Error ill-formed ticket found in the URL when ticket is encrypted

[atilling]

If the cas server is encrypting the ticket value (cas.ticket.security.cipherEnabled=true) the php client fails with the error: Error ill-formed ticket found in the URL

You have to set this property to false for the client to work.

[jfritschi]

Related to #180

[atilling]

I don't believe it is related to #180 because php CAS doesn't need to decrypt the ticket instead the criteria for what is a valid ticket needs to accept that the encrypted ticket is valid and just pass it back.

[jfritschi]

Can you please supply a debug log?

[atilling]

3424 .START (2017-08-22 12:11:13) phpCAS-1.3.5 ** [CAS.php:468] 3424 .=> phpCAS::client('3.0', 'castst.conncoll.edu', 443, 'cas') [index.php:12] 3424 .| => CAS_Client::__construct('3.0', false, 'castst.conncoll.edu', 443, 'cas', true) [CAS.php:360] 3424 .| | Starting a new session cq25i8qv8bbq8uqoiud8hh2g75 [Client.php:932] 3424 .| | Session is not authenticated [Client.php:938] 3424 .| | => phpCAS::error('ill-formed ticket found in the URL (ticket=eyJhbGciOiJIUzUxMiJ9.WlhsS05tRllRV2xQYVVwRlVsVlphVXhEU21oaVIyTnBUMmxLYTJGWVNXbE1RMHBzWW0xTmFVOXBTa0pOVkVrMFVUQktSRXhWYUZSTmFsVXlTVzR3TGk1NFYxaDNTbWhOY25KMFoxQm9aM1ExVkc4eGFGVjNMakJhZHpRdE0zcFRVV2hFUlhsaGNYVTVibWw1VlUxT05EazFURkpRWDNkRWVHcERXR0l3YUVGcldXSkdPWGxMTmpWRFIyazBiV2M1VUdocldWbHVVa0l1VVUxWmFtZFVUWGRLWm1VM2NVNVhabVk1VjBsclp3PT0.QCt2Ma0yxcfigVaNE5DYlwog1Vz8bIRB_EzoJjs85wWnXKCEwaxlvQKoIMU7C4HdxFbJya-Pj6URByRfpMwbsg\')') [Client.php:1028] 3424 .| | | ill-formed ticket found in the URL (ticket=eyJhbGciOiJIUzUxMiJ9.WlhsS05tRllRV2xQYVVwRlVsVlphVXhEU21oaVIyTnBUMmxLYTJGWVNXbE1RMHBzWW0xTmFVOXBTa0pOVkVrMFVUQktSRXhWYUZSTmFsVXlTVzR3TGk1NFYxaDNTbWhOY25KMFoxQm9aM1ExVkc4eGFGVjNMakJhZHpRdE0zcFRVV2hFUlhsaGNYVTVibWw1VlUxT05EazFURkpRWDNkRWVHcERXR0l3YUVGcldXSkdPWGxMTmpWRFIyazBiV2M1VUdocldWbHVVa0l1VVUxWmFtZFVUWGRLWm1VM2NVNVhabVk1VjBsclp3PT0.QCt2Ma0yxcfigVaNE5DYlwog1Vz8bIRB_EzoJjs85wWnXKCEwaxlvQKoIMU7C4HdxFbJya-Pj6URByRfpMwbsg') in /cwd/cwassets/httpd/alias/tp/cas/cas5-php-test/index.phpon line 12 [CAS.php:566] 3424 .| | <= ''

[jfritschi]

Thanks, looks like we simply need to adjust the regexp security filter for the ticket so that it allows all formats including the new encryption.

[MrDys]

Has there been any movement on this? I'm running against master, with all of the fixes for ticket/session length (#248, #257, and #224), but enabling cas.ticket.security.cipherEnabled still throws an error.