CAS между двумя разными серверами
Я установил сервер CAS с открытым доменом, и он работает правильно.
Теперь я хочу использовать свой другой публичный домен с другими сервисами с аутентификацией CAS, но после входа в CAS, когда я перенаправляю на эти сервисы, PHPCas говорит мне: «Аутентификация не удалась, вы не прошли аутентификацию»
Я долго искал и не мог найти решение. Что мне нужно, это сохранить сеанс CAS между двумя серверами.
Конфигурация аутентификации PHPCas:
phpCAS::client(CAS_VERSION_2_0,'example.com', 8443,'/cas', TRUE);
URL это: http://client.com/portal.php?ticket=ST-…..
таким образом, билет предоставлен (в журнале сервера CAS говорится «предоставлен тикет»), почему не проходит проверку подлинности?
Здесь у вас есть журнал phpCAS:
D4B6 .START (2018-03-15 11:57:13) phpCAS-1.3.5+ ****************** [CAS.php:468]
D4B6 .=> phpCAS::client('2.0', 'XX.com', 8443, '/cas') [portal.php:10]
D4B6 .| => CAS_Client::__construct('2.0', false, 'XX.com', 8443, '/cas', true) [CAS.php:360]
D4B6 .| | Starting a new session okutpm09o0akdi2bisd1q9ivg5 [Client.php:932]
D4B6 .| | Session is not authenticated [Client.php:938]
D4B6 .| <= ''
D4B6 .<= ''
D4B6 .=> phpCAS::setNoCasServerValidation() [portal.php:13]
D4B6 .| You have configured no validation of the legitimacy of the cas server. This is not recommended for production use. [CAS.php:1644]
D4B6 .<= ''
D4B6 .=> phpCAS::forceAuthentication() [portal.php:16]
D4B6 .| => CAS_Client::forceAuthentication() [CAS.php:1098]
D4B6 .| | => CAS_Client::isAuthenticated() [Client.php:1280]
D4B6 .| | | => CAS_Client::_wasPreviouslyAuthenticated() [Client.php:1393]
D4B6 .| | | | no user found [Client.php:1635]
D4B6 .| | | <= false
D4B6 .| | | no ticket found [Client.php:1494]
D4B6 .| | <= false
D4B6 .| | => CAS_Client::redirectToCas(false) [Client.php:1289]
D4B6 .| | | => CAS_Client::getServerLoginURL(false, false) [Client.php:1656]
D4B6 .| | | | => CAS_Client::getURL() [Client.php:342]
D4B6 .| | | | | Final URI: https://www.XX.com/newlogin/v1/portal.php [Client.php:3549]
D4B6 .| | | | <= 'https://www.XX.com/newlogin/v1/portal.php'
D4B6 .| | | <= 'https://XX.com:8443/cas/login?service=https%3A%2F%2Fwww.XX.com%2Fnewlogin%2Fv1%2Fportal.php'
D4B6 .| | | Redirect to : https://XX.com:8443/cas/login?service=https%3A%2F%2Fwww.XX.com%2Fnewlogin%2Fv1%2Fportal.php [Client.php:1663]
D4B6 .| | | exit()
D4B6 .| | | -
D4B6 .| | -
D4B6 .| -
B117 .START (2018-03-15 11:57:15) phpCAS-1.3.5+ ****************** [CAS.php:468]
B117 .=> phpCAS::client('2.0', 'XX.com', 8443, '/cas') [portal.php:10]
B117 .| => CAS_Client::__construct('2.0', false, 'XX.com', 8443, '/cas', true) [CAS.php:360]
B117 .| | Starting a new session okutpm09o0akdi2bisd1q9ivg5 [Client.php:932]
B117 .| | Session is not authenticated [Client.php:938]
B117 .| | Ticket 'ST-43-bcpN1lrL0uxok07f9Xf4-cas' found [Client.php:1020]
B117 .| <= ''
B117 .<= ''
B117 .=> phpCAS::setNoCasServerValidation() [portal.php:13]
B117 .| You have configured no validation of the legitimacy of the cas server. This is not recommended for production use. [CAS.php:1644]
B117 .<= ''
B117 .=> phpCAS::forceAuthentication() [portal.php:16]
B117 .| => CAS_Client::forceAuthentication() [CAS.php:1098]
B117 .| | => CAS_Client::isAuthenticated() [Client.php:1280]
B117 .| | | => CAS_Client::_wasPreviouslyAuthenticated() [Client.php:1393]
B117 .| | | | no user found [Client.php:1635]
B117 .| | | <= false
B117 .| | | CAS 2.0 ticket `ST-43-bcpN1lrL0uxok07f9Xf4-cas' is present [Client.php:1447]
B117 .| | | => CAS_Client::validateCAS20('', NULL, NULL, false) [Client.php:1450]
B117 .| | | | [Client.php:3170]
B117 .| | | | => CAS_Client::getServerServiceValidateURL() [Client.php:3177]
B117 .| | | | | => CAS_Client::getURL() [Client.php:453]
B117 .| | | | | | Final URI: https://www.XX.com/newlogin/v1/portal.php [Client.php:3549]
B117 .| | | | | <= 'https://www.XX.com/newlogin/v1/portal.php'
B117 .| | | | <= 'https://XX.com:8443/cas/serviceValidate?service=https%3A%2F%2Fwww.XX.com%2Fnewlogin%2Fv1%2Fportal.php'
B117 .| | | | => CAS_Client::_readURL('https://XX.com:8443/cas/serviceValidate?service=https%3A%2F%2Fwww.XX.com%2Fnewlogin%2Fv1%2Fportal.php&ticket=ST-43-bcpN1lrL0uxok07f9Xf4-cas', NULL, NULL, NULL) [Client.php:3192]
B117 .| | | | | => CAS_Request_CurlRequest::sendRequest() [AbstractRequest.php:242]
B117 .| | | | | | curl_exec() failed [CurlRequest.php:77]
B117 .| | | | | <= false
B117 .| | | | <= false
B117 .| | | | could not open URL 'https://XX.com:8443/cas/serviceValidate?service=https%3A%2F%2Fwww.XX.com%2Fnewlogin%2Fv1%2Fportal.php&ticket=ST-43-bcpN1lrL0uxok07f9Xf4-cas' to validate (CURL error #7: Failed to connect to XX.com port 8443: Connection refused) [Client.php:3195]
B117 .| | | | => CAS_AuthenticationException::__construct(CAS_Client, 'Ticket not validated', 'https://XX.com:8443/cas/serviceValidate?service=https%3A%2F%2Fwww.XX.com%2Fnewlogin%2Fv1%2Fportal.php&ticket=ST-43-bcpN1lrL0uxok07f9Xf4-cas', true) [Client.php:3199]
B117 .| | | | | => CAS_Client::getURL() [AuthenticationException.php:77]
B117 .| | | | | <= 'https://www.XX.com/newlogin/v1/portal.php'
B117 .| | | | | CAS URL: https://XX.com:8443/cas/serviceValidate?service=https%3A%2F%2Fwww.XX.com%2Fnewlogin%2Fv1%2Fportal.php&ticket=ST-43-bcpN1lrL0uxok07f9Xf4-cas [AuthenticationException.php:80]
B117 .| | | | | Authentication failure: Ticket not validated [AuthenticationException.php:81]
B117 .| | | | | Reason: no response from the CAS server [AuthenticationException.php:83]
B117 .| | | | | exit()
B117 .| | | | | -
B117 .| | | | -
B117 .| | | -
B117 .| | -
B117 .| -
Я изменил реальный URL на XX, просто для конфиденциальности 🙂
Что я могу сделать? Спасибо!
Решение
Задача ещё не решена.
Другие решения
Других решений пока нет …