Jump over login screen

Jan Dajč jan.dajc.fei at vsb.cz
Mon Nov 6 02:54:07 EST 2006 

I was tryingto use org.jasig.cas.web.flow.AuthenticationViaFormAction. I
defined the section in cas-servlet.xml:

 

<bean

            id="authenticationViaFormAction"

            parent="abstractCasLoginAction"

            class="org.jasig.cas.web.flow.AuthenticationViaFormAction" >

            <property

              name="centralAuthenticationService"

              ref="centralAuthenticationService" />

          <property

              name="credentialsBinder">

              <bean 

 
class="org.jasig.cas.authentication.principal.UsernameRolesCredentialsBinder
"/>

          </property>

          <property

              name="formObjectClass"

 
value="org.jasig.cas.authentication.principal.UsernamePasswordRolesCredentia
ls" />

    </bean>

 

But when I am authenticated by webSphere and then i go to cas login page, I
must click the submit buton. And I don't want that.

 

Jan

 

 

  _____  

From: cas-bounces at tp.its.yale.edu [mailto:cas-bounces at tp.its.yale.edu] On
Behalf Of Scott Battaglia
Sent: Saturday, November 04, 2006 5:22 PM
To: Yale CAS mailing list
Subject: Re: Jump over login screen

 

You probably want the:

org.jasig.cas.web.flow.AuthenticationViaFormAction


-Scott

 

On 11/3/06, Jan Dajč <jan.dajc.fei at vsb.cz> wrote:

I have now another problem. When i define loginFormAction section in
cas-servlet.xml and then i am starting Tomcat, it says, that class
loginFormAction
 wasn not found. I searched for that class in my cas server sources and i
can't find it. Is there another class in cas 3.0.5?

 

 

  _____  

From: cas-bounces at tp.its.yale.edu [mailto:
<mailto:cas-bounces at tp.its.yale.edu>  cas-bounces at tp.its.yale.edu] On Behalf
Of Scott Battaglia
Sent: Friday, November 03, 2006 1:37 PM
To: Yale CAS mailing list
Subject: Re: Jump over login screen

 

Yes,

Its possible to jump over the login screen.  If the WebSphere secure zone
sets the remote user name then you can use that method. However, the code
and directions on the web site you mention do not reflect the code base. 

The actual login is non-interactive if the remote user is set.

-Scott

On 11/3/06, Jan Dajč <jan.dajc.fei at vsb.cz  <mailto:jan.dajc.fei at vsb.cz> >
wrote:

Hi all,

I want to do this. My CAS is inside secured zone at WebSphere and if I log
in, I want CAS only get information from principal, and send it back to the
service which wanted cas authentication. So it means, that no login form is
shown, because I have already authenticated the user from WebSphere.

I have cas 3.0.5, my own credentials and credentials binder. I found page:
http://www.ja-sig.org/wiki/display/CAS/Using+the+REMOTE_USER
<http://www.ja-sig.org/wiki/display/CAS/Using+the+REMOTE_USER> where
something like I want is described, but you must click at submit button,
even if no username and password is needed.

 

So can I jump over the login screen?


_______________________________________________
Yale CAS mailing list
cas at tp.its.yale.edu
http://tp.its.yale.edu/mailman/listinfo/cas

 


_______________________________________________
Yale CAS mailing list
cas at tp.its.yale.edu
http://tp.its.yale.edu/mailman/listinfo/cas



 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas/attachments/20061106/4145c2b5/attachment.html

More information about the cas mailing list