Finally, using CAS 5.1.8 as a single sign-on server, applications can enter account passwords. The page that returns to the application cannot be seen after a successful login.

The page is not working properly and localhost is redirecting you too many times. Try to clear cookie. ERR_TOO_MANY_REDIRECTSCopy the code

That’s a lot of holes.

Debug the application. It’s not even running inside the application. CAS will have a back-and-forth interaction with the application during the authentication process, which is likely to die in the process. Why is there too much redirection? It is estimated that there is a link did not succeed in authentication, retry many times.

CAS run logs (C:\etc\ CAS \logs\)

The 2018-03-02 14:00:36, 258 INFO [. Org. Apereo inspektr. Audit. Support. Slf4jLoggingAuditTrailManager] - audit trail record BEGIN ============================================================= WHO: http://localhost/NTZHHY.Web/OneMap? proxyResponse=true WHAT: Supplied credentials: [http://localhost/NTZHHY.Web/OneMap?proxyResponse=true] ACTION: AUTHENTICATION_FAILED APPLICATION: CAS =============================================================Copy the code

ProxyResponse =true Agent? There’s no agent.

This time you fix the problem by modifying the application configuration file. Our application is one. NET project, CAS configuration file has this sentence:

The < casClientConfig casServerLoginUrl = "http://192.168.0.231:8080/cas/login" CasServerUrlPrefix = "http://192.168.0.231:8080/cas/" serverName = "http://localhost/" notAuthorizedUrl="~/NotAuthorized.aspx" cookiesRequiredUrl="~/CookiesRequired.aspx" redirectAfterValidation="true" gateway="false" renew="false" singleSignOut="true" ticketTimeTolerance="5000" ticketValidatorName="Cas20" proxyTicketManager="CacheProxyTicketManager" serviceTicketManager="CacheServiceTicketManager" gatewayStatusCookieName="CasGatewayStatus"/>Copy the code

ProxyTicketManager =”CacheProxyTicketManager”. It seems to have something to do with it. Get rid of it. Done!

It turned out that we had been using CAS 3.* as a single sign-on. The configuration statement in.NET was copied from somewhere else, and I never knew what it meant because it worked, so I never left it. Now the higher version, no longer, the problem was exposed.

In the official documentation, the default configuration also does not have this property:

<casClientConfig
  casServerLoginUrl="https://server.example.com/cas/login"
  casServerUrlPrefix="https://server.example.com/cas/"
  serverName="https://client.example.com:8443"
  notAuthorizedUrl="~/NotAuthorized.aspx"
  cookiesRequiredUrl="~/CookiesRequired.aspx"
  redirectAfterValidation="true"
  renew="false"
  singleSignOut="true"
  ticketValidatorName="Cas20"
  serviceTicketManager="CacheServiceTicketManager" />
Copy the code