Hi List,
i am trying to get the new cas_authentication plugin (Version 0.4.2) working with roundcube 0.7.2 and the phpCAS 1.3.1.
I am not sure if i miss the point with the proxy for the imap service, but the description of the cas_authentication says
"This plugin replaces the RoundCube login page with authentication requests to a CAS server, which enables logging into RoundCube with identities
authenticated by the CAS server and acts as a CAS proxy to relay authenticated credentials to the IMAP backend."
So i think the proxy is integrated within this plugin, right or not?
Has someone got this working with this plugin?
Is there is special configuration required for the proxy?
Anyway my cas_debug.log says the following (mailcas is the imap and roundcube server, cas is the cas server):
28E4 .START phpCAS-1.3.1 ****************** [CAS.php:450]
28E4 .=> phpCAS::proxy('2.0', 'cas.company.de', 443, '/cas', false) [cas_authn.php:256]
28E4 .| => CAS_Client::__construct('2.0', true, 'cas.company.de', 443, '/cas', false) [CAS.php:399]
28E4 .| <= ''
28E4 .<= ''
28E4 .=> phpCAS::setFixedCallbackURL('
https://mailcas.company.de/?_action=pgtcallback') [cas_authn.php:259]
28E4 .<= ''
28E4 .=> phpCAS::setPGTStorageFile('/tmp') [cas_authn.php:262]
28E4 .| => CAS_PGTStorage_File::__construct(CAS_Client, '/tmp') [Client.php:2212]
28E4 .| | => CAS_PGTStorage_AbstractStorage::__construct(CAS_Client) [File.php:119]
28E4 .| | <= ''
28E4 .| <= ''
28E4 .<= ''
28E4 .=> phpCAS::setFixedServiceURL('
https://mailcas.company.de/?_action=caslogin') [cas_authn.php:269]
28E4 .<= ''
28E4 .=> phpCAS::setNoCasServerValidation() [cas_authn.php:279]
28E4 .| You have configured no validation of the legitimacy of the cas server. This is not recommended for production use. [CAS.php:1663]
28E4 .<= ''
28E4 .=> phpCAS::setServerLoginURL('') [cas_authn.php:283]
28E4 .<= ''
28E4 .=> phpCAS::setServerLogoutURL('') [cas_authn.php:284]
28E4 .<= ''
28E4 .=> phpCAS::forceAuthentication() [cas_authn.php:98]
28E4 .| => CAS_Client::forceAuthentication() [CAS.php:1100]
28E4 .| | => CAS_Client::isAuthenticated() [Client.php:1081]
28E4 .| | | => CAS_Client::_wasPreviouslyAuthenticated() [Client.php:1187]
28E4 .| | | | neither user nor PGT found [Client.php:1353]
28E4 .| | | <= false
28E4 .| | | no ticket found [Client.php:1256]
28E4 .| | <= false
28E4 .| | => CAS_Client::redirectToCas(false) [Client.php:1090]
28E4 .| | | => CAS_Client::getServerLoginURL(false, false) [Client.php:1394]
28E4 .| | | | => CAS_Client::getURL() [Client.php:326]
28E4 .| | | | <= '
https://mailcas.company.de/?_action=caslogin'
28E4 .| | | <= '
https://cas.company.de/cas/login?service=https%3A%2F%2Fmailcas.company.de%2F%3F_action%3Dcaslogin'
28E4 .| | | Redirect to :
https://cas.company.de/cas/login?service=https%3A%2F%2Fmailcas.company.de%2F%3F_action%3Dcaslogin [Client.php:1400]
28E4 .| | | exit()
28E4 .| | | -
28E4 .| | -
28E4 .| -
8FBD .START phpCAS-1.3.1 ****************** [CAS.php:450]
8FBD .=> phpCAS::proxy('2.0', 'cas.company.de', 443, '/cas', false) [cas_authn.php:256]
8FBD .| => CAS_Client::__construct('2.0', true, 'cas.company.de', 443, '/cas', false) [CAS.php:399]
8FBD .| | Ticket 'ST-442-CbqppfBNyzclIEA17Lvu-cas' found [Client.php:868]
8FBD .| <= ''
8FBD .<= ''
8FBD .=> phpCAS::setFixedCallbackURL('
https://mailcas.company.de/?_action=pgtcallback') [cas_authn.php:259]
8FBD .<= ''
8FBD .=> phpCAS::setPGTStorageFile('/tmp') [cas_authn.php:262]
8FBD .| => CAS_PGTStorage_File::__construct(CAS_Client, '/tmp') [Client.php:2212]
8FBD .| | => CAS_PGTStorage_AbstractStorage::__construct(CAS_Client) [File.php:119]
8FBD .| | <= ''
8FBD .| <= ''
8FBD .<= ''
8FBD .=> phpCAS::setFixedServiceURL('
https://mailcas.company.de/?_action=caslogin') [cas_authn.php:269]
8FBD .<= ''
8FBD .=> phpCAS::setNoCasServerValidation() [cas_authn.php:279]
8FBD .| You have configured no validation of the legitimacy of the cas server. This is not recommended for production use. [CAS.php:1663]
8FBD .<= ''
8FBD .=> phpCAS::setServerLoginURL('') [cas_authn.php:283]
8FBD .<= ''
8FBD .=> phpCAS::setServerLogoutURL('') [cas_authn.php:284]
8FBD .<= ''
8FBD .=> phpCAS::forceAuthentication() [cas_authn.php:98]
8FBD .| => CAS_Client::forceAuthentication() [CAS.php:1100]
8FBD .| | => CAS_Client::isAuthenticated() [Client.php:1081]
8FBD .| | | => CAS_Client::_wasPreviouslyAuthenticated() [Client.php:1187]
8FBD .| | | | neither user nor PGT found [Client.php:1353]
8FBD .| | | <= false
8FBD .| | | CAS 2.0 ticket `ST-442-CbqppfBNyzclIEA17Lvu-cas' is present [Client.php:1221]
8FBD .| | | => CAS_Client::validateCAS20('', NULL, NULL) [Client.php:1222]
8FBD .| | | | [Client.php:2736]
8FBD .| | | | => CAS_Client::getServerServiceValidateURL() [Client.php:2742]
8FBD .| | | | | => CAS_Client::getURL() [Client.php:415]
8FBD .| | | | | <= '
https://mailcas.company.de/?_action=caslogin'
8FBD .| | | | <= '
https://cas.company.de/cas/serviceValidate?service=https%3A%2F%2Fmailcas.company.de%2F%3F_action%3Dcaslogin'
8FBD .| | | | => CAS_Client::_readURL('
https://cas.company.de/cas/serviceValidate?service=https%3A%2F%2Fmailcas.company.de%2F%3F_action%3Dcaslogin&ticket=ST-442-CbqppfBNyzclIEA17Lvu-cas&pgtUrl=https%3A%2F%2Fmailcas.company.de%2F%3F_action%3Dpgtcallback', NULL, NULL, NULL) [Client.php:2751]
8FBD .| | | | | => CAS_Request_CurlRequest::sendRequest() [AbstractRequest.php:218]
8FBD .| | | | | | Response Body:
8FBD .| | | | | | <cas:serviceResponse xmlns:cas='
http://www.yale.edu/tp/cas'>8FBD .| | | | | | <cas:authenticationSuccess>
8FBD .| | | | | | <cas:user>user.name</cas:user>
8FBD .| | | | | |
8FBD .| | | | | |
8FBD .| | | | | | </cas:authenticationSuccess>
8FBD .| | | | | | </cas:serviceResponse>
8FBD .| | | | | | [CurlRequest.php:82]
8FBD .| | | | | <= true
8FBD .| | | | <= true
8FBD .| | | | => CAS_Client::_readExtraAttributesCas20(DOMNodeList) [Client.php:2802]
8FBD .| | | | | Testing for rubycas style attributes [Client.php:2912]
8FBD .| | | | <= ''
8FBD .| | | | Storing Proxy List [Client.php:2811]
8FBD .| | | | => CAS_ProxyChain_AllowedList::isProxyListAllowed(array ()) [Client.php:2814]
8FBD .| | | | | No proxies were found in the response [AllowedList.php:81]
8FBD .| | | | <= true
8FBD .| | | | => CAS_Client::_renameSession('ST-442-CbqppfBNyzclIEA17Lvu-cas') [Client.php:2845]
8FBD .| | | | | Skipping session rename since phpCAS is not handling the session. [Client.php:3172]
8FBD .| | | | <= ''
8FBD .| | | <= true
8FBD .| | | CAS 2.0 ticket `ST-442-CbqppfBNyzclIEA17Lvu-cas' was validated [Client.php:1223]
8FBD .| | | => CAS_Client::_validatePGT('
https://cas.company.de/cas/serviceValidate?service=https%3A%2F%2Fmailcas.company.de%2F%3F_action%3Dcaslogin&ticket=ST-442-CbqppfBNyzclIEA17Lvu-cas&pgtUrl=https%3A%2F%2Fmailcas.company.de%2F%3F_action%3Dpgtcallback', '<cas:serviceResponse xmlns:cas=\'
http://www.yale.edu/tp/cas\'> <cas:authenticationSuccess> <cas:user>user.name</cas:user> </cas:authenticationSuccess></cas:serviceResponse>', DOMElement) [Client.php:1225]
8FBD .| | | | <proxyGrantingTicket> not found [Client.php:2235]
8FBD .| | | | => CAS_AuthenticationException::__construct(CAS_Client, 'Ticket validated but no PGT Iou transmitted', '
https://cas.company.de/cas/serviceValidate?service=https%3A%2F%2Fmailcas.company.de%2F%3F_action%3Dcaslogin&ticket=ST-442-CbqppfBNyzclIEA17Lvu-cas&pgtUrl=https%3A%2F%2Fmailcas.company.de%2F%3F_action%3Dpgtcallback', false, false, '<cas:serviceResponse xmlns:cas=\'
http://www.yale.edu/tp/cas\'> <cas:authenticationSuccess> <cas:user>user.name</cas:user> </cas:authenticationSuccess></cas:serviceResponse>') [Client.php:2241]
8FBD .| | | | | => CAS_Client::getURL() [AuthenticationException.php:76]
8FBD .| | | | | <= '
https://mailcas.company.de/?_action=caslogin'
8FBD .| | | | | CAS URL:
https://cas.company.de/cas/serviceValidate?service=https%3A%2F%2Fmailcas.company.de%2F%3F_action%3Dcaslogin&ticket=ST-442-CbqppfBNyzclIEA17Lvu-cas&pgtUrl=https%3A%2F%2Fmailcas.company.de%2F%3F_action%3Dpgtcallback [AuthenticationException.php:79]
8FBD .| | | | | Authentication failure: Ticket validated but no PGT Iou transmitted [AuthenticationException.php:80]
8FBD .| | | | | Reason: no CAS error [AuthenticationException.php:93]
8FBD .| | | | | CAS response: <cas:serviceResponse xmlns:cas='
http://www.yale.edu/tp/cas'>8FBD .| | | | | <cas:authenticationSuccess>
8FBD .| | | | | <cas:user>user.name</cas:user>
8FBD .| | | | |
8FBD .| | | | |
8FBD .| | | | | </cas:authenticationSuccess>
8FBD .| | | | | </cas:serviceResponse> [AuthenticationException.php:100]
8FBD .| | | | | exit()
I would appreciate any hints.
Andl