jasig asp.net mvc cas client page is not redirecting properly
-
11-06-2021 - |
题
I have been using jasig .net cas client. I have setup cas server on my local computer which can be assessed using https://localhost:8443/cas-server-webapp-3.4.12/login
I have set authorize attribute on Account controllers logon action.
i am following everything given in this url https://wiki.jasig.org/pages/viewpage.action?pageId=32210981
when i run the application, it does go to cas login page but after authentication it returns with http://localhost:1672/
and then in browser it gives error as "The page isn't redirecting properly".
i don't know how i am getting this error, everything is setup properly in web.config.
Please help
when i use http://localhost:8080/cas-server-webapp-3.4.12/login
(non secure url) instead of https://localhost:8443/cas-server-webapp-3.4.12/login
(secure url) it works.
I think i have a problem with self signed certificate. Is it possible to create valid certificate and use it. At least i should try creating a valid certificate and try. But i don't know how to create valid certificate. Please also tell me how to create valid certificate. I tried google but not successful to find how to create valid certificate so that browser doesn't display "self signed certificate error".
解决方案 2
I found what the problem was. When we are using secure connection we need to have SSL certificate on both side, at CAS server side and at our webapplication side.
so at CAS server side it has to be
https://localhost:8443/cas-server-webapp-3.4.12/login
and at our web application side it has to be
https://servername/mywebapp
If you are using a self-signed certificate be sure that the server running CAS trusts the certificate of the web application.
其他提示
For my own experience, other than getting the self-signed cert to work:
I have to install the self-signed cert from the SSO
server to my Windows 2008 Server hosting the webapp).
Install the certificate under Trusted Root Cert Authorities
on BOTH the user account and the machine account.
You can do this under MMC
and then Add the certificate Snap-in.
Test your setup using IE to browse to the sso server in question.You should not see anymore warnings about the cert. Remember use IE to check, other browser does not seem to care about the Trusted Root Cert setup.
Next, when deployed the ASP MVC, I have to use classic Application Pool and
for my cas config setup in web.config
leave both the proxyTicketManager
and the gatewayStatusCookieName
as empty string.
I am connecting directly to the sso server so these two be taken out, or else protocol error and infinite loop.
Then no more infinite redirect loops complains.
you should specify the return url after success login in the web.config (just the server not the entire url)
example: you app is on http://localhost:8080/someWebApp/
when you go to the login page, you can see on the query string parameter the return url encoded
<casClientConfig casServerLoginUrl="https://localhost:8443/cas-server-webapp-3.4.12/login"
casServerUrlPrefix="https://localhost:8443/cas-server-webapp-3.4.12/"
serverName="http://localhost:8080"
notAuthorizedUrl="~/notAuthorized.html"
cookiesRequiredUrl="~/CookiesRequired.html"
redirectAfterValidation="true"
renew="false"
singleSignOut="true"
ticketValidatorName="Cas20"
serviceTicketManager="CacheServiceTicketManager"/>