When I have the service ticket and I call serviceValidate the URL is (unencoded so it's readable):
https://localhost:8443/cas/serviceValidate?service=https://localhost:8443/protected-web-app/&ticket=ST-.....&pgtUrl=https://localhost:8443/protected-web-app/proxyUrl Proxying is enabled and the SSL call is working from what I can tell. I noticed that URL creates the PGTIOU. I can see CAS creating a PGT in the log. CAS then calls https://localhost:8443/protected-web-app/proxyUrl with the pgtId and pgtIou HTTP request parameters. My guess is that I will need to find a way to trap the call to https://localhost:8443/protected-web-app/proxyUrl and get the pgtId sent by CAS. On Tuesday, June 28, 2016 at 6:15:23 PM UTC-4, Misagh Moayyed wrote: > > There is a backchannel call made to your pgtUrl with the PGT in it, which > your app should receive and then correlate with the PGTIOU it received from > the original validation response. You’ll need to trace that call. Proxying > could be disabled, the app could be disallowed or some weirdness with SSL > outbound calls perhaps. > > > > *From:* [email protected] <javascript:> [mailto:[email protected] > <javascript:>] *On Behalf Of *William > *Sent:* Tuesday, June 28, 2016 2:49 PM > *To:* CAS Community <[email protected] <javascript:>> > *Subject:* [cas-user] Getting A Proxy Granting Ticket from A Proxy > Granting Ticket IOU > > > > I am writing a test case according to > https://wiki.jasig.org/display/CAS/CAS+Functional+Tests > > > > The particular test case I am writing is: "CAS 2.0 validation, acquire > proxy-granting ticket, proxy authentication" > > > > The step I am stuck is: "6. Using your callback, correlate PGTIOU with > PGT" > > > > I am able to obtain a PGTIOU, but I am not able to get a PGT which I need > for step 7 and onward. > > > > CAS uses a callback that is set in the CAS client application (web.xml) to > get the Proxy Granting Ticket which I cannot access. > > > > I have tried providing a TGT (and Service Ticket) has the pgtId along with > the PGTIOU like this URL: > > > > /protected-web-app/proxyUrl?pgtId= > TGT-1-UGTYmYoRP1NGBoMfNIM1asjWXd0RxYOywXTZEkB3VVTutHyAk6-cas01.example.org > &pgtIou= > PGTIOU-1-yrW7pUikYVZMOvaKolHCmGT4OW3rTZcxg01eVvplbvjrKWwyaw-cas01.example.org > > > > However, I only get the "proxySuccess" back with no proxy ticket back: > > > > <?xml version="1.0"?> > > <casClient:proxySuccess xmlns:casClient="http://www.yale.edu/tp/casClient"; > /> > > > > I should be getting the following back: > > > > <cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'> > > <cas:proxySuccess> > > <cas:proxyTicket>PGT-xxxxxx</cas:proxyTicket> > > </cas:proxySuccess> > > </cas:serviceResponse> > > > > Anyone know how I can get the PGT from the PGTIOU? > > > > I am really hoping I do not get any responses of "Why do you need the > PGT?" To write this test I do need a PGT. > > > > Regards > > -- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected] <javascript:>. > To post to this group, send email to [email protected] <javascript:>. > Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/ > . > To view this discussion on the web visit > https://groups.google.com/a/apereo.org/d/msgid/cas-user/40be567f-1e93-4386-aa68-9e294d188040%40apereo.org > > <https://groups.google.com/a/apereo.org/d/msgid/cas-user/40be567f-1e93-4386-aa68-9e294d188040%40apereo.org?utm_medium=email&utm_source=footer> > . > For more options, visit https://groups.google.com/a/apereo.org/d/optout. > -- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/bfd72d97-ce8f-4486-849f-45107fcf127b%40apereo.org. For more options, visit https://groups.google.com/a/apereo.org/d/optout.
