phpCAS: Authentication failed with CAS
I have installed a CAS server with a public domain and it works correctly. I implemented PHPCas in the same server and it works correctly too, and I was able to authenticate me on it.
Now I want to use my other public domain with different services with CAS authentication but, after login in CAS, when I redirect to these services, PHPCas tell me “Authentication failed, you were not authenticated”
I have been searching for a long time and I couldn’t find any solution. What I need is to keep the CAS session between two servers.
The configuration of PHPCas authentication is:
phpCAS::client(CAS_VERSION_2_0,'example.com', 8443,'/cas', TRUE);
The url is this: http://client.com/portal.php?ticket=ST-… so the ticket is granted, why is failiing the authentication?
The procedure is the following one:
include_once("../CAS.php");
//initialize phpCAS (CAS Version, CAS Server, Port, Base URI, Should phpCAS start a PHP Session?)
phpCAS::client(CAS_VERSION_2_0,'example.com', 8443,'/cas', TRUE);
//For development. Prints out additional warnings.
phpCAS::setDebug();
phpCAS::setVerbose(true);
//no SSL validation for the CAS server
phpCAS::setNoCasServerValidation();
//force CAS authentication.
phpCAS::forceAuthentication();
What can I do? setVerbose only tells me the PHPcas version and what CAS server is used. I don’t have any logfile in /tmp (I don’t know why)
Thanks!
About this issue
- Original URL
- State: closed
- Created 6 years ago
- Comments: 21 (8 by maintainers)
@adamfranco you suggested in previous comment as per below
curl -i https://XX.com:8443/cas/serviceValidate?service=https%3A%2F%2Fwww.XX.com%2Fnewlogin%2Fv1%2Fportal.php&ticket=ST-43-bcpN1lrL0uxok07f9Xf4-cas
If the connection is working, this should return you XML with an error message if the ticket is expired. If you aren’t getting any XML then you probably have issues with networking or firewall.
So i do the same and get the XML with an error message as per below. can you guide me what’s wrong with this issue.
<?xml version='1.0' encoding='UTF-8'?><cas:serviceResponse xmlns:cas=“http://www.xxx.xxx/xx/cas”><cas:authenticationFailure code=“INVALID_REQUEST”>No ticket string provided</cas:authenticationFailure></cas:serviceResponse>
You CAS log does not seem to be about the right call. The ST granting is normally the step where the ST is transmitted via URL back to the phpcas client. You should for something with “validate” in the logs. (No sure what it’s called)
With regard to the strange CAS server answer. I could be character/language related but that’s just a wild guess. This issue is however outside of phpCAS ans therefor we cannot really help much from our end…