Message Boards

  1. Home
  2. Portal
  3. CAS Setup Problem

CAS Setup Problem

Karl Chin, modified 7 Years ago.

CAS Setup Problem

Junior Member Posts: 28 Join Date: 10/5/16 Recent Posts
Hi all,

I am using liferay 7 GA3 and I get trouble on integrate the portal with CAS.

I have an existing CAS server which is currently providing SSO services to end users.

Also, I set the context root of the tomcat to /liferay (https://web.liferay.com/community/wiki/-/wiki/Main/Changing+context+path+of+portal)

According to this guide: https://dev.liferay.com/discover/deployment/-/knowledge_base/7-0/cas-central-authentication-service-single-sign-on-authentication, I have exported the ssl cert of the CAS server and import it in the java key store in Liferayt server.

Then I set the following in control panel :
Login URL: https://login.example.com/cas/login
Logout URL: https://login.example.com/cas/logout
Server Name: https://portal.example.com/liferay
Server URL: https://login.example.com/cas
Service URL: https://portal.example.com/liferay/c/portal/login
No Such User Redirect URLemoticonnull)

When I enable the setting and try to login with proper credential, it prompts for "too many redirects".

What have I missed?

Thanks in Advance!

All the best,
Karl
Karl Chin, modified 7 Years ago.

RE: CAS Setup Problem

Junior Member Posts: 28 Join Date: 10/5/16 Recent Posts
Does anyone have any idea? I am still being stuck on this issue. emoticon
thumbnail
Jaydip Lakhatariya, modified 7 Years ago.

RE: CAS Setup Problem

Junior Member Posts: 53 Join Date: 4/18/13 Recent Posts
Hi,

In cas server configuration either you can set Server Name or Service URL. It doesn't not allowed both properties to be set. Try to set any on of the property and make sure in your cas server configuration you have provided valid information regarding portal.

Regards,
Jaydip
Karl Chin, modified 7 Years ago.

RE: CAS Setup Problem

Junior Member Posts: 28 Join Date: 10/5/16 Recent Posts
Hi Jaydip,

Unfortunately, I tried to removed either Server Name or Service URL, the problem still persists.

I have double checked the java keystore cacerts, the cas cert has already imported.

Some log on
>>>>Liferay Server catalina.out:
03:10:37,167 DEBUG [http-nio-8080-exec-8][CommonUtils:133] serviceUrl generated: https://portal.example.com/liferay/c/portal/login?p_l_id=32505
03:10:37,224 DEBUG [http-nio-8080-exec-1][CommonUtils:133] serviceUrl generated: https://portal.example.com/liferay/c/portal/login?p_l_id=32505
03:10:37,281 DEBUG [http-nio-8080-exec-10][CommonUtils:133] serviceUrl generated: https://portal.example.com/liferay/c/portal/login?p_l_id=32505
03:10:42,358 DEBUG [http-nio-8080-exec-9][CommonUtils:133] serviceUrl generated: https://portal.example.com/liferay/c/portal/login?p_l_id=32505
03:10:42,421 DEBUG [http-nio-8080-exec-4][CommonUtils:133] serviceUrl generated: https://portal.example.com/liferay/c/portal/login?p_l_id=32505
03:10:42,481 DEBUG [http-nio-8080-exec-2][CommonUtils:133] serviceUrl generated: https://portal.example.com/liferay/c/portal/login?p_l_id=32505
03:10:42,568 DEBUG [http-nio-8080-exec-3][CommonUtils:133] serviceUrl generated: https://portal.example.com/liferay/c/portal/login?p_l_id=32505
03:10:42,624 DEBUG [http-nio-8080-exec-7][CommonUtils:133] serviceUrl generated: https://portal.example.com/liferay/c/portal/login?p_l_id=32505
03:10:42,684 DEBUG [http-nio-8080-exec-5][CommonUtils:133] serviceUrl generated: https://portal.example.com/liferay/c/portal/login?p_l_id=32505
03:10:42,740 DEBUG [http-nio-8080-exec-6][CommonUtils:133] serviceUrl generated: https://portal.example.com/liferay/c/portal/login?p_l_id=32505

CAS Server catalina.out
2016-12-28 11:14:36,186 DEBUG [org.jasig.cas.web.support.CasArgumentExtractor] - Extractor generated service for: https://portal.example.com/liferay/c/portal/login?p_l_id=32505
2016-12-28 11:14:36,186 DEBUG [org.jasig.cas.web.support.CasArgumentExtractor] - Extractor generated service for: https://portal.example.com/liferay/c/portal/login?p_l_id=32505
2016-12-28 11:14:36,186 DEBUG [org.jasig.cas.web.flow.InitialFlowSetupAction] - Placing service in FlowScope: https://portal.example.com/liferay/c/portal/login?p_l_id=32505
2016-12-28 11:14:36,186 DEBUG [org.jasig.cas.web.flow.InitialFlowSetupAction] - Placing service in FlowScope: https://portal.example.com/liferay/c/portal/login?p_l_id=32505
2016-12-28 11:14:36,191 INFO [org.jasig.cas.CentralAuthenticationServiceImpl] - Granted service ticket [ST-35708-SZd4mkhYQdffzHOCOMei-login.example.com] for service [https://portal.example.com/liferay/c/portal/login?p_l_id=32505] for user [KARLCHIN]

Please help!

All the best,
Karl Chin
Karl Chin, modified 7 Years ago.

RE: CAS Setup Problem

Junior Member Posts: 28 Join Date: 10/5/16 Recent Posts
Hi,

As there is no clue in the catalina.out, where can I set the log level specifically for CAS to trace down what the problem is.

Regards,
Karl
Karl Chin, modified 7 Years ago.

RE: CAS Setup Problem

Junior Member Posts: 28 Join Date: 10/5/16 Recent Posts
It may be related to the version of CAS.

Originally, I use CAS 3.5 and Liferay 7 GA3, it prompts for error for "too many redirects"

Afterward, I use CAS 4.2 and Liferay 7 GA3, I can do login successfully.

Is Liferay 7 only compatible for CAS 4.2? Or do I miss some configuration on either my liferay portal or CAS, or both?

Thanks,
Karl