我正在尝试在我的网站上为SSO实现dotnet-cas-client。我遵循了https://github.com/apereo/dotnet-cas-client/wiki/Getting-Started这里给出的文档。我能够连接到CAS服务器,并且可以看到SSO的登录页面,但是登录后出现错误“页面重定向次数过多”。我已经搜索了多个网站并尝试了许多不同的方法,但似乎无法解决问题。我尝试在我的webconfig中实现诊断部分以生成日志,这样我就可以了解出什么问题了,但是没有生成日志。我将粘贴在我的webconfig配置下面。有人可以告诉我我做错了什么吗?如果您需要我提供更多信息,请告诉我。
<?xml version="1.0" encoding="UTF-8"?>
<!--
For more information on how to configure your ASP.NET application, please visit
https://go.microsoft.com/fwlink/?LinkId=301879
-->
<configuration>
<configSections>
<section name="casClientConfig" type="DotNetCasClient.Configuration.CasClientConfiguration, DotNetCasClient" />
</configSections>
<appSettings>
<add key="webpages:Version" value="3.0.0.0" />
<add key="webpages:Enabled" value="false" />
<add key="ClientValidationEnabled" value="true" />
<add key="UnobtrusiveJavaScriptEnabled" value="true" />
<add key="ValidationSettings:UnobtrusiveValidationMode" value="None" />
</appSettings>
<connectionStrings>
<add name="TestConnectionString" connectionString="Data Source=localhost;Initial Catalog=clinical;Persist Security Info=True; Integrated Security=SSPI;" providerName="System.Data.SqlClient" />
</connectionStrings>
<system.diagnostics>
<trace autoflush="true" useGlobalLock="false" />
<sharedListeners>
<!--
Writing trace output to a log file is recommended.
IMPORTANT:
The user account under which the containing application pool runs
must have privileges to create and modify the trace log file.
-->
<add name="TraceFile"
type="System.Diagnostics.TextWriterTraceListener"
initializeData="C:\inetpub\logs\LogFiles\DotNetCasClient.Log"
traceOutputOptions="DateTime" />
</sharedListeners>
<sources>
<!-- Provides diagnostic information on module configuration parameters. -->
<source name="DotNetCasClient.Config" switchName="Config" switchType="System.Diagnostics.SourceSwitch" >
<listeners>
<add name="TraceFile" />
</listeners>
</source>
<!-- Traces IHttpModule lifecycle events and meaningful operations performed therein. -->
<source name="DotNetCasClient.HttpModule" switchName="HttpModule" switchType="System.Diagnostics.SourceSwitch" >
<listeners>
<add name="TraceFile" />
</listeners>
</source>
<!-- Provides protocol message and routing information. -->
<source name="DotNetCasClient.Protocol" switchName="Protocol" switchType="System.Diagnostics.SourceSwitch" >
<listeners>
<add name="TraceFile" />
</listeners>
</source>
<!-- Provides details on security operations and notable security conditions. -->
<source name="DotNetCasClient.Security" switchName="Security" switchType="System.Diagnostics.SourceSwitch" >
<listeners>
<add name="TraceFile" />
</listeners>
</source>
</sources>
<switches>
<!--
Set trace switches to appropriate logging level. Recommended values in order of increasing verbosity:
- Off
- Error
- Warning
- Information
- Verbose
-->
<!--
Config category displays detailed information about CasAuthenticationModule configuration.
The output of this category is only displayed when the module is initialized, which happens
for the first request following application/server startup.
-->
<add name="Config" value="Verbose"/>
<!--
Set this category to Verbose to trace HttpModule lifecycle events in CasAuthenticationModule.
This category produces voluminous output in Verbose mode and should be avoided except for
limited periods of time troubleshooting vexing integration problems.
-->
<add name="HttpModule" value="Verbose"/>
<!--
Set to Verbose to display protocol messages between the client and server.
This category is very helpful for troubleshooting integration problems.
-->
<add name="Protocol" value="Verbose"/>
<!--
Displays important security-related information.
-->
<add name="Security" value="Verbose"/>
</switches>
</system.diagnostics>
<system.web>
<authentication mode="Forms">
<forms name=".DotNetCasClientAuth" loginUrl="https://cas.server.com/cas/login" timeout="30" cookieless="UseCookies" defaultUrl="~/Default.aspx" path="/" />
</authentication>
<customErrors mode="Off" />
<compilation targetFramework="4.7.1" debug="true">
<assemblies>
<add assembly="System.Design, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A" />
<add assembly="System.Web.Extensions.Design, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
</assemblies>
</compilation>
<httpRuntime targetFramework="4.7.1" />
<httpModules>
<add name="DotNetCasClient" type="DotNetCasClient.CasAuthenticationModule,DotNetCasClient" />
<add name="ApplicationInsightsWebTracking" type="Microsoft.ApplicationInsights.Web.ApplicationInsightsHttpModule, Microsoft.AI.Web" />
</httpModules>
<authorization>
<allow users = "*" />
</authorization>
<roleManager enabled="true" defaultProvider="AspNetReadOnlyXmlRoleProvider">
<providers>
<add name="AspNetReadOnlyXmlRoleProvider" type="DotNetCasClient.Security.ReadOnlyXmlRoleProvider" xmlFileName="~/App_Data/UserRoles.xml"/>
</providers>
</roleManager>
<siteMap enabled="true">
<providers>
<clear/>
<add siteMapFile="Web.sitemap" name="AspNetXmlSiteMapProvider" type="System.Web.XmlSiteMapProvider"/>
</providers>
</siteMap>
<pages enableEventValidation="false" >
<controls>
<add tagPrefix="cas" tagName="CookieViewer" src="~/Controls/CookieViewer.ascx"/>
<add tagPrefix="cas" tagName="TicketManager" src="~/Controls/TicketManager.ascx"/>
</controls>
</pages>
</system.web>
<system.webServer>
<defaultDocument>
<files>
<remove value="iisstart.htm" />
<remove value="index.htm" />
<remove value="index.html" />
<remove value="Default.asp" />
<remove value="Default.htm" />
<add value="index.aspx" />
</files>
</defaultDocument>
<handlers>
<remove name="ExtensionlessUrlHandler-Integrated-4.0" />
<remove name="OPTIONSVerbHandler" />
<remove name="TRACEVerbHandler" />
<add name="ExtensionlessUrlHandler-Integrated-4.0" path="*." verb="*" type="System.Web.Handlers.TransferRequestHandler" preCondition="integratedMode,runtimeVersionv4.0" />
</handlers>
<modules>
<remove name="TelemetryCorrelationHttpModule" />
<remove name="DotNetCasClient" />
<add name="DotNetCasClient" type="DotNetCasClient.CasAuthenticationModule,DotNetCasClient" />
<add name="TelemetryCorrelationHttpModule" type="Microsoft.AspNet.TelemetryCorrelation.TelemetryCorrelationHttpModule, Microsoft.AspNet.TelemetryCorrelation" preCondition="integratedMode,managedHandler" />
<remove name="ApplicationInsightsWebTracking" />
<add name="ApplicationInsightsWebTracking" type="Microsoft.ApplicationInsights.Web.ApplicationInsightsHttpModule, Microsoft.AI.Web" preCondition="managedHandler" />
</modules>
<validation validateIntegratedModeConfiguration="false" />
<rewrite>
<rules>
<rule name="HTTPS redirect" enabled="false">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="^OFFS" />
</conditions>
<action type="Rewrite" url="https://{HTTP_HOST}/{R:1}" />
</rule>
</rules>
</rewrite>
</system.webServer>
<runtime>
<assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
<dependentAssembly>
<assemblyIdentity name="Antlr3.Runtime" publicKeyToken="eb42632606e9261f" />
<bindingRedirect oldVersion="0.0.0.0-3.5.0.2" newVersion="3.5.0.2" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="System.Diagnostics.DiagnosticSource" publicKeyToken="cc7b13ffcd2ddd51" />
<bindingRedirect oldVersion="0.0.0.0-4.0.2.1" newVersion="4.0.2.1" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="Newtonsoft.Json" culture="neutral" publicKeyToken="30ad4fe6b2a6aeed" />
<bindingRedirect oldVersion="0.0.0.0-11.0.0.0" newVersion="11.0.0.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="System.Web.Optimization" publicKeyToken="31bf3856ad364e35" />
<bindingRedirect oldVersion="1.0.0.0-1.1.0.0" newVersion="1.1.0.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="WebGrease" publicKeyToken="31bf3856ad364e35" />
<bindingRedirect oldVersion="0.0.0.0-1.6.5135.21930" newVersion="1.6.5135.21930" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="System.Web.Helpers" publicKeyToken="31bf3856ad364e35" />
<bindingRedirect oldVersion="1.0.0.0-3.0.0.0" newVersion="3.0.0.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="System.Web.WebPages" publicKeyToken="31bf3856ad364e35" />
<bindingRedirect oldVersion="1.0.0.0-3.0.0.0" newVersion="3.0.0.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="System.Web.Mvc" publicKeyToken="31bf3856ad364e35" />
<bindingRedirect oldVersion="1.0.0.0-5.2.4.0" newVersion="5.2.4.0" />
</dependentAssembly>
</assemblyBinding>
</runtime>
<system.codedom>
<compilers>
<compiler language="c#;cs;csharp" extension=".cs" type="Microsoft.CodeDom.Providers.DotNetCompilerPlatform.CSharpCodeProvider, Microsoft.CodeDom.Providers.DotNetCompilerPlatform, Version=1.0.8.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" warningLevel="4" compilerOptions="/langversion:default /nowarn:1659;1699;1701" />
<compiler language="vb;vbs;visualbasic;vbscript" extension=".vb" type="Microsoft.CodeDom.Providers.DotNetCompilerPlatform.VBCodeProvider, Microsoft.CodeDom.Providers.DotNetCompilerPlatform, Version=1.0.8.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" warningLevel="4" compilerOptions="/langversion:default /nowarn:41008 /define:_MYTYPE=\"Web\" /optionInfer+" />
</compilers>
</system.codedom>
<casClientConfig casServerLoginUrl="https://cas.server.com/cas/login" casServerUrlPrefix="https://cas.server.com/cas/" serverName="https://mywebsite.com/" redirectAfterValidation="true" renew="false" singleSignOut="true" ticketTimeTolerance="5000" ticketValidatorName="Cas20" serviceTicketManager="CacheServiceTicketManager" />
</configuration>
答案 0 :(得分:0)
通过更改应该生成日志的位置,我可以使用日志。重定向循环是由403禁止错误引起的。经过调查,我发现所连接的CAS服务器不允许通过端口443与我通信,因为该端口已被阻止。打开端口后,CAS开始工作。
答案 1 :(得分:0)
对于可能有同样问题的其他人,我可以通过查看表单部分的 defaultUrl 来解决它。确保此 url 不受 CAS 保护,否则会导致无限重定向循环。