authentication.PolicyBasedAuthenticationManager] - Authenticated USERID with credentials [USERID+password]. 2015-01-09 12:55:42,512 INFO [com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit trail record BEGIN = WHO: audit:unknown WHAT: supplied credentials: [USERID+password] ACTION: AUTHENTICATION_SUCCESS APPLICATION: CAS WHEN: Fri Jan 09 12:55:42 PST 2015 CLIENT IP ADDRESS: xxx.xxx.xxx.xxx SERVER IP ADDRESS: xxx.xxx.xxx.xxx = 2015-01-09 12:55:42,513 INFO [com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit trail record BEGIN = WHO: audit:unknown WHAT: TGT-11-xaHYKGFBbFcOBAmNqZWPWbvsSYOtfLY7TkgCBIrfMll0hFBJQd-cas01.example.org ACTION: TICKET_GRANTING_TICKET_CREATED APPLICATION: CAS WHEN: Fri Jan 09 12:55:42 PST 2015 CLIENT IP ADDRESS: xxx.xxx.xxx.xxx SERVER IP ADDRESS: xxx.xxx.xxx.xxx = -Original Message- From: Chris Adams [mailto:chris.a.ad...@state.or.us] Sent: Friday, January 09, 2015 12:41 PM To: cas-user@lists.jasig.org Subject: RE: [cas-user] troubleshooting login using MySQL Yes, I logged in immediately. I also had previously modified the timeout to greater than 5 minutes. That should give me enough time. :>). I am using CAS 4.0.0. -Original Message- From: Trenton D. Adams [mailto:tre...@athabascau.ca] Sent: Friday, January 09, 2015 12:39 PM To: cas-user@lists.jasig.org Subject: Re: [cas-user] troubleshooting login using MySQL Did you login immediately? There is a login ticket, if you let it sit there, the login ticket expires. Not sure if that's related to whatever version of CAS you're using. On 15-01-09 01:35 PM, Chris Adams wrote: Hello all, I am troubleshooting login problems using a mysql database. I have verified that the connection to the database works through CAS and that the credentials eventually work. I clear all related cookies from the browser, then go to the login page. If I check the browser cookies, I can see a cookie set with a JSESSIONID. Whe
