CAS между двумя разными серверами

Я установил сервер CAS с открытым доменом, и он работает правильно.

Теперь я хочу использовать свой другой публичный домен с другими сервисами с аутентификацией CAS, но после входа в CAS, когда я перенаправляю на эти сервисы, PHPCas говорит мне: «Аутентификация не удалась, вы не прошли аутентификацию»

Я долго искал и не мог найти решение. Что мне нужно, это сохранить сеанс CAS между двумя серверами.

Конфигурация аутентификации PHPCas:

phpCAS::client(CAS_VERSION_2_0,'example.com', 8443,'/cas', TRUE);

URL это: http://client.com/portal.php?ticket=ST-…..
таким образом, билет предоставлен (в журнале сервера CAS говорится «предоставлен тикет»), почему не проходит проверку подлинности?

Здесь у вас есть журнал phpCAS:

D4B6 .START (2018-03-15 11:57:13) phpCAS-1.3.5+ ****************** [CAS.php:468]
D4B6 .=> phpCAS::client('2.0', 'XX.com', 8443, '/cas') [portal.php:10]
D4B6 .|    => CAS_Client::__construct('2.0', false, 'XX.com', 8443, '/cas', true) [CAS.php:360]
D4B6 .|    |    Starting a new session okutpm09o0akdi2bisd1q9ivg5 [Client.php:932]
D4B6 .|    |    Session is not authenticated [Client.php:938]
D4B6 .|    <= ''
D4B6 .<= ''
D4B6 .=> phpCAS::setNoCasServerValidation() [portal.php:13]
D4B6 .|    You have configured no validation of the legitimacy of the cas server. This is not recommended for production use. [CAS.php:1644]
D4B6 .<= ''
D4B6 .=> phpCAS::forceAuthentication() [portal.php:16]
D4B6 .|    => CAS_Client::forceAuthentication() [CAS.php:1098]
D4B6 .|    |    => CAS_Client::isAuthenticated() [Client.php:1280]
D4B6 .|    |    |    => CAS_Client::_wasPreviouslyAuthenticated() [Client.php:1393]
D4B6 .|    |    |    |    no user found [Client.php:1635]
D4B6 .|    |    |    <= false
D4B6 .|    |    |    no ticket found [Client.php:1494]
D4B6 .|    |    <= false
D4B6 .|    |    => CAS_Client::redirectToCas(false) [Client.php:1289]
D4B6 .|    |    |    => CAS_Client::getServerLoginURL(false, false) [Client.php:1656]
D4B6 .|    |    |    |    => CAS_Client::getURL() [Client.php:342]
D4B6 .|    |    |    |    |    Final URI: https://www.XX.com/newlogin/v1/portal.php [Client.php:3549]
D4B6 .|    |    |    |    <= 'https://www.XX.com/newlogin/v1/portal.php'
D4B6 .|    |    |    <= 'https://XX.com:8443/cas/login?service=https%3A%2F%2Fwww.XX.com%2Fnewlogin%2Fv1%2Fportal.php'
D4B6 .|    |    |    Redirect to : https://XX.com:8443/cas/login?service=https%3A%2F%2Fwww.XX.com%2Fnewlogin%2Fv1%2Fportal.php [Client.php:1663]
D4B6 .|    |    |    exit()
D4B6 .|    |    |    -
D4B6 .|    |    -
D4B6 .|    -
B117 .START (2018-03-15 11:57:15) phpCAS-1.3.5+ ****************** [CAS.php:468]
B117 .=> phpCAS::client('2.0', 'XX.com', 8443, '/cas') [portal.php:10]
B117 .|    => CAS_Client::__construct('2.0', false, 'XX.com', 8443, '/cas', true) [CAS.php:360]
B117 .|    |    Starting a new session okutpm09o0akdi2bisd1q9ivg5 [Client.php:932]
B117 .|    |    Session is not authenticated [Client.php:938]
B117 .|    |    Ticket 'ST-43-bcpN1lrL0uxok07f9Xf4-cas' found [Client.php:1020]
B117 .|    <= ''
B117 .<= ''
B117 .=> phpCAS::setNoCasServerValidation() [portal.php:13]
B117 .|    You have configured no validation of the legitimacy of the cas server. This is not recommended for production use. [CAS.php:1644]
B117 .<= ''
B117 .=> phpCAS::forceAuthentication() [portal.php:16]
B117 .|    => CAS_Client::forceAuthentication() [CAS.php:1098]
B117 .|    |    => CAS_Client::isAuthenticated() [Client.php:1280]
B117 .|    |    |    => CAS_Client::_wasPreviouslyAuthenticated() [Client.php:1393]
B117 .|    |    |    |    no user found [Client.php:1635]
B117 .|    |    |    <= false
B117 .|    |    |    CAS 2.0 ticket `ST-43-bcpN1lrL0uxok07f9Xf4-cas' is present [Client.php:1447]
B117 .|    |    |    => CAS_Client::validateCAS20('', NULL, NULL, false) [Client.php:1450]
B117 .|    |    |    |     [Client.php:3170]
B117 .|    |    |    |    => CAS_Client::getServerServiceValidateURL() [Client.php:3177]
B117 .|    |    |    |    |    => CAS_Client::getURL() [Client.php:453]
B117 .|    |    |    |    |    |    Final URI: https://www.XX.com/newlogin/v1/portal.php [Client.php:3549]
B117 .|    |    |    |    |    <= 'https://www.XX.com/newlogin/v1/portal.php'
B117 .|    |    |    |    <= 'https://XX.com:8443/cas/serviceValidate?service=https%3A%2F%2Fwww.XX.com%2Fnewlogin%2Fv1%2Fportal.php'
B117 .|    |    |    |    => CAS_Client::_readURL('https://XX.com:8443/cas/serviceValidate?service=https%3A%2F%2Fwww.XX.com%2Fnewlogin%2Fv1%2Fportal.php&ticket=ST-43-bcpN1lrL0uxok07f9Xf4-cas', NULL, NULL, NULL) [Client.php:3192]
B117 .|    |    |    |    |    => CAS_Request_CurlRequest::sendRequest() [AbstractRequest.php:242]
B117 .|    |    |    |    |    |    curl_exec() failed [CurlRequest.php:77]
B117 .|    |    |    |    |    <= false
B117 .|    |    |    |    <= false
B117 .|    |    |    |    could not open URL 'https://XX.com:8443/cas/serviceValidate?service=https%3A%2F%2Fwww.XX.com%2Fnewlogin%2Fv1%2Fportal.php&ticket=ST-43-bcpN1lrL0uxok07f9Xf4-cas' to validate (CURL error #7: Failed to connect to XX.com port 8443: Connection refused) [Client.php:3195]
B117 .|    |    |    |    => CAS_AuthenticationException::__construct(CAS_Client, 'Ticket not validated', 'https://XX.com:8443/cas/serviceValidate?service=https%3A%2F%2Fwww.XX.com%2Fnewlogin%2Fv1%2Fportal.php&ticket=ST-43-bcpN1lrL0uxok07f9Xf4-cas', true) [Client.php:3199]
B117 .|    |    |    |    |    => CAS_Client::getURL() [AuthenticationException.php:77]
B117 .|    |    |    |    |    <= 'https://www.XX.com/newlogin/v1/portal.php'
B117 .|    |    |    |    |    CAS URL: https://XX.com:8443/cas/serviceValidate?service=https%3A%2F%2Fwww.XX.com%2Fnewlogin%2Fv1%2Fportal.php&ticket=ST-43-bcpN1lrL0uxok07f9Xf4-cas [AuthenticationException.php:80]
B117 .|    |    |    |    |    Authentication failure: Ticket not validated [AuthenticationException.php:81]
B117 .|    |    |    |    |    Reason: no response from the CAS server [AuthenticationException.php:83]
B117 .|    |    |    |    |    exit()
B117 .|    |    |    |    |    -
B117 .|    |    |    |    -
B117 .|    |    |    -
B117 .|    |    -
B117 .|    -

Я изменил реальный URL на XX, просто для конфиденциальности 🙂
Что я могу сделать? Спасибо!

0

Решение

Задача ещё не решена.

Другие решения

Других решений пока нет …

По вопросам рекламы [email protected]