webgroupf
Forum Replies Created
-
Forum: Plugins
In reply to: [Authorizer] Cannot complete login processFollow up question:
Please forgive my ignorance, but when you stated that your “university replaced SSL certs on our CAS server to remove the AddTrust root CA from the chain”, were you implying that if our CAS server has an AddTrust root CA in its cert chain and we remove it, then OpenSSL versions which are failing because of the expired root CA will succeed? Or is it more complicated that this?
Forum: Plugins
In reply to: [Authorizer] Cannot complete login processPaul,
With your help we were able to see what it is that is likely causing the problem, which is our OpenSSL version 1.0.1
Our hosting provider suggests an OS upgrade (Ubuntu v14 to v18), but in the meantime, I removed the AddTrust cert from the ca-bundle.crt in “/wp-includes/certificates/ca-bundle.crt”. This revision lets Authorizer connect to the CAS server and successfully authenticate.
We know this will get overwritten by future WP upgrades, but we needed a solution immediately until our ISP can permanently resolve.
Thank you so much.
Forum: Plugins
In reply to: [Authorizer] Cannot complete login processAdditional error info:
[Wed Jun 03 06:55:32 2020] [warn] [client 173.56.121.24] mod_fcgid: stderr: CAS server returned an Authentication Exception. Details:, referer: https://loginp.fordham.edu/cas/login?service=https%3A%2F%2Ftestsite.ufordh.am%2Freferences%2Fwp-login.php%3Fexternal%3Dcas%26redirect_to%3Dhttps%253A%252F%252Ftestsite.ufordh.am%252Freferences%252Fwp-admin%252F
[Wed Jun 03 06:55:32 2020] [warn] [client 173.56.121.24] mod_fcgid: stderr: CAS URL: https://loginp.fordham.edu/cas/samlValidate?TARGET=https%3A%2F%2Ftestsite.ufordh.am%2Freferences%2Fwp-login.php%3Fexternal%3Dcas%26redirect_to%3Dhttps%253A%252F%252Ftestsite.ufordh.am%252Freferences%252Fwp-admin%252F, referer: https://loginp.fordham.edu/cas/login?service=https%3A%2F%2Ftestsite.ufordh.am%2Freferences%2Fwp-login.php%3Fexternal%3Dcas%26redirect_to%3Dhttps%253A%252F%252Ftestsite.ufordh.am%252Freferences%252Fwp-admin%252F
[Wed Jun 03 06:55:32 2020] [warn] [client 173.56.121.24] mod_fcgid: stderr: Authentication failure: SA not validated, referer: https://loginp.fordham.edu/cas/login?service=https%3A%2F%2Ftestsite.ufordh.am%2Freferences%2Fwp-login.php%3Fexternal%3Dcas%26redirect_to%3Dhttps%253A%252F%252Ftestsite.ufordh.am%252Freferences%252Fwp-admin%252F
[Wed Jun 03 06:55:32 2020] [warn] [client 173.56.121.24] mod_fcgid: stderr: Reason: no response from the CAS server, referer: https://loginp.fordham.edu/cas/login?service=https%3A%2F%2Ftestsite.ufordh.am%2Freferences%2Fwp-login.php%3Fexternal%3Dcas%26redirect_to%3Dhttps%253A%252F%252Ftestsite.ufordh.am%252Freferences%252Fwp-admin%252F
[Wed Jun 03 06:55:32 2020] [warn] [client 173.56.121.24] mod_fcgid: stderr: PHP Warning: Cannot modify header information – headers already sent by (output started at ../wp-content/plugins/authorizer/vendor/phpCAS-1.3.6/source/CAS/Client.php:80) in ../wp-content/plugins/authorizer/vendor/phpCAS-1.3.6/source/CAS/Client.php on line 1695, referer: https://loginp.fordham.edu/cas/login?service=https%3A%2F%2Ftestsite.ufordh.am%2Freferences%2Fwp-login.php%3Fexternal%3Dcas%26redirect_to%3Dhttps%253A%252F%252Ftestsite.ufordh.am%252Freferences%252Fwp-admin%252FForum: Plugins
In reply to: [Authorizer] Cannot complete login processPaul,
WP_DEBUG_DISPLAY is set to false
The WordPress Dashboard for Authorizer shows:
Authorizer Settings
Can’t reach CAS server. Please provide accurate CAS settings if you intend to use it.None of the CAS settings for any of my WordPress sites have changed in the last few years, and I can successfully authenticate and login with the same settings with my non-Wordpress sites on the same server.
The error log shows:
[Wed Jun 03 00:05:51 2020] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Wed Jun 03 00:07:07 2020] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)Forum: Plugins
In reply to: [Authorizer] Cannot complete login processYes, I turned on WP_DEBUG_DISLAY so that I could see any errors. I have about ten different sites that are using Authorizer, and as of this morning, I cannot log into any of those sites with Authorizer. They all use different themes and have a mix of plugins and they all return the same error (in the text below [domain] replaces name of actual folder):
———–START————–
CAS Authentication failed!You were not authenticated.
You may submit your request again by clicking here.
If the problem persists, you may contact the administrator of this site.
Warning: Cannot modify header information – headers already sent by (output started at /home/[domain]/references/wp-content/plugins/authorizer/vendor/phpCAS-1.3.6/source/CAS/Client.php:80) in /home/[domain]/references/wp-content/plugins/authorizer/vendor/phpCAS-1.3.6/source/CAS/Client.php on line 1695
CAS logout wanted!
You should already have been redirected to the CAS server. Click here to continue.
———-END—————–
The site I am using to test and find a fix is https://testsite.ufordh.am/references. It has only one plugin (Authorizer) and uses a default WordPress theme (twenty-twenty), php 7.3, Apache 2.2.
I can successfully authenticate and log into my non-Wordpress apps using PHPCAS, which are on the same server as my WordPress apps where I am using Authorizer.