Re: [cas-user] CAS 5.2.0 No Service ticket

Ray Bon Fri, 22 Dec 2017 09:47:26 -0800

With the login URL, is there a 'service' parameter ('target' for saml 1.1 
protocol)?
A service ticket is only issued if there is a service to log in.
With https://foo.com/cas/login, no ST, 
https://foo.com/cas/login?service=https://bar.com, there is ST.


Ray

On Thu, 2017-12-21 at 20:38 -0800, casuser wrote:
How can I issue service tickets in CAS 5.2.0. I am using memcached for storing 
the tickets. in the logs CAS is issuing the TGT but there is no ST.

this is how it looks like in the log:


2017-12-22 09:40:47,618 DEBUG 
[org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Collected 
authentication attributes for this result are 
[{org.apereo.cas.authentication.principal.REMEMBER_ME=true, 
credentialType=RememberMeUsernamePasswordCredential, 
authenticationMethod=LdapAuthenticationHandler, 
successfulAuthenticationHandlers=[LdapAuthenticationHandler]}]>
2017-12-22 09:40:47,618 DEBUG 
[org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - 
<Authentication result commenced at 
[2017-12-22T09:40:47.618+08:00[Asia/Kuala_Lumpur]]>
2017-12-22 09:40:47,619 DEBUG 
[org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Building 
an authentication result for authentication 
[org.apereo.cas.authentication.DefaultAuthentication@d0d20ec7] and service 
[null]>
2017-12-22 09:40:47,620 DEBUG 
[org.apereo.cas.ticket.factory.DefaultTicketGrantingTicketFactory] - 
<Attempting to encode ticket-granting ticket 
[TGT-***************************************************************FvYJ1mu3VU-rabby]>
2017-12-22 09:40:47,620 DEBUG [org.apereo.cas.util.EncodingUtils] - <Encrypting 
via [A128CBC-HS256]>
2017-12-22 09:40:47,621 DEBUG 
[org.apereo.cas.ticket.factory.DefaultTicketGrantingTicketFactory] - <Encoded 
ticket-granting ticket id 
[***************************************************************]>
2017-12-22 09:40:47,622 DEBUG 
[org.apereo.cas.ticket.registry.AbstractTicketRegistry] - <Encoding ticket 
[***************************************************************]>
2017-12-22 09:40:47,632 DEBUG 
[org.apereo.cas.ticket.registry.AbstractTicketRegistry] - <Encoded original 
ticket id [***************************************************************] to 
[***************************************************************]>
2017-12-22 09:40:47,632 DEBUG 
[org.apereo.cas.ticket.registry.AbstractTicketRegistry] - <Created encoded 
ticket [[***************************************************************]]>
2017-12-22 09:40:47,633 DEBUG 
[org.apereo.cas.ticket.registry.MemcachedTicketRegistry] - <Adding ticket 
[[***************************************************************]]>
2017-12-22 09:40:47,633 DEBUG [org.apereo.cas.memcached.kryo.CloseableKryo] - 
<Registering class [int] with Kryo using serializer 
[com.esotericsoftware.kryo.serializers.DefaultSerializers$IntSerializer]>
2017-12-22 09:40:47,634 DEBUG [org.apereo.cas.memcached.kryo.CloseableKryo] - 
<Registering class [java.lang.String] with Kryo using serializer 
[com.esotericsoftware.kryo.serializers.DefaultSerializers$StringSerializer]>
2017-12-22 09:40:47,634 DEBUG [org.apereo.cas.memcached.kryo.CloseableKryo] - 
<Registering class [float] with Kryo using serializer 
[com.esotericsoftware.kryo.serializers.DefaultSerializers$FloatSerializer]>
2017-12-22 09:40:47,634 DEBUG [org.apereo.cas.memcached.kryo.CloseableKryo] - 
<Registering class [boolean] with Kryo using serializer 
[com.esotericsoftware.kryo.serializers.DefaultSerializers$BooleanSerializer]>
2017-12-22 09:40:47,635 DEBUG [org.apereo.cas.memcached.kryo.CloseableKryo] - 
<Registering class [byte] with Kryo using serializer 
[com.esotericsoftware.kryo.serializers.DefaultSerializers$ByteSerializer]>
2017-12-22 09:40:47,635 DEBUG [org.apereo.cas.memcached.kryo.CloseableKryo] - 
<Registering class [char] with Kryo using serializer 
[com.esotericsoftware.kryo.serializers.DefaultSerializers$CharSerializer]>
2017-12-22 09:40:47,635 DEBUG [org.apereo.cas.memcached.kryo.CloseableKryo] - 
<Registering class [short] with Kryo using serializer 
[com.esotericsoftware.kryo.serializers.DefaultSerializers$ShortSerializer]>
2017-12-22 09:40:47,636 DEBUG [org.apereo.cas.memcached.kryo.CloseableKryo] - 
<Registering class [long] with Kryo using serializer 
[com.esotericsoftware.kryo.serializers.DefaultSerializers$LongSerializer]>
2017-12-22 09:40:47,636 DEBUG [org.apereo.cas.memcached.kryo.CloseableKryo] - 
<Registering class [double] with Kryo using serializer 
[com.esotericsoftware.kryo.serializers.DefaultSerializers$DoubleSerializer]>
2017-12-22 09:40:47,636 DEBUG [org.apereo.cas.memcached.kryo.CloseableKryo] - 
<Registering class [void] with Kryo using serializer 
[com.esotericsoftware.kryo.serializers.DefaultSerializers$VoidSerializer]>
2017-12-22 09:40:47,637 DEBUG 
[org.apereo.cas.memcached.kryo.CloseableKryoFactory] - <Constructing a kryo 
instance with the following settings:>
2017-12-22 09:40:47,637 DEBUG 
[org.apereo.cas.memcached.kryo.CloseableKryoFactory] - 
<warnUnregisteredClasses: [true]>
2017-12-22 09:40:47,637 DEBUG 
[org.apereo.cas.memcached.kryo.CloseableKryoFactory] - <autoReset: [false]>
2017-12-22 09:40:47,637 DEBUG 
[org.apereo.cas.memcached.kryo.CloseableKryoFactory] - 
<replaceObjectsByReferences: [false]>
2017-12-22 09:40:47,638 DEBUG 
[org.apereo.cas.memcached.kryo.CloseableKryoFactory] - <registrationRequired: 
[false]>
2017-12-22 09:40:47,638 DEBUG [org.apereo.cas.memcached.kryo.CloseableKryo] - 
<Registering class 
[org.apereo.cas.authentication.principal.SimpleWebApplicationServiceImpl] with 
Kryo using serializer 
[org.apereo.cas.memcached.kryo.serial.SimpleWebApplicationServiceSerializer]>
2017-12-22 09:40:47,639 DEBUG [org.apereo.cas.memcached.kryo.CloseableKryo] - 
<Registering class [org.apereo.cas.authentication.BasicCredentialMetaData] with 
Kryo using serializer [com.esotericsoftware.kryo.serializers.FieldSerializer]>
2017-12-22 09:40:47,639 DEBUG [org.apereo.cas.memcached.kryo.CloseableKryo] - 
<Registering class [org.apereo.cas.authentication.BasicIdentifiableCredential] 
with Kryo using serializer 
[com.esotericsoftware.kryo.serializers.FieldSerializer]>
2017-12-22 09:40:47,639 DEBUG [org.apereo.cas.memcached.kryo.CloseableKryo] - 
<Registering class [org.apereo.cas.authentication.DefaultHandlerResult] with 
Kryo using serializer [com.esotericsoftware.kryo.serializers.FieldSerializer]>
2017-12-22 09:40:47,640 DEBUG [org.apereo.cas.memcached.kryo.CloseableKryo] - 
<Registering class [org.apereo.cas.authentication.DefaultAuthentication] with 
Kryo using serializer [com.esotericsoftware.kryo.serializers.FieldSerializer]>
2017-12-22 09:40:47,640 DEBUG [org.apereo.cas.memcached.kryo.CloseableKryo] - 
<Registering class [org.apereo.cas.authentication.UsernamePasswordCredential] 
with Kryo using serializer 
[com.esotericsoftware.kryo.serializers.FieldSerializer]>
2017-12-22 09:40:47,641 DEBUG [org.apereo.cas.memcached.kryo.CloseableKryo] - 
<Registering class [org.apereo.cas.authentication.principal.SimplePrincipal] 
with Kryo using serializer 
[com.esotericsoftware.kryo.serializers.FieldSerializer]>
2017-12-22 09:40:47,641 DEBUG [org.apereo.cas.memcached.kryo.CloseableKryo] - 
<Registering class [org.apereo.cas.util.crypto.PublicKeyFactoryBean] with Kryo 
using serializer [com.esotericsoftware.kryo.serializers.FieldSerializer]>
2017-12-22 09:40:47,642 DEBUG [org.apereo.cas.memcached.kryo.CloseableKryo] - 
<Registering class 
[org.apereo.cas.services.ReturnAllowedAttributeReleasePolicy] with Kryo using 
serializer [com.esotericsoftware.kryo.serializers.FieldSerializer]>
2017-12-22 09:40:47,642 DEBUG [org.apereo.cas.memcached.kryo.CloseableKryo] - 
<Registering class [org.apereo.cas.services.ReturnAllAttributeReleasePolicy] 
with Kryo using serializer 
[com.esotericsoftware.kryo.serializers.FieldSerializer]>





2017-12-22 09:40:47,678 DEBUG 
[org.apereo.cas.memcached.kryo.CloseableKryoFactory] - <Registering 
serializable class 
[org.apereo.cas.ticket.support.RememberMeDelegatingExpirationPolicy] with Kryo>
2017-12-22 09:40:47,678 DEBUG 
[org.apereo.cas.AbstractCentralAuthenticationService] - <Publishing 
[org.apereo.cas.support.events.ticket.CasTicketGrantingTicketCreatedEvent@329053ab[ticketGrantingTicket=e***************************************************************]]>
2017-12-22 09:40:47,679 INFO 
[org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit 
trail record BEGIN
=============================================================
WHO: user
WHAT:
***************************************************************
ACTION: TICKET_GRANTING_TICKET_CREATED
APPLICATION: CAS
WHEN: Fri Dec 22 09:40:47 MYT 2017
CLIENT IP ADDRESS: 127.0.0.1
SERVER IP ADDRESS: 127.0.0.1
=============================================================

>
2017-12-22 09:40:47,680 DEBUG 
[org.apereo.cas.web.support.DefaultCasCookieValueManager] - <Encoding cookie 
value 
[***************************************************************@127.0.0.1@Mozilla/5.0
 (X11; Ubuntu; Linux x86_64; rv:57.0) Gecko/20100101 Firefox/57.0]>
2017-12-22 09:40:47,681 DEBUG [org.apereo.cas.util.EncodingUtils] - <Encrypting 
via [A128CBC-HS256]>








But there is no action for service ticket creation.

This is what my cas. properties looks like....




##
# tgc
##

# cas.tgc.path=
cas.tgc.maxAge=-1
# cas.tgc.domain=
cas.tgc.signingKey=***************************************************************
cas.tgc.name<http://cas.tgc.name>=TGC
cas.tgc.encryptionKey=***************************************************************
cas.tgc.secure=false
cas.tgc.rememberMeMaxAge=1350000

cas.tgc.cipherEnabled=true

cas.webflow.signing.key=***************************************************************
cas.webflow.signing.keySize=512


cas.webflow.encryption.keySize=16
cas.webflow.encryption.key=***************************************************************
cas.webflow.crypto.signing.key=***************************************************************
cas.webflow.crypto.encryption.key=***************************************************************

cas.tgc.crypto.signing.key= 
***************************************************************
cas.tgc.crypto.encryption.key=***************************************************************
# Service Registry
cas.serviceRegistry.watcherEnabled=true
cas.serviceRegistry.repeatInterval=120000
cas.serviceRegistry.startDelay=15000
cas.serviceRegistry.initFromJson=true
cas.serviceRegistry.config.location=file:/etc/cas/config/services

cas.ticket.tgt.onlyTrackMostRecentSession=true
cas.ticket.tgt.maxLength=50
cas.monitor.tgt.warn.threshold=10
cas.monitor.tgt.warn.evictionThreshold=0
#
# #remember me 31 days in seconds
# # Set to a negative value to never expire tickets
cas.ticket.tgt.maxTimeToLiveInSeconds=1350000
cas.ticket.tgt.timeToKillInSeconds=7200
cas.ticket.tgt.rememberMe.enabled=true
cas.ticket.tgt.rememberMe.timeToKillInSeconds=1350000
cas.web.flow.GenericSuccessViewAction=***************************************************************
cas.ticket.tgt.timeout.maxTimeToLiveInSeconds=1350000

##
#Throttled Timeout
##
cas.ticket.tgt.throttledTimeout.timeToKillInSeconds=28800
cas.ticket.tgt.throttledTimeout.timeInBetweenUsesInSeconds=5
cas.ticket.tgt.hardTimeout.timeToKillInSeconds=28800

#Monitoring the service ticket


cas.monitor.st.warn.threshold=10
cas.monitor.st.warn.evictionThreshold=0

cas.ticket.st.maxLength=20

cas.ticket.st.numberOfUses=1
cas.ticket.st.timeToKillInSeconds=15

cas.ticket.crypto.enabled=true
cas.ticket.crypto.signing.key= 
***************************************************************
cas.ticket.crypto.encryption.key=***************************************************************



#memcached
cas.ticket.registry.memcached.servers=localhost:11211
cas.ticket.registry.memcached.locatorType=ARRAY_MOD
cas.ticket.registry.memcached.failureMode=Redistribute
cas.ticket.registry.memcached.hashAlgorithm=FNV1_64_HASH
cas.ticket.registry.memcached.shouldOptimize=false
cas.ticket.registry.memcached.daemon=true
cas.ticket.registry.memcached.maxReconnectDelay=-1
cas.ticket.registry.memcached.useNagleAlgorithm=false
cas.ticket.registry.memcached.shutdownTimeoutSeconds=-1
cas.ticket.registry.memcached.opTimeout=-1
cas.ticket.registry.memcached.timeoutExceptionThreshold=2
cas.ticket.registry.memcached.maxTotal=20
cas.ticket.registry.memcached.maxIdle=8
cas.ticket.registry.memcached.minIdle=0
cas.ticket.registry.memcached.transcoder=KRYO
cas.ticket.registry.memcached.transcoderCompressionThreshold=16384
cas.ticket.registry.memcached.kryoAutoReset=false
cas.ticket.registry.memcached.kryoObjectsByReference=false
cas.ticket.registry.memcached.kryoRegistrationRequired=false

cas.ticket.registry.memcached.crypto.signing.key=***************************************************************
cas.ticket.registry.memcached.crypto.signing.keySize=512
cas.ticket.registry.memcached.crypto.encryption.key=*****************************
cas.ticket.registry.memcached.crypto.encryption.keySize=16
cas.ticket.registry.memcached.crypto.alg=AES
cas.ticket.registry.memcached.crypto.enabled=true



--
Ray Bon
Programmer analyst
Development Services, University Systems
2507218831 | CLE 019 | [email protected]

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/1513964790.1789.64.camel%40uvic.ca.

Re: [cas-user] CAS 5.2.0 No Service ticket

Reply via email to