Authentication failure: PT not validated (no response from the CAS server)

> Hi all
> I was just wondering if anyone had any hint on this problem - logs are
> helpful but I guess I'm missing something.
>
> What happens here I think is that the ticket is not valid - but I
> don't know why. In this scenario I have "setNoCasServerValidation".
> Here's the log, questions following:
>
> 4306 .START ****************** [CAS.php:414]
> 4306 .=> *phpCAS::setNoCasServerValidation()* [auth.php:152]
> 4306 .<= ''
> 4306 .=> phpCAS::checkAuthentication() [auth.php:165]
> 4306 .|    => CASClient::checkAuthentication() [CAS.php:885]
> 4306 .|    |    => CASClient::isAuthenticated() [client.php:738]
> 4306 .|    |    |    => CASClient::wasPreviouslyAuthenticated()
> [client.php:797]
> 4306 .|    |    |    |    no user found [client.php:909]
> 4306 .|    |    |    <= false
> 4306 .|    |    |    *PT `ST-1-2jUZQ9YulTTTMWCwUZdL-cas' is present*
> [client.php:819]
> 4306 .|    |    |    => CASClient::validatePT('', NULL, NULL)
> [client.php:820]
> 4306 .|    |    |    |    => CASClient::getURL() [client.php:396]
> 4306 .|    |    |    |    <=
> 'https://moodleserver/devmoodle/login/index.php'
> 4306 .|    |    |    |    =>
> CASClient::readURL('https://tomtomserver:8443/cas-server-webapp-3.3.4/proxyValidate?service=https%3A%2F%2Fmoodleserver%2Fdevmoodle%2Flogin%2Findex.php&ticket=ST-1-2jUZQ9YulTTTMWCwUZdL-cas',
> '', NULL, NULL, NULL) [client.php:2104]
> 4306 .|    |    |    |    |    *curl_exec() failed* [client.php:1867]
> 4306 .|    |    |    |    <= false
> 4306 .|    |    |    |    *could not open URL*
> 'https://tomtomserver:8443/cas-server-webapp-3.3.4/proxyValidate?service=https%3A%2F%2Fmoodleserver%2Fdevmoodle%2Flogin%2Findex.php&ticket=ST-1-2jUZQ9YulTTTMWCwUZdL-cas' 
> to validate (*CURL error #7: couldn't connect to host*) [client.php:2105]
> 4306 .|    |    |    |    => CASClient::authError('PT not validated',
> 'https://tomtomserver:8443/cas-server-webapp-3.3.4/proxyValidate?service=https%3A%2F%2Fmoodleserver%2Fdevmoodle%2Flogin%2Findex.php&ticket=ST-1-2jUZQ9YulTTTMWCwUZdL-cas',
> true) [client.php:2108]
> 4306 .|    |    |    |    |    => CASClient::getURL() [client.php:2289]
> 4306 .|    |    |    |    |    <=
> 'https://moodleserver/devmoodle/login/index.php'
> 4306 .|    |    |    |    |    CAS URL:
> https://tomtomserver:8443/cas-server-webapp-3.3.4/proxyValidate?service=https%3A%2F%2Fmoodleserver%2Fdevmoodle%2Flogin%2Findex.php&ticket=ST-1-2jUZQ9YulTTTMWCwUZdL-cas 
> [client.php:2290]
> 4306 .|    |    |    |    |    Authentication failure: PT not
> validated [client.php:2291]
> 4306 .|    |    |    |    |    Reason: no response from the CAS server
> [client.php:2293]
> 4306 .|    |    |    |    |    exit()
> 4306 .|    |    |    |    |    -
> 4306 .|    |    |    |    -
> 4306 .|    |    |    -
> 4306 .|    |    -
> 4306 .|    -
>
> What I see here is a series of not really clear messages.
> For example, curl_exec fails with a "couldn't connect to host"
> message. However, if I cut and paste the url, including the ticket, I
> actually get an error message - but related to the ticket itself
> rather than to the server:
>
> <cas:serviceResponse xmlns:cas='*http://www.yale.edu/tp/cas*'>
>     <cas:authenticationFailure code='INVALID_TICKET'>
>         ticket 'ST-1-2jUZQ9YulTTTMWCwUZdL-cas' not recognized
> </cas:authenticationFailure>
> </cas:serviceResponse>
>
>
> Yale? :-) Is this maybe the problem? Maybe it's just the namespace
> definition, but I wonder if it actually does try to validate the
> ticket using the yale server? (But if so, where is this specified?)
>
> Moreover, it's not completely clear to me why " *PT
> `ST-1-2jUZQ9YulTTTMWCwUZdL-cas' is present"
> **
> *Any help is greatly appreciated. I think I'm getting to the point
> with your help, so thanks a lot!
>
> Giuseppe
>
> Marvin Addison wrote:
>

> Hi,
>
> Maybe your problem is that phpCAS (which version ?) is trying to
> validate a ServiceTicket (prefixe ticket is ST and not PT)  with the
> ProxyTicket url, you should find why your apps is trying to validate
> it like that, see your init phpCAS::client() parameters, in my mind
> you should set no proxy ;)
>
> Thanks
>
> Julien
>
> Giuseppe Sollazzo a écrit :
>> Hi all
>> I was just wondering if anyone had any hint on this problem - logs
>> are helpful but I guess I'm missing something.
>>
>> What happens here I think is that the ticket is not valid - but I
>> don't know why. In this scenario I have "setNoCasServerValidation".
>> Here's the log, questions following:
>>
>> 4306 .START ****************** [CAS.php:414]
>> 4306 .=> *phpCAS::setNoCasServerValidation()* [auth.php:152]
>> 4306 .<= ''
>> 4306 .=> phpCAS::checkAuthentication() [auth.php:165]
>> 4306 .|    => CASClient::checkAuthentication() [CAS.php:885]
>> 4306 .|    |    => CASClient::isAuthenticated() [client.php:738]
>> 4306 .|    |    |    => CASClient::wasPreviouslyAuthenticated()
>> [client.php:797]
>> 4306 .|    |    |    |    no user found [client.php:909]
>> 4306 .|    |    |    <= false
>> 4306 .|    |    |    *PT `ST-1-2jUZQ9YulTTTMWCwUZdL-cas' is present*
>> [client.php:819]
>> 4306 .|    |    |    => CASClient::validatePT('', NULL, NULL)
>> [client.php:820]
>> 4306 .|    |    |    |    => CASClient::getURL() [client.php:396]
>> 4306 .|    |    |    |    <=
>> 'https://moodleserver/devmoodle/login/index.php'
>> 4306 .|    |    |    |    =>
>> CASClient::readURL('https://tomtomserver:8443/cas-server-webapp-3.3.4/proxyValidate?service=https%3A%2F%2Fmoodleserver%2Fdevmoodle%2Flogin%2Findex.php&ticket=ST-1-2jUZQ9YulTTTMWCwUZdL-cas',
>> '', NULL, NULL, NULL) [client.php:2104]
>> 4306 .|    |    |    |    |    *curl_exec() failed* [client.php:1867]
>> 4306 .|    |    |    |    <= false
>> 4306 .|    |    |    |    *could not open URL*
>> 'https://tomtomserver:8443/cas-server-webapp-3.3.4/proxyValidate?service=https%3A%2F%2Fmoodleserver%2Fdevmoodle%2Flogin%2Findex.php&ticket=ST-1-2jUZQ9YulTTTMWCwUZdL-cas' 
>> to validate (*CURL error #7: couldn't connect to host*)
>> [client.php:2105]
>> 4306 .|    |    |    |    => CASClient::authError('PT not validated',
>> 'https://tomtomserver:8443/cas-server-webapp-3.3.4/proxyValidate?service=https%3A%2F%2Fmoodleserver%2Fdevmoodle%2Flogin%2Findex.php&ticket=ST-1-2jUZQ9YulTTTMWCwUZdL-cas',
>> true) [client.php:2108]
>> 4306 .|    |    |    |    |    => CASClient::getURL() [client.php:2289]
>> 4306 .|    |    |    |    |    <=
>> 'https://moodleserver/devmoodle/login/index.php'
>> 4306 .|    |    |    |    |    CAS URL:
>> https://tomtomserver:8443/cas-server-webapp-3.3.4/proxyValidate?service=https%3A%2F%2Fmoodleserver%2Fdevmoodle%2Flogin%2Findex.php&ticket=ST-1-2jUZQ9YulTTTMWCwUZdL-cas 
>> [client.php:2290]
>> 4306 .|    |    |    |    |    Authentication failure: PT not
>> validated [client.php:2291]
>> 4306 .|    |    |    |    |    Reason: no response from the CAS
>> server [client.php:2293]
>> 4306 .|    |    |    |    |    exit()
>> 4306 .|    |    |    |    |    -
>> 4306 .|    |    |    |    -
>> 4306 .|    |    |    -
>> 4306 .|    |    -
>> 4306 .|    -
>>
>> What I see here is a series of not really clear messages.
>> For example, curl_exec fails with a "couldn't connect to host"
>> message. However, if I cut and paste the url, including the ticket, I
>> actually get an error message - but related to the ticket itself
>> rather than to the server:
>>
>> <cas:serviceResponse xmlns:cas='*http://www.yale.edu/tp/cas*'>
>>     <cas:authenticationFailure code='INVALID_TICKET'>
>>         ticket 'ST-1-2jUZQ9YulTTTMWCwUZdL-cas' not recognized
>> </cas:authenticationFailure>
>> </cas:serviceResponse>
>>
>>
>> Yale? :-) Is this maybe the problem? Maybe it's just the namespace
>> definition, but I wonder if it actually does try to validate the
>> ticket using the yale server? (But if so, where is this specified?)
>>
>> Moreover, it's not completely clear to me why " *PT
>> `ST-1-2jUZQ9YulTTTMWCwUZdL-cas' is present"
>> **
>> *Any help is greatly appreciated. I think I'm getting to the point
>> with your help, so thanks a lot!
>>
>> Giuseppe
>>
>> Marvin Addison wrote:
>>
>
>