CAS Java Client 3.0.0 Install ERROR Report
Scott Battaglia
scott.battaglia at gmail.com
Wed May 9 15:36:05 EDT 2007
Most servers enforce SSL at the server level (i.e. Apache rewrite rules,
etc.).
Neither the CAS client from Yale or JA-SIG require SSL (whether your
application needs SSL is a local decision) and will respond accordingly to
both http and https. That's why the CAS clients try to best "guess" whether
you need http or https.
If you need to specify SSL, you can specify the complete service url.
Also, if you submit a JIRA issue I can try and add a feature such that the
CAS client accepts either (a) service url, (b) host and port, or (c)
protocol + host + port. We can attempt to get that in for the 3.1 release.
Thanks
-Scott
On 5/9/07, Uday Kari <ukari at pdc.org> wrote:
>
> Thanks. Yes, I figured that. I am no expert in SSL, but I believe that
> is indeed expected application behavior from a common sense user
> perspective. For instance, go to www.bankofamerica.com or fidelity.comthey immediately morph from http to https (everything, including unsecured
> portions of the website is then served up over SSL). Unclear if this
> should be done enforced by the client…(that is for you to judge)…but the
> "other" CAS client…"Yale?" (*casclient-2.1.1.jar* ) certainly seems to
> work that way.
>
>
> ------------------------------
>
> *From:* cas-bounces at tp.its.yale.edu [mailto:cas-bounces at tp.its.yale.edu] *On
> Behalf Of *Scott Battaglia
> *Sent:* Wednesday, May 09, 2007 1:59 AM
> *To:* Yale CAS mailing list
> *Subject:* Re: CAS Java Client 3.0.0 Install ERROR Report
>
>
>
> The CAS clients (both the 2.x and the 3.x version) obtain the http or
> https prefix from the url provided when attempting to access a page. So if
> you want your application access securely you have two options:
>
> 1. provide an exact service url that is https
> 2. always access your application over https
>
> In your case you accessed the page via http and when the client
> constructed the service url it grabbed "http".
>
> -Scott
>
>
> On 5/8/07, *Uday Kari* <ukari at pdc.org> wrote:
>
> OK, got past all the below, but still no cigar. I'll to explain.
>
> Basically, after SSO login, the returned URL has http instead of https
> in it.
>
> Is this a documentation doo-dah? Here is my cas-client.properties file:
> cas.server.gateway=false
> cas.server.renew=false
> cas.server.url=https://cas-server:8443/cas/
> cas.server.proxyCallbackUrl=https://cas-server:8443/manager/proxy/Recept
> or
> cas.client.serverName=client-host:8443
> cas.client.proxyCallbackUrl=https://client-host:8443/test/casProxyRecept
> or
>
> Everything else is as below. Specifically, web.xml and
> securityConfiguration.xml same as instructions in the URL, but for the
> mods below.
>
>
> Reproduce steps:
> 1. Try http://client-host:8080/test/protected/hw.jsp
> 2. Go to login page.
> 3. Login as userid=password
> 4. returned to http://client-host:8443/test/protected/hw.jsp?ticket...
>
> PLEASE NOTE THAT https is missing and adding that "s" to the url above
> makes it work.
>
> What gives? My brain is fried...any help appreciated...
>
>
>
>
> -----Original Message-----
> From: cas-bounces at tp.its.yale.edu [mailto: cas-bounces at tp.its.yale.edu]
> On Behalf Of Uday Kari
> Sent: Tuesday, May 08, 2007 4:34 PM
> To: Yale CAS mailing list
> Subject: RE: CAS Java Client 3.0.0 Install ERROR Report
>
> 1. Contents of securityConfiguration.xml identical to
> http://www.ja-sig.org/products/cas/client/client-java/index.html
>
> 2. Seems like version mismatch between the illustrative XML in the
> example and the version in CAS Java Client 3.0.0 for the following
> class:
> org.jasig.cas.client.validation.Cas20ProxyTicketValidator
>
> Specifically, example on above URL has six (6) number of constructor
> args in the securityConfiguration.xml and the actual code accepts either
> five (5) or eight (8). Ugh! Sloppy, sloppy...I guess that URL needs to
> be updated)...
>
> XML Sample
> -----------
>
> <bean id="ticketValidator"
> class="org.jasig.cas.client.validation.Cas20ProxyTicketValidator">
> <constructor-arg index="0" value="${cas.server.url}"/>
> <constructor-arg index="1" value="${ cas.server.renew}"/>
> <constructor-arg index="2" ref="httpClient"/>
> <!--
>
> ////////////////////////////////////////////////////////
> // Looks like we need to comment this bad boy out
> //
>
> <constructor-arg index="3">
> <bean class="org.jasig.cas.authentication.principal.SimpleService">
> <constructor-arg value="${cas.client.proxyCallbackUrl }"/>
> </bean>
> </constructor-arg>
>
>
> ////////////////////////////////////////////////////////
> // And change the following to 3, 4 respectively
> //
> -->
>
> <constructor-arg index="3"><list></list></constructor-arg>
> <constructor-arg index="4" value="true"/>
> </bean>
>
>
> Code within CAS Java Client 3.0.0
> -----------------------------------
> public Cas20ProxyTicketValidator(final String casServerUrl,
> final boolean renew,
> final HttpClient httpClient,
> List proxyChains,
> boolean acceptAnyProxy)
>
> public Cas20ProxyTicketValidator(final String casServerUrl,
> final boolean renew,
> final HttpClient httpClient,
> final Service proxyCallbackUrl,
> List proxyChains,
> boolean acceptAnyProxy,
> final ProxyGrantingTicketStorage
> proxyGrantingTicketStorage,
> final ProxyRetriever proxyRetriever)
>
>
>
> -----Original Message-----
> From: cas-bounces at tp.its.yale.edu [mailto: cas-bounces at tp.its.yale.edu]
> On Behalf Of Uday Kari
> Sent: Tuesday, May 08, 2007 3:52 PM
> To: Yale CAS mailing list
> Subject: CAS Java Client 3.0.0 Install ERROR Report
>
> Please note the error below:
>
> Exception sending context initialized event to listener instance of
> class org.springframework.web.context.ContextLoaderListener
>
> org.springframework.beans.factory.BeanCreationException:
> Error creating bean with name 'ticketValidator' defined in
> ServletContext resource [/WEB-INF/securityConfiguration.xml]: 6
> constructor arguments specified but no matching constructor found in
> bean 'ticketValidator'
> (hint: specify index and/or type arguments for simple parameters to
> avoid type ambiguities)...
>
> SORRY: WHAT DID I MISS? SIMPLE DETAILED REPROCUTION BELOW
>
>
> 1. Download apache-tomcat-5.5.23.exe
> Install as Windows Service on XP machine.
> 2. Create a new "test" context with the following directory structure
> under webapps using instructions for contents under WEB-INF
> from "JA-SIG CAS Client for Java"; URL:
> http://www.ja-sig.org/products/cas/client/client-java/index.html
>
> (the hw.jsp just says out.print("Hello World")...
> but this is irrelevant)
>
>
>
> test
> |
> |__ hw.jsp
> |
> |__ protected
> | |
> | |__ hw.jsp
> |
> |__ WEB-INF
> |
> |__ cas-client.properties
> |
> |__ securityConfiguration.xml
> |
> |__ web.xml
> |
> |__ lib
> |
> |__ (drop all jars from
> cas-client-java-3.0.0.zip...RIGHT?)
>
>
> 3. Stop Tomcat, Clean Logs, Start Tomcat
> 4. This is what I see in localhost.2007-05-08.log
> (all other log files are size zero):
>
> May 8, 2007 3:41:18 PM org.apache.catalina.core.ApplicationContext log
> INFO: org.apache.webapp.balancer.BalancerFilter: init(): ruleChain:
> [org.apache.webapp.balancer.RuleChain :
> [org.apache.webapp.balancer.rules.URLStringMatchRule:
> Target string: News / Redirect URL: http://www.cnn.com],
> [org.apache.webapp.balancer.rules.RequestParameterRule: Target param
> name: paramName / Target param value: paramValue / Redirect URL:
> http://www.yahoo.com],
> [org.apache.webapp.balancer.rules.AcceptEverythingRule: Redirect URL:
> http://jakarta.apache.org] <http://jakarta.apache.org%5d>]
> May 8, 2007 3:41:19 PM org.apache.catalina.core.ApplicationContext log
> INFO: ContextListener: contextInitialized()
> May 8, 2007 3:41:19 PM org.apache.catalina.core.ApplicationContext log
> INFO: SessionListener: contextInitialized()
> May 8, 2007 3:41:19 PM org.apache.catalina.core.ApplicationContext log
> INFO: ContextListener: contextInitialized()
> May 8, 2007 3:41:19 PM org.apache.catalina.core.ApplicationContext log
> INFO: SessionListener: contextInitialized()
> May 8, 2007 3:41:20 PM org.apache.catalina.core.ApplicationContext log
> INFO: Loading Spring root WebApplicationContext
> May 8, 2007 3:41:21 PM
> org.apache.catalina.core.StandardContextlistenerStart
> SEVERE: Exception sending context initialized event to listener instance
> of class org.springframework.web.context.ContextLoaderListener
> org.springframework.beans.factory.BeanCreationException: Error creating
> bean with name 'ticketValidator' defined in ServletContext resource
> [/WEB-INF/securityConfiguration.xml]: 6 constructor arguments specified
> but no matching constructor found in bean 'ticketValidator' (hint:
> specify index and/or type arguments for simple parameters to avoid type
> ambiguities)
> at
> org.springframework.beans.factory.support.ConstructorResolver.autowireCo
> nstructor(ConstructorResolver.java:117)
> at
> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFac
> tory.autowireConstructor(AbstractAutowireCapableBeanFactory.java:683)
> at
> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFac
> tory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:621)
> at
> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFac
> tory.createBean(AbstractAutowireCapableBeanFactory.java :380)
> at
> org.springframework.beans.factory.support.AbstractBeanFactory$1.getObjec
> t(AbstractBeanFactory.java:245)
> at
> org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.g
> etSingleton(DefaultSingletonBeanRegistry.java:141)
> at
> org.springframework.beans.factory.support.AbstractBeanFactory.getBean(Ab
> stractBeanFactory.java:242)
> at
> org.springframework.beans.factory.support.AbstractBeanFactory.getBean (Ab
> stractBeanFactory.java:156)
> at
> org.springframework.beans.factory.support.DefaultListableBeanFactory.pre
> InstantiateSingletons(DefaultListableBeanFactory.java:290)
> at
> org.springframework.context.support.AbstractApplicationContext.refresh (A
> bstractApplicationContext.java:348)
> at
> org.springframework.web.context.support.AbstractRefreshableWebApplicatio
> nContext.refresh(AbstractRefreshableWebApplicationContext.java:156)
> at
> org.springframework.web.context.ContextLoader.createWebApplicationContex
> t(ContextLoader.java:246)
> at
> org.springframework.web.context.ContextLoader.initWebApplicationContext(
> ContextLoader.java:184)
> at
> org.springframework.web.context.ContextLoaderListener.contextInitialized
> (ContextLoaderListener.java:49)
> at
> org.apache.catalina.core.StandardContext.listenerStart(StandardContext.j
> ava:3764)
> at
> org.apache.catalina.core.StandardContext.start(StandardContext.java :4216
> )
> at
> org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.ja
> va:760)
> at
> org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:740)
> at
> org.apache.catalina.core.StandardHost.addChild (StandardHost.java:544)
> at
> org.apache.catalina.startup.HostConfig.deployDirectory(HostConfig.java:9
> 20)
> at
> org.apache.catalina.startup.HostConfig.deployDirectories(HostConfig.java
> :883)
> at
> org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:492)
> at
> org.apache.catalina.startup.HostConfig.start(HostConfig.java:1138)
> at
> org.apache.catalina.startup.HostConfig.lifecycleEvent (HostConfig.java:31
> 1)
> at
> org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSu
> pport.java:120)
> at
> org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1022)
> at
> org.apache.catalina.core.StandardHost.start(StandardHost.java:736)
> at
> org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1014)
> at
> org.apache.catalina.core.StandardEngine.start (StandardEngine.java:443)
> at
> org.apache.catalina.core.StandardService.start(StandardService.java:448)
> at
> org.apache.catalina.core.StandardServer.start(StandardServer.java:700)
> at org.apache.catalina.startup.Catalina.start (Catalina.java:552)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.jav
> a:39)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke (DelegatingMethodAccessor
> Impl.java:25)
> at java.lang.reflect.Method.invoke(Method.java:585)
> at
> org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:295)
> at
> org.apache.catalina.startup.Bootstrap.main (Bootstrap.java:433)
> May 8, 2007 3:41:21 PM org.apache.catalina.core.ApplicationContext log
> INFO: Closing Spring root WebApplicationContext
>
>
> (END OF ERROR REPORT)
>
>
>
>
>
> _______________________________________________
> Yale CAS mailing list
> cas at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas
> _______________________________________________
> Yale CAS mailing list
> cas at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas
> _______________________________________________
> Yale CAS mailing list
> cas at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas
>
>
>
>
> --
> -Scott Battaglia
>
> LinkedIn: http://www.linkedin.com/in/scottbattaglia
>
> _______________________________________________
> Yale CAS mailing list
> cas at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas
>
>
--
-Scott Battaglia
LinkedIn: http://www.linkedin.com/in/scottbattaglia
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas/attachments/20070509/c4e7783a/attachment.html
More information about the cas
mailing list