CAS with shib 3
Pablo Vidaurri
psvidaurri at gmail.com
Wed Jul 25 14:38:27 EDT 2018
[SOLVED] updated idp.properties file to have cas20 instead of cas30:
# Specify CAS validator to use - either 'cas10', 'cas20' or 'cas30' (default)
shibcas.ticketValidatorName = cas20
On Wed, Jul 25, 2018 at 12:33 PM Pablo Vidaurri <psvidaurri at gmail.com>
wrote:
> in idp log:
>
> ERROR [org.jasig.cas.client.util.XmlUtils:194] - The markup in the document following the root element must be well-formed.
> org.xml.sax.SAXParseException: The markup in the document following the root element must be well-formed.
>
> Looking at cas-client-3.4.1 source, error above is happening for each of the XmlUtils.getTextForElement which eventually produces:
>
> ERROR [net.unicon.idp.externalauth.ShibcasAuthServlet:109] - Ticket validation failed, returning InvalidTicket
> org.jasig.cas.client.validation.TicketValidationException: No principal was found in the response from the CAS server.
>
> Now to figure out what cas is sending back.
>
> Thanks.
>
> -psv
>
>
> On Sat, Jul 21, 2018 at 4:36 AM Peter Schober <peter.schober at univie.ac.at>
> wrote:
>
>> * Pablo Vidaurri <psvidaurri at gmail.com> [2018-07-20 23:09]:
>> > I am trying to do SSO using CAS and having shib 3 as SAML provider.
>>
>> Note that the Shibboleth IDP speaks CAS we well, so ideally you could
>> replace your CAS server and use just one system for all use-cases.
>>
>> > SAML response reported an IdP error.
>> >
>> > Error from identity provider:
>>
>> Well, what does the Identity Provider's logs say, then?
>>
>> -peter
>> --
>> For Consortium Member technical support, see
>> https://wiki.shibboleth.net/confluence/x/coFAAg
>> To unsubscribe from this list send an email to
>> users-unsubscribe at shibboleth.net
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20180725/85459fc5/attachment.html>
More information about the users
mailing list