Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Unable to Access Booked API with CAS Authentication #1

Open
akankshadureja opened this issue Dec 18, 2017 · 1 comment
Open

Unable to Access Booked API with CAS Authentication #1

akankshadureja opened this issue Dec 18, 2017 · 1 comment

Comments

@akankshadureja
Copy link

akankshadureja commented Dec 18, 2017
edited by jas-
Loading

Hi guys

I am trying to access Booked API after changing the Authentication mechanism to CAS. For this, used CAS Plugin and configured changes in CAS.Config,php as follows -:

conf['settings']['cas.version'] = '2.0';					// '1.0' = CAS_VERSION_1_0, '2.0 = CAS_VERSION_2_0, 'S1' = SAML_VERSION_1_1
$conf['settings']['cas.server.hostname'] = 'X.X.X.X';		// the hostname of the CAS server
$conf['settings']['cas.port'] = '443';						// the port the CAS server is running on
$conf['settings']['cas.server.uri'] = 'cas';					// the URI the CAS server is responding on
$conf['settings']['cas.change.session.id'] = 'false';		// Allow phpCAS to change the session_id
$conf['settings']['email.suffix'] = '@yourdomain.com';		// Email suffix to use when storing CAS user account. IE, email addresses will be saved to Booked Scheduler as username@yourdomain.co 
$conf['settings']['cas_logout_servers'] = 'https://X.X.X.X:443/cas/logout'; 				// Comma separated list of servers to use for logout. Leave blank to not use cas logout servers

$conf['settings']['cas.certificates'] = '';	// Path to certificate to use for CAS. Leave blank if no certificate should be used

$conf['settings']['cas.debug.enabled'] = 'true';
$conf['settings']['cas.debug.file'] = '/opt/lampp/htdocs/booked/phpcas.log';

Now when trying to use Booked API, I am unable to authenticate users
POST- : http://Booked_IP/booked/Web/Services/Authentication/Authenticate
{"username":"admin","password":"password"}

I get the following response- :

<!DOCTYPE html>
<html lang="en">
    <head>
        <meta charset="UTF-8" />
        <meta name="viewport" content="width=device-width, initial-scale=1" />
        <title>CAS &#8211; Central Authentication Service</title>
        <meta name="_csrf" content=""/>
        <meta name="_csrf_header" content=""/>
        <link rel="stylesheet" href="/cas/css/#.css" />
        <link rel="icon" href="/cas/favicon.ico" type="image/x-icon" />
    </head>
    <body id="cas">
        <div id="msg" class="errors">
            <h2>Application Not Authorized to Use CAS</h2>
            <p>The application you attempted to authenticate to is not authorized to use CAS.</p>
        </div>
        <script src="https://cdnjs.cloudflare.com/ajax/libs/headjs/1.0.3/head.min.js"></script>
        <script type="text/javascript" src="/cas/js/cas.js"></script>
    </body>
</html>

Is there anything I am missing here? Any other changes need to be done to use Authentication API with CAS?
@jas-
Copy link
Contributor

jas- commented Dec 18, 2017

Well right off the top I am seeing an issue with the protocol; i.e. http is being requested but https for the CAS client is being configured w/o the use of any x509 certificate and/or PKCS#12 trust store from root or intermediate CA's being specified in the configuration.

What does the phpcas.log file show?

# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jas- @akankshadureja