CAS ask me for authentication evey time
Huertas Fernández, José Luis
jlhuertas at indra.es
Tue Jul 4 04:04:34 EDT 2006
Hi, I'm very new with CAS and I'm having a problem:
I've configured a CAS server (3.0.4) which successfully starts and authenticate users against a LDAP server. I'm using an Acegi secured application as CAS client. First time I try to access the application, the CAS login screen appears, then I enter the username and password and I'm redirected to my application main page.
But, If I open a second browser and try to enter into the application, the CAS login screen is shown again... shuldn't be I already authenticated? Same happens with a third, fourth,... browser.
I've changed this parameter (from value 1 to value 1000) in the serviceTicketExpirationPolicy bean:
<!-- This argument is the number of times that a ticket can be used before its considered expired. -->
<constructor-arg index="0" value="1000" />
But nothing has changed...
I'm sure the "renew=true" parameter is not sent, because I can see the url and it is not present.
BTW, I can't see any cookie in my "temporal internet files" when I login... Should I have got one?
I would be very grateful if someone can help me or point me in the right direction (is there any user /configuration guide anywhere?)
Thanks in advance,
Jose Luis.
This is what the log shows:
2006-07-04 09:18:05,472 DEBUG [org.jasig.cas.web.flow.TicketGrantingTicketExistsAction] - <Action 'org.jasig.cas.web.flow.TicketGrantingTicketExistsAction' beginning execution>
2006-07-04 09:18:05,472 DEBUG [org.jasig.cas.web.flow.TicketGrantingTicketExistsAction] - <Action 'org.jasig.cas.web.flow.TicketGrantingTicketExistsAction' completed execution; result event is [Event at e22632 source = org.jasig.cas.web.flow.TicketGrantingTicketExistsAction at 1ed7524, id = 'noTicketGrantingTicketExists', stateId = [null], parameters = [null]]>
2006-07-04 09:18:05,472 DEBUG [org.jasig.cas.web.flow.GatewayRequestCheckAction] - <Action 'org.jasig.cas.web.flow.GatewayRequestCheckAction' beginning execution>
2006-07-04 09:18:05,503 DEBUG [org.jasig.cas.web.flow.GatewayRequestCheckAction] - <Action 'org.jasig.cas.web.flow.GatewayRequestCheckAction' completed execution; result event is [Event at 139d891 source = org.jasig.cas.web.flow.GatewayRequestCheckAction at 6d23ea, id = 'authenticationRequired', stateId = [null], parameters = [null]]>
//LOGIN SCREEN IS SHOWN, AND I ENTER MY IDENTIFICATION
2006-07-04 09:19:00,847 DEBUG [org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Action 'org.jasig.cas.web.flow.AuthenticationViaFormAction' beginning execution>
2006-07-04 09:19:00,847 DEBUG [org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Creating new form object 'credentials'>
2006-07-04 09:19:00,847 DEBUG [org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Creating new form object of class [org.jasig.cas.authentication.principal.UsernamePasswordCredentials]>
2006-07-04 09:19:00,847 DEBUG [org.jasig.cas.web.flow.AuthenticationViaFormAction] - <No property editor registrar set, no custom editors to register>
2006-07-04 09:19:00,847 DEBUG [org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Binding allowed parameters in event: [ServletEvent at 16b4e30 source = org.apache.catalina.connector.RequestFacade at 25753d, id = 'submit', stateId = 'viewLoginForm', parameters = map['password' -> 'holamundo', 'service' -> 'https://Tomcat:9443/psegldap/j_acegi_cas_security_check', 'lt' -> '1BCECD27-9043-84C1-F980-20F4F9911C55', 'username' -> 'usuarioldap2', '_currentStateId' -> 'viewLoginForm', '_eventId' -> 'submit']] to form object with name: 'credentials', prebind-toString: org.jasig.cas.authentication.principal.UsernamePasswordCredentials at 79a340[userName=<null>]>
2006-07-04 09:19:00,847 DEBUG [org.jasig.cas.web.flow.AuthenticationViaFormAction] - <(Any event parameter is allowed)>
2006-07-04 09:19:00,847 DEBUG [org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Binding completed for form object with name: 'credentials', postbind-toString: org.jasig.cas.authentication.principal.UsernamePasswordCredentials at 79a340[userName=usuarioldap2]>
2006-07-04 09:19:00,847 DEBUG [org.jasig.cas.web.flow.AuthenticationViaFormAction] - <There are [0] errors, details: []>
2006-07-04 09:19:00,847 DEBUG [org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Invoking validator: org.jasig.cas.validation.UsernamePasswordCredentialsValidator at 148bd9e>
2006-07-04 09:19:00,894 DEBUG [org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Validation completed for form object with name: 'credentials'>
2006-07-04 09:19:00,894 DEBUG [org.jasig.cas.web.flow.AuthenticationViaFormAction] - <There are [0] errors, details: []>
2006-07-04 09:19:00,894 DEBUG [org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Action 'org.jasig.cas.web.flow.AuthenticationViaFormAction' completed execution; result event is [Event at 1ccbefe source = org.jasig.cas.web.flow.AuthenticationViaFormAction at d0726d, id = 'success', stateId = [null], parameters = [null]]>
2006-07-04 09:19:00,894 DEBUG [org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Action 'org.jasig.cas.web.flow.AuthenticationViaFormAction' beginning execution>
2006-07-04 09:19:00,894 DEBUG [org.jasig.cas.CentralAuthenticationServiceImpl] - <Attempting to create TicketGrantingTicket for org.jasig.cas.authentication.principal.UsernamePasswordCredentials at 79a340[userName=usuarioldap2]>
2006-07-04 09:19:01,207 INFO [org.jasig.cas.authentication.AuthenticationManagerImpl] - <AuthenticationHandler: org.acegisecurity.adapters.cas3.CasAuthenticationHandler successfully authenticated the user.>
2006-07-04 09:19:01,207 DEBUG [org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver] - <Creating SimplePrincipal for [usuarioldap2]>
2006-07-04 09:19:01,207 DEBUG [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Added ticket [TGT-5-2y6VvZzptFO3CzY2ReXZ3ADKFlBexNKuRbg-50] to registry.>
2006-07-04 09:19:01,207 DEBUG [org.jasig.cas.web.util.SecureCookieGenerator] - <Removed cookie with name [CASPRIVACY]>
2006-07-04 09:19:01,207 DEBUG [org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Action 'org.jasig.cas.web.flow.AuthenticationViaFormAction' completed execution; result event is [Event at e11a87 source = org.jasig.cas.web.flow.AuthenticationViaFormAction at d0726d, id = 'success', stateId = [null], parameters = [null]]>
2006-07-04 09:19:01,207 DEBUG [org.jasig.cas.web.flow.SendTicketGrantingTicketAction] - <Action 'org.jasig.cas.web.flow.SendTicketGrantingTicketAction' beginning execution>
2006-07-04 09:19:01,207 DEBUG [org.jasig.cas.web.util.SecureCookieGenerator] - <Added cookie with name [CASTGC] and value [TGT-5-2y6VvZzptFO3CzY2ReXZ3ADKFlBexNKuRbg-50]>
2006-07-04 09:19:01,207 DEBUG [org.jasig.cas.web.flow.SendTicketGrantingTicketAction] - <Action 'org.jasig.cas.web.flow.SendTicketGrantingTicketAction' completed execution; result event is [Event at 94cbe2 source = org.jasig.cas.web.flow.SendTicketGrantingTicketAction at 1b7c63f, id = 'success', stateId = [null], parameters = [null]]>
2006-07-04 09:19:01,207 DEBUG [org.jasig.cas.web.flow.HasServiceCheckAction] - <Action 'org.jasig.cas.web.flow.HasServiceCheckAction' beginning execution>
2006-07-04 09:19:01,207 DEBUG [org.jasig.cas.web.flow.HasServiceCheckAction] - <Action 'org.jasig.cas.web.flow.HasServiceCheckAction' completed execution; result event is [Event at d593f7 source = org.jasig.cas.web.flow.HasServiceCheckAction at dd23cf, id = 'hasService', stateId = [null], parameters = [null]]>
2006-07-04 09:19:01,207 DEBUG [org.jasig.cas.web.flow.GenerateServiceTicketAction] - <Action 'org.jasig.cas.web.flow.GenerateServiceTicketAction' beginning execution>
2006-07-04 09:19:01,207 DEBUG [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Attempting to retrieve ticket [TGT-5-2y6VvZzptFO3CzY2ReXZ3ADKFlBexNKuRbg-50]>
2006-07-04 09:19:01,207 DEBUG [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Ticket [TGT-5-2y6VvZzptFO3CzY2ReXZ3ADKFlBexNKuRbg-50] found in registry.>
2006-07-04 09:19:01,207 DEBUG [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Added ticket [ST-4-fckOryQeHJUl0HmQ23L2H0FZ4cKQtBA0tqa-20] to registry.>
2006-07-04 09:19:01,207 INFO [org.jasig.cas.CentralAuthenticationServiceImpl] - <Granted service ticket [ST-4-fckOryQeHJUl0HmQ23L2H0FZ4cKQtBA0tqa-20] for service [https://Tomcat:9443/psegldap/j_acegi_cas_security_check] for user [usuarioldap2]>
2006-07-04 09:19:01,207 DEBUG [org.jasig.cas.web.flow.GenerateServiceTicketAction] - <Action 'org.jasig.cas.web.flow.GenerateServiceTicketAction' completed execution; result event is [Event at 1e5627c source = org.jasig.cas.web.flow.GenerateServiceTicketAction at e56328, id = 'success', stateId = [null], parameters = [null]]>
2006-07-04 09:19:01,207 DEBUG [org.jasig.cas.web.flow.WarnAction] - <Action 'org.jasig.cas.web.flow.WarnAction' beginning execution>
2006-07-04 09:19:01,207 DEBUG [org.jasig.cas.web.flow.WarnAction] - <Action 'org.jasig.cas.web.flow.WarnAction' completed execution; result event is [Event at a4daa3 source = org.jasig.cas.web.flow.WarnAction at f72e77, id = 'redirect', stateId = [null], parameters = [null]]>
2006-07-04 09:19:01,222 DEBUG [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Attempting to retrieve ticket [ST-4-fckOryQeHJUl0HmQ23L2H0FZ4cKQtBA0tqa-20]>
2006-07-04 09:19:01,222 DEBUG [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Ticket [ST-4-fckOryQeHJUl0HmQ23L2H0FZ4cKQtBA0tqa-20] found in registry.>
//THE APPLICATION SCREEN IS SHOWN
//I OPEN A NEW BROWSER AND ENTER THE APPLICATION URL AND A NEW CAS LOGIN SCREEN IS SHOWN AGAIN
2006-07-04 09:20:04,598 DEBUG [org.jasig.cas.web.flow.TicketGrantingTicketExistsAction] - <Action 'org.jasig.cas.web.flow.TicketGrantingTicketExistsAction' beginning execution>
2006-07-04 09:20:04,598 DEBUG [org.jasig.cas.web.flow.TicketGrantingTicketExistsAction] - <Action 'org.jasig.cas.web.flow.TicketGrantingTicketExistsAction' completed execution; result event is [Event at d98b00 source = org.jasig.cas.web.flow.TicketGrantingTicketExistsAction at 1ed7524, id = 'noTicketGrantingTicketExists', stateId = [null], parameters = [null]]>
2006-07-04 09:20:04,598 DEBUG [org.jasig.cas.web.flow.GatewayRequestCheckAction] - <Action 'org.jasig.cas.web.flow.GatewayRequestCheckAction' beginning execution>
2006-07-04 09:20:04,614 DEBUG [org.jasig.cas.web.flow.GatewayRequestCheckAction] - <Action 'org.jasig.cas.web.flow.GatewayRequestCheckAction' completed execution; result event is [Event at 34d46a source = org.jasig.cas.web.flow.GatewayRequestCheckAction at 6d23ea, id = 'authenticationRequired', stateId = [null], parameters = [null]]>
-------------------------------------------------------------------------------------------------------------------
Este correo electrónico y, en su caso, cualquier fichero anexo al mismo, contiene información de carácter confidencial exclusivamente dirigida a su destinatario o destinatarios. Queda prohibida su divulgación, copia o distribución a terceros sin la previa autorización escrita de Indra. En el caso de haber recibido este correo electrónico por error, se ruega notificar inmediatamente esta circunstancia mediante reenvío a la dirección electrónica del remitente. POR FAVOR, ANTES DE IMPRIMIR ESTE CORREO ELECTRÓNICO CONSIDERE SU APORTACIÓN A LA CONSERVACIÓN DEL MEDIO AMBIENTE POR LA REDUCCIÓN DE CONSUMO DE PAPEL.
The information in this e-mail and in any attachments is confidential and solely for the attention and use of the named addressee(s). You are hereby notified that any dissemination, distribution or copy of this communication is prohibited without the prior written consent of Indra. If you have received this communication in error, please, notify the sender by reply e-mail. PLEASE CONSIDER YOUR ENVIRONMENTAL RESPONSIBILITY BEFORE PRINTING THIS E-MAIL.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas/attachments/20060704/4b9d67d4/attachment.html
More information about the cas
mailing list