Hi Ray, thanks for the reply, but there is no "service" parameter in the
log in URL.
Regards,
FAZLA
On Saturday, December 23, 2017 at 1:46:39 AM UTC+8, rbon wrote:
>
> With the login URL, is there a 'service' parameter ('target' for saml 1.1
> protocol)?
> A service ticket is only issued if there is a service to log in.
> With https://foo.com/cas/login, no ST,
> https://foo.com/cas/login?service=https://bar.com, there is ST.
>
> Ray
>
> On Thu, 2017-12-21 at 20:38 -0800, casuser wrote:
>
>
>
>
> *How can I issue service tickets in CAS 5.2.0. I am using memcached for
> storing the tickets. in the logs CAS is issuing the TGT but there is no ST.
> this is how it looks like in the log: *
>
> 2017-12-22 09:40:47,618 DEBUG
> [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] -
> <Collected authentication attributes for this result are
> [{org.apereo.cas.authentication.principal.REMEMBER_ME=true,
> credentialType=RememberMeUsernamePasswordCredential,
> authenticationMethod=LdapAuthenticationHandler,
> successfulAuthenticationHandlers=[LdapAuthenticationHandler]}]>
> 2017-12-22 09:40:47,618 DEBUG
> [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] -
> <Authentication result commenced at
> [2017-12-22T09:40:47.618+08:00[Asia/Kuala_Lumpur]]>
> 2017-12-22 09:40:47,619 DEBUG
> [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] -
> <Building an authentication result for authentication
> [org.apereo.cas.authentication.DefaultAuthentication@d0d20ec7] and service
> [null]>
> 2017-12-22 09:40:47,620 DEBUG
> [org.apereo.cas.ticket.factory.DefaultTicketGrantingTicketFactory] -
> <Attempting to encode ticket-granting ticket
> [TGT-***************************************************************FvYJ1mu3VU-rabby]>
> 2017-12-22 09:40:47,620 DEBUG [org.apereo.cas.util.EncodingUtils] -
> <Encrypting via [A128CBC-HS256]>
> 2017-12-22 09:40:47,621 DEBUG
> [org.apereo.cas.ticket.factory.DefaultTicketGrantingTicketFactory] -
> <Encoded ticket-granting ticket id
> [***************************************************************]>
> 2017-12-22 09:40:47,622 DEBUG
> [org.apereo.cas.ticket.registry.AbstractTicketRegistry] - <Encoding ticket
> [***************************************************************]>
> 2017-12-22 09:40:47,632 DEBUG
> [org.apereo.cas.ticket.registry.AbstractTicketRegistry] - <Encoded original
> ticket id [***************************************************************]
> to [***************************************************************]>
> 2017-12-22 09:40:47,632 DEBUG
> [org.apereo.cas.ticket.registry.AbstractTicketRegistry] - <Created encoded
> ticket [[***************************************************************]]>
> 2017-12-22 09:40:47,633 DEBUG
> [org.apereo.cas.ticket.registry.MemcachedTicketRegistry] - <Adding ticket
> [[***************************************************************]]>
> 2017-12-22 09:40:47,633 DEBUG
> [org.apereo.cas.memcached.kryo.CloseableKryo] - <Registering class [int]
> with Kryo using serializer
> [com.esotericsoftware.kryo.serializers.DefaultSerializers$IntSerializer]>
> 2017-12-22 09:40:47,634 DEBUG
> [org.apereo.cas.memcached.kryo.CloseableKryo] - <Registering class
> [java.lang.String] with Kryo using serializer
> [com.esotericsoftware.kryo.serializers.DefaultSerializers$StringSerializer]>
> 2017-12-22 09:40:47,634 DEBUG
> [org.apereo.cas.memcached.kryo.CloseableKryo] - <Registering class [float]
> with Kryo using serializer
> [com.esotericsoftware.kryo.serializers.DefaultSerializers$FloatSerializer]>
> 2017-12-22 09:40:47,634 DEBUG
> [org.apereo.cas.memcached.kryo.CloseableKryo] - <Registering class
> [boolean] with Kryo using serializer
> [com.esotericsoftware.kryo.serializers.DefaultSerializers$BooleanSerializer]>
> 2017-12-22 09:40:47,635 DEBUG
> [org.apereo.cas.memcached.kryo.CloseableKryo] - <Registering class [byte]
> with Kryo using serializer
> [com.esotericsoftware.kryo.serializers.DefaultSerializers$ByteSerializer]>
> 2017-12-22 09:40:47,635 DEBUG
> [org.apereo.cas.memcached.kryo.CloseableKryo] - <Registering class [char]
> with Kryo using serializer
> [com.esotericsoftware.kryo.serializers.DefaultSerializers$CharSerializer]>
> 2017-12-22 09:40:47,635 DEBUG
> [org.apereo.cas.memcached.kryo.CloseableKryo] - <Registering class [short]
> with Kryo using serializer
> [com.esotericsoftware.kryo.serializers.DefaultSerializers$ShortSerializer]>
> 2017-12-22 09:40:47,636 DEBUG
> [org.apereo.cas.memcached.kryo.CloseableKryo] - <Registering class [long]
> with Kryo using serializer
> [com.esotericsoftware.kryo.serializers.DefaultSerializers$LongSerializer]>
> 2017-12-22 09:40:47,636 DEBUG
> [org.apereo.cas.memcached.kryo.CloseableKryo] - <Registering class [double]
> with Kryo using serializer
> [com.esotericsoftware.kryo.serializers.DefaultSerializers$DoubleSerializer]>
> 2017-12-22 09:40:47,636 DEBUG
> [org.apereo.cas.memcached.kryo.CloseableKryo] - <Registering class [void]
> with Kryo using serializer
> [com.esotericsoftware.kryo.serializers.DefaultSerializers$VoidSerializer]>
> 2017-12-22 09:40:47,637 DEBUG
> [org.apereo.cas.memcached.kryo.CloseableKryoFactory] - <Constructing a kryo
> instance with the following settings:>
> 2017-12-22 09:40:47,637 DEBUG
> [org.apereo.cas.memcached.kryo.CloseableKryoFactory] -
> <warnUnregisteredClasses: [true]>
> 2017-12-22 09:40:47,637 DEBUG
> [org.apereo.cas.memcached.kryo.CloseableKryoFactory] - <autoReset: [false]>
> 2017-12-22 09:40:47,637 DEBUG
> [org.apereo.cas.memcached.kryo.CloseableKryoFactory] -
> <replaceObjectsByReferences: [false]>
> 2017-12-22 09:40:47,638 DEBUG
> [org.apereo.cas.memcached.kryo.CloseableKryoFactory] -
> <registrationRequired: [false]>
> 2017-12-22 09:40:47,638 DEBUG
> [org.apereo.cas.memcached.kryo.CloseableKryo] - <Registering class
> [org.apereo.cas.authentication.principal.SimpleWebApplicationServiceImpl]
> with Kryo using serializer
> [org.apereo.cas.memcached.kryo.serial.SimpleWebApplicationServiceSerializer]>
> 2017-12-22 09:40:47,639 DEBUG
> [org.apereo.cas.memcached.kryo.CloseableKryo] - <Registering class
> [org.apereo.cas.authentication.BasicCredentialMetaData] with Kryo using
> serializer [com.esotericsoftware.kryo.serializers.FieldSerializer]>
> 2017-12-22 09:40:47,639 DEBUG
> [org.apereo.cas.memcached.kryo.CloseableKryo] - <Registering class
> [org.apereo.cas.authentication.BasicIdentifiableCredential] with Kryo using
> serializer [com.esotericsoftware.kryo.serializers.FieldSerializer]>
> 2017-12-22 09:40:47,639 DEBUG
> [org.apereo.cas.memcached.kryo.CloseableKryo] - <Registering class
> [org.apereo.cas.authentication.DefaultHandlerResult] with Kryo using
> serializer [com.esotericsoftware.kryo.serializers.FieldSerializer]>
> 2017-12-22 09:40:47,640 DEBUG
> [org.apereo.cas.memcached.kryo.CloseableKryo] - <Registering class
> [org.apereo.cas.authentication.DefaultAuthentication] with Kryo using
> serializer [com.esotericsoftware.kryo.serializers.FieldSerializer]>
> 2017-12-22 09:40:47,640 DEBUG
> [org.apereo.cas.memcached.kryo.CloseableKryo] - <Registering class
> [org.apereo.cas.authentication.UsernamePasswordCredential] with Kryo using
> serializer [com.esotericsoftware.kryo.serializers.FieldSerializer]>
> 2017-12-22 09:40:47,641 DEBUG
> [org.apereo.cas.memcached.kryo.CloseableKryo] - <Registering class
> [org.apereo.cas.authentication.principal.SimplePrincipal] with Kryo using
> serializer [com.esotericsoftware.kryo.serializers.FieldSerializer]>
> 2017-12-22 09:40:47,641 DEBUG
> [org.apereo.cas.memcached.kryo.CloseableKryo] - <Registering class
> [org.apereo.cas.util.crypto.PublicKeyFactoryBean] with Kryo using
> serializer [com.esotericsoftware.kryo.serializers.FieldSerializer]>
> 2017-12-22 09:40:47,642 DEBUG
> [org.apereo.cas.memcached.kryo.CloseableKryo] - <Registering class
> [org.apereo.cas.services.ReturnAllowedAttributeReleasePolicy] with Kryo
> using serializer [com.esotericsoftware.kryo.serializers.FieldSerializer]>
> 2017-12-22 09:40:47,642 DEBUG
> [org.apereo.cas.memcached.kryo.CloseableKryo] - <Registering class
> [org.apereo.cas.services.ReturnAllAttributeReleasePolicy] with Kryo using
> serializer [com.esotericsoftware.kryo.serializers.FieldSerializer]>
>
>
>
>
>
>
> *2017-12-22 09:40:47,678 DEBUG
> [org.apereo.cas.memcached.kryo.CloseableKryoFactory] - <Registering
> serializable class
> [org.apereo.cas.ticket.support.RememberMeDelegatingExpirationPolicy] with
> Kryo> 2017-12-22 09:40:47,678 DEBUG
> [org.apereo.cas.AbstractCentralAuthenticationService] - <Publishing
> [org.apereo.cas.support.events.ticket.CasTicketGrantingTicketCreatedEvent@329053ab[ticketGrantingTicket=e*
>
>
>
> ****************************************************************]]>
> 2017-12-22 09:40:47,679 INFO
> [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit
> trail record BEGIN
> ============================================================= WHO: user
> WHAT: *
>
>
>
>
>
>
>
>
>
> **************************************************************** ACTION:
> TICKET_GRANTING_TICKET_CREATED APPLICATION: CAS WHEN: Fri Dec 22 09:40:47
> MYT 2017 CLIENT IP ADDRESS: 127.0.0.1 SERVER IP ADDRESS: 127.0.0.1
> ============================================================= > 2017-12-22
> 09:40:47,680 DEBUG
> [org.apereo.cas.web.support.DefaultCasCookieValueManager] - <Encoding
> cookie value [*
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> ****************************************************************@127.0.0.1@Mozilla/5.0
>
> (X11; Ubuntu; Linux x86_64; rv:57.0) Gecko/20100101 Firefox/57.0]>
> 2017-12-22 09:40:47,681 DEBUG [org.apereo.cas.util.EncodingUtils] -
> <Encrypting via [A128CBC-HS256]> But there is no action for service ticket
> creation. This is what my cas. properties looks like.... ## # tgc ## #
> cas.tgc.path= cas.tgc.maxAge=-1 # cas.tgc.domain= cas.tgc.signingKey=*
>
> ****************************************************************
> cas.tgc.name <http://cas.tgc.name>=TGC cas.tgc.encryptionKey=*
>
>
>
>
>
> ****************************************************************
> cas.tgc.secure=false cas.tgc.rememberMeMaxAge=1350000
> cas.tgc.cipherEnabled=true cas.webflow.signing.key=*
>
>
>
>
> ****************************************************************
> cas.webflow.signing.keySize=512 cas.webflow.encryption.keySize=16
> cas.webflow.encryption.key=*
> ****************************************************************
> cas.webflow.crypto.signing.key=*
> ****************************************************************
> cas.webflow.crypto.encryption.key=*
>
> ****************************************************************
> cas.tgc.crypto.signing.key= *
> ****************************************************************
> cas.tgc.crypto.encryption.key=*
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> **************************************************************** # Service
> Registry cas.serviceRegistry.watcherEnabled=true
> cas.serviceRegistry.repeatInterval=120000
> cas.serviceRegistry.startDelay=15000 cas.serviceRegistry.initFromJson=true
> cas.serviceRegistry.config.location=file:/etc/cas/config/services
> cas.ticket.tgt.onlyTrackMostRecentSession=true cas.ticket.tgt.maxLength=50
> cas.monitor.tgt.warn.threshold=10 cas.monitor.tgt.warn.evictionThreshold=0
> # # #remember me 31 days in seconds # # Set to a negative value to never
> expire tickets cas.ticket.tgt.maxTimeToLiveInSeconds=1350000
> cas.ticket.tgt.timeToKillInSeconds=7200
> cas.ticket.tgt.rememberMe.enabled=true
> cas.ticket.tgt.rememberMe.timeToKillInSeconds=1350000
> cas.web.flow.GenericSuccessViewAction=*
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> ****************************************************************
> cas.ticket.tgt.timeout.maxTimeToLiveInSeconds=1350000 ## #Throttled Timeout
> ## cas.ticket.tgt.throttledTimeout.timeToKillInSeconds=28800
> cas.ticket.tgt.throttledTimeout.timeInBetweenUsesInSeconds=5
> cas.ticket.tgt.hardTimeout.timeToKillInSeconds=28800 #Monitoring the
> service ticket cas.monitor.st.warn.threshold=10
> cas.monitor.st.warn.evictionThreshold=0 cas.ticket.st.maxLength=20
> cas.ticket.st.numberOfUses=1 cas.ticket.st.timeToKillInSeconds=15
> cas.ticket.crypto.enabled=true cas.ticket.crypto.signing.key= *
> ****************************************************************
> cas.ticket.crypto.encryption.key=*
> *****************************************************************
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> * #memcached cas.ticket.registry.memcached.servers=localhost:11211
> cas.ticket.registry.memcached.locatorType=ARRAY_MOD
> cas.ticket.registry.memcached.failureMode=Redistribute
> cas.ticket.registry.memcached.hashAlgorithm=FNV1_64_HASH
> cas.ticket.registry.memcached.shouldOptimize=false
> cas.ticket.registry.memcached.daemon=true
> cas.ticket.registry.memcached.maxReconnectDelay=-1
> cas.ticket.registry.memcached.useNagleAlgorithm=false
> cas.ticket.registry.memcached.shutdownTimeoutSeconds=-1
> cas.ticket.registry.memcached.opTimeout=-1
> cas.ticket.registry.memcached.timeoutExceptionThreshold=2
> cas.ticket.registry.memcached.maxTotal=20
> cas.ticket.registry.memcached.maxIdle=8
> cas.ticket.registry.memcached.minIdle=0
> cas.ticket.registry.memcached.transcoder=KRYO
> cas.ticket.registry.memcached.transcoderCompressionThreshold=16384
> cas.ticket.registry.memcached.kryoAutoReset=false
> cas.ticket.registry.memcached.kryoObjectsByReference=false
> cas.ticket.registry.memcached.kryoRegistrationRequired=false
> cas.ticket.registry.memcached.crypto.signing.key=*
>
> ****************************************************************
> cas.ticket.registry.memcached.crypto.signing.keySize=512
> cas.ticket.registry.memcached.crypto.encryption.key=*
>
>
>
>
>
> ******************************
> cas.ticket.registry.memcached.crypto.encryption.keySize=16
> cas.ticket.registry.memcached.crypto.alg=AES
> cas.ticket.registry.memcached.crypto.enabled=true *
>
> --
> Ray Bon
> Programmer analyst
> Development Services, University Systems
> 2507218831 | CLE 019 | [email protected] <javascript:>
>
>
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/a3007ddb-68c5-4517-9f53-195ad78f6b5e%40apereo.org.
