[Building Sakai] Problem enabling CAS in OAE
Michael Dunlap
michael.dunlap at yale.edu
Mon Feb 13 13:44:40 PST 2012
Ok, I sorted it out. The problem was apache's redirect directive. I
needed to add a NE to my redirect flags to prevent Apache from rewriting
the URL.
Michael
On 02/13/2012 02:05 PM, Michael Dunlap wrote:
> Hello,
>
> I'm trying to enable CAS in OAE. I have built the casauth module,
> installed it and configured it to use our local CAS server. I've also
> edited dev/configuration/config_custom.js. (Basically I've followed the
> steps here:
> https://confluence.sakaiproject.org/display/3AK/Configuring+CAS+Proxy+Tickets+for+OAE+hybrid
> )
>
> It seems like CAS half works. I get directed to our CAS server, and
> then after authenticating I get sent back. However, I get a
> "Authentication Failed" message. The logs say this:
>
> 13.02.2012 13:48:23.853 *ERROR* [959475624 at qtp-996989880-58]
> org.sakaiproject.nakamura.auth.cas.CasAuthenticationHandler Error
> response from server code=INVALID_SERVICE message=
> ticket 'ST-5022423-jCsmbfzOnorzWgNeXTeb-cas' does not
> match supplied service. The original service was
> 'http://sakai-hybrid.its.yale.edu/system/sling/cas/login?sakaiauth:login=2&resource=%2Fme&url=%2Fme&'
> and the supplied service was
> 'http://sakai-hybrid.its.yale.edu/system/sling/cas/login?sakaiauth:login=2&resource=%252Fme&url=%252Fme&'.
>
> What I'm seeing here is the service is getting mangled. I'm not sure
> why I'm switching from https to http, and I'm not sure why it's
> rewriting my URL twice (once to convert resource=/me to resource=%2Fme
> and then again to resource=%252Fme.)
>
> Anyone have any advice?
>
> Thanks,
> Michael
>
--
Michael Dunlap UNIX Systems Administrator
michael.dunlap at yale.edu Production Systems, ITS
(203) 436-2539 Yale University
GPG Public Key: http://pantheon.yale.edu/~mrd25/gpg_work_key.pub
More information about the sakai-dev
mailing list