Can't Get CAS-Acegi to Work
Scott Battaglia
scott.battaglia at gmail.com
Wed Sep 12 15:03:59 EDT 2007
Clifford,
Unless I am reading your web.xml wrong it appears you are missing some of
the required Acegi filters. If you've downloaded CAS 3.1, take a look at
the web.xml and the securityContext.xml in the cas-server-webapp module.
We've used Acegi to secure the Services Management application.
-Scott
On 9/12/07, Clifford Bryant <CBryant at edgewater.com> wrote:
>
> Hello,
>
>
>
> I am trying to get CAS to work with Acegi. I have gotten CAS to work
> without Acegi. I followed the instructions in the Acegi under CAS 3.0. I
> have a simple "Hello World!" JSP page. When I navigate to the link, it goes
> right to the web page, without trying to log into CAS.
>
>
>
> Here is my web.xml.
>
>
>
> <?xml version="1.0" encoding="ISO-8859-1"?>
>
>
>
> <!DOCTYPE web-app
>
> PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
>
> "http://java.sun.com/dtd/web-app_2_3.dtd">
>
>
>
> <web-app>
>
>
>
> <!--
>
> - Location of the XML file that defines the root application
> context
>
> - Applied by ContextLoaderListener.
>
> -->
>
> <context-param>
>
> <param-name>contextConfigLocation</param-name>
>
> <param-value>
>
> /WEB-INF/applicationContext-new-tproj.xml
>
> </param-value>
>
> </context-param>
>
>
>
> <context-param>
>
> <param-name>edu.yale.its.tp.cas.proxyUrl</param-name>
>
> <param-value>http://localhost:8433/cas/proxy</param-value>
>
> </context-param>
>
>
>
> <context-param>
>
> <param-name>log4jConfigLocation</param-name>
>
> <param-value>/WEB-INF/classes/log4j.properties</param-value>
>
> </context-param>
>
>
>
> <context-param>
>
> <param-name>webAppRootKey</param-name>
>
> <param-value>tproj.root</param-value>
>
> </context-param>
>
>
>
> <filter>
>
> <filter-name>Acegi CAS Processing Filter</filter-name>
>
> <filter-class>org.acegisecurity.util.FilterToBeanProxy
> </filter-class>
>
> <init-param>
>
> <param-name>targetClass</param-name>
>
> <param-value>org.acegisecurity.ui.cas.CasProcessingFilter
> </param-value>
>
> </init-param>
>
> </filter>
>
>
>
> <filter-mapping>
>
> <filter-name>Acegi CAS Processing Filter</filter-name>
>
> <url-pattern>/*</url-pattern>
>
> </filter-mapping>
>
>
>
> <!--
>
> - Loads the root application context of this web app at startup.
>
> - The application context is then available via
>
> - WebApplicationContextUtils.getWebApplicationContext
> (servletContext).
>
> -->
>
> <listener>
>
> <listener-class>
> org.springframework.web.context.ContextLoaderListener</listener-class>
>
> </listener>
>
>
>
> <listener>
>
> <listener-class>
> org.springframework.web.util.Log4jConfigListener</listener-class>
>
> </listener>
>
>
>
> <!--
>
> The HttpSessionEventPublisher will publish
>
> HttpSessionCreatedEvent and HttpSessionDestroyedEvent
>
> to the WebApplicationContext
>
> -->
>
> <listener>
>
> <listener-class>
> org.acegisecurity.ui.session.HttpSessionEventPublisher</listener-class>
>
> </listener>
>
>
>
> <welcome-file-list>
>
> <welcome-file>index.jsp</welcome-file>
>
> </welcome-file-list>
>
>
>
> </web-app>
>
>
>
> Here is the application context file.
>
>
>
> <?xml version="1.0" encoding="UTF-8"?>
>
> <!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "
> http://www.springframework.org/dtd/spring-beans.dtd">
>
>
>
> <!--
>
> - A simple "base bones" Acegi Security configuration.
>
> -
>
> - The sample includes the "popular" features that people tend to use.
>
> - Specifically, form authentication, remember-me, and anonymous
> processing.
>
> - Other features aren't setup, as these can be added later by inserting
>
> - the relevant XML fragments as specified in the Reference Guide.
>
> -
>
> - To assist new users, the filters specified in the FilterChainProxy are
>
> - declared in the application context in the same order. Collaborators
>
> - required by those filters are placed at the end of the file.
>
> -
>
> - $Id: applicationContext-acegi-security.xml 1513 2006-05-29 13:32:12Z
> benalex $
>
> -->
>
>
>
> <beans>
>
>
>
> <bean id="serviceProperties" class="
> org.acegisecurity.ui.cas.ServiceProperties">
>
> <property name="service"><value>
> https://localhost:8443/tproj/j_acegi_cas_security_check</value></property>
>
> <property name="sendRenew"><value>false</value></property>
>
> </bean>
>
>
>
> <bean id="casProcessingFilter" class="
> org.acegisecurity.ui.cas.CasProcessingFilter">
>
> <property name="authenticationManager"><ref
> bean="authenticationManager"/></property>
>
> <property
> name="authenticationFailureUrl"><value>/casfailed.jsp</value></property>
>
> <property name="defaultTargetUrl"><value>/</value></property>
>
> <property
> name="filterProcessesUrl"><value>/j_acegi_cas_security_check</value></property>
>
> </bean>
>
>
>
> <bean id="exceptionTranslationFilter" class="
> org.acegisecurity.ui.ExceptionTranslationFilter">
>
> <property name="authenticationEntryPoint"><ref
> local="casProcessingFilterEntryPoint"/></property>
>
> </bean>
>
>
>
> <bean id="casProcessingFilterEntryPoint" class="
> org.acegisecurity.ui.cas.CasProcessingFilterEntryPoint">
>
> <property name="loginUrl"><value>https://localhost:8443/cas/login
> </value></property>
>
> <property name="serviceProperties"><ref
> bean="serviceProperties"/></property>
>
> </bean>
>
>
>
> <bean id="authenticationManager" class="
> org.acegisecurity.providers.ProviderManager">
>
> <property name="providers">
>
> <list>
>
> <ref bean="casAuthenticationProvider"/>
>
> </list>
>
> </property>
>
> </bean>
>
>
>
> <bean id="casAuthenticationProvider" class="
> org.acegisecurity.providers.cas.CasAuthenticationProvider">
>
> <property name="casAuthoritiesPopulator"><ref
> bean="casAuthoritiesPopulator"/></property>
>
> <property name="casProxyDecider"><ref
> bean="casProxyDecider"/></property>
>
> <property name="ticketValidator"><ref
> bean="casProxyTicketValidator"/></property>
>
> <property name="statelessTicketCache"><ref
> bean="statelessTicketCache"/></property>
>
> <property name="key"><value>changeit</value></property>
>
> </bean>
>
>
>
> <bean id="casProxyTicketValidator" class="
> org.acegisecurity.providers.cas.ticketvalidator.CasProxyTicketValidator">
>
> <property name="casValidate"><value>
> https://localhost:8443/cas/proxyValidate</value></property>
>
> <!-- property name="proxyCallbackUrl"><value>
> https://localhost:8443/tproj/casProxy/receptor</value></property -->
>
> <property name="serviceProperties"><ref
> bean="serviceProperties"/></property>
>
> <!-- <property
> name="trustStore"><value>/some/path/to/your/lib/security/cacerts</value></property>
> -->
>
> </bean>
>
>
>
> <bean id="cacheManager" class="
> org.springframework.cache.ehcache.EhCacheManagerFactoryBean">
>
> <property name="configLocation">
>
> <value>classpath:/ehcache-failsafe.xml</value>
>
> </property>
>
> </bean>
>
>
>
> <bean id="ticketCacheBackend" class="
> org.springframework.cache.ehcache.EhCacheFactoryBean">
>
> <property name="cacheManager">
>
> <ref local="cacheManager"/>
>
> </property>
>
> <property name="cacheName">
>
> <value>ticketCache</value>
>
> </property>
>
> </bean>
>
>
>
> <bean id="statelessTicketCache" class="
> org.acegisecurity.providers.cas.cache.EhCacheBasedTicketCache">
>
> <property name="cache"><ref
> local="ticketCacheBackend"/></property>
>
> </bean>
>
>
>
> <bean id="inMemoryDaoImpl" class="
> org.acegisecurity.userdetails.memory.InMemoryDaoImpl">
>
> <property name="userMap">
>
> <value>
>
> pass=pass,ROLE_SUPERVISOR
>
> </value>
>
> </property>
>
> </bean>
>
>
>
> <bean id="casAuthoritiesPopulator" class="
> org.acegisecurity.providers.cas.populator.DaoCasAuthoritiesPopulator">
>
> <property name="userDetailsService"><ref
> bean="inMemoryDaoImpl"/></property>
>
> </bean>
>
>
>
> <bean id="casProxyDecider" class="
> org.acegisecurity.providers.cas.proxy.RejectProxyTickets"/>
>
>
>
> </beans>
>
>
>
> Clifford Bryant, Senior Developer
>
> Edgewater Technology, Inc.
>
> -------------------------------------------------------------
>
> 20 Harvard Mill Square
>
> Wakefield, MA 01880
>
> Direct (: 781.213.9885
>
> Cell (: 617.417.6704
>
> Fax 6: 781.246.5903
>
> *: *cbryant*@edgewater.com <cbryant at edgewater.com>
>
> ü: www.edgewater.com
>
>
>
> This e-mail and any files transmitted with it are confidential and are intended solely for the use of the individual or entity to whom they are addressed. This communication may contain information that is protected from disclosure by applicable law. If you are not the intended recipient, or the employee or agent responsible for delivering this communication to the intended recipient, be advised that you have received this e-mail in error and any use, dissemination, forwarding, printing or copying of this e-mail is strictly prohibited. If you believe that you have received this e-mail in error, please immediately notify Edgewater Technology by telephone at (781) 246-3343 and delete the communication from all e-mail files.
>
>
> _______________________________________________
> Yale CAS mailing list
> cas at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas
>
>
--
-Scott Battaglia
LinkedIn: http://www.linkedin.com/in/scottbattaglia
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas/attachments/20070912/566679c2/attachment.html
More information about the cas
mailing list