CAS JASIG filter not working for me.
Scott Battaglia
scott.battaglia at gmail.com
Thu Sep 13 15:09:36 EDT 2007
Tom,
>From a cursory glance everything looked okay. Can you do one of two things:
1. Either set up a filter that throws an exception (or have your app do it)
so you can look at the stack trace
2. Use a tool such as Eclipse debugger and set a break point and examine the
execution stack.
That should let you know if the actual filters are being executed.
-Scott
On 9/13/07, Healey, Thomas <HealeyT at darden.virginia.edu> wrote:
>
> All,
>
> I have performed the following steps in order to get the CAS Filter to
> work on my Tapestry App.
>
> 1) I downloaded and installed the CAS Java filter and followed the steps
> from
>
> http://www.ja-sig.org/products/cas/client/javaclient/index.html
>
> 2) redeployed the app with the new web.xml
>
> 3) Attempted to go to my login page and my login page still comes up. I
> thought installing the CAS Filter and properly configuring it would cause my
> app to redirect to
>
> the CAS Login page.
>
> 4) Much grinding and gnashing. Just for the record I do have my rails app
> running using the ruby version of a CAS Filter and thats what it does.
>
> 5) My config params look like this.
>
> **************************************************
>
>
>
> <filter>
>
> <filter-name>CASFilter</filter-name>
>
> <filter-class>edu.yale.its.tp.cas.client.filter.CASFilter
> </filter-class>
>
> <init-param>
>
> <param-name>edu.yale.its.tp.cas.client.filter.loginUrl
> </param-name>
>
> <param-value>https://<myservername>:8443/cas/login</param-value>
>
> </init-param>
>
> <init-param>
>
> <param-name>edu.yale.its.tp.cas.client.filter.validateUrl
> </param-name>
>
>
> <param-value>https://<myservername>:8443/cas/proxyValidate</param-value>
>
> </init-param>
>
> <init-param>
>
> <param-name>edu.yale.its.tp.cas.client.filter.proxyCallbackUrl
> </param-name>
>
>
> <param-value>https://<myservername>:3001/cas_proxy_callback/receive_pgt</param-value>
>
> </init-param>
>
> <init-param>
>
> <param-name>edu.yale.its.tp.cas.client.filter.authorizedProxy
> </param-name>
>
>
> <param-value>https://<myservername>:3001/cas_proxy_callback</param-value>
>
> </init-param>
>
>
>
>
>
> <init-param>
>
> <param-name>edu.yale.its.tp.cas.client.filter.serviceUrl
> </param-name>
>
>
> <param-value>http://<myservername>:8100/career-student</param-value>
>
> </init-param>
>
>
>
>
>
> <init-param>
>
> <param-name>edu.yale.its.tp.cas.client.filter.wrapRequest
> </param-name>
>
> <param-value>true</param-value>
>
> </init-param>
>
>
>
> </filter>
>
>
>
>
>
> <filter-mapping>
>
> <filter-name>CASFilter</filter-name>
>
> <url-pattern>/*</url-pattern>
>
> </filter-mapping>
>
> **************************************************
>
>
>
> 6) I then tried the JASIG java client following the directions from here:
>
>
>
> http://www.ja-sig.org/products/cas/client/client-java/index.html
>
>
>
> The webxml looks like this:
>
> **************************************************
>
>
>
> <context-param>
>
> <param-name>contextConfigLocation</param-name>
>
> <param-value>
>
> /WEB-INF/securityConfiguration.xml
>
> </param-value>
>
> </context-param>
>
>
>
> <filter>
>
> <filter-name>CAS Authentication Filter</filter-name>
>
> <filter-class>org.springframework.web.filter.DelegatingFilterProxy
> </filter-class>
>
> <init-param>
>
> <param-name>targetBeanName</param-name>
>
> <param-value>casAuthenticationFilter</param-value>
>
> </init-param>
>
> </filter>
>
>
>
> <filter>
>
> <filter-name>CAS Validation Filter</filter-name>
>
> <filter-class>org.springframework.web.filter.DelegatingFilterProxy
> </filter-class>
>
> <init-param>
>
> <param-name>targetBeanName</param-name>
>
> <param-value>casValidationFilter</param-value>
>
> </init-param>
>
> </filter>
>
>
>
> <filter-mapping>
>
> <filter-name>CAS Authentication Filter</filter-name>
>
> <url-pattern>/*</url-pattern>
>
> </filter-mapping>
>
>
>
> <filter-mapping>
>
> <filter-name>CAS Validation Filter</filter-name>
>
> <url-pattern>/*</url-pattern>
>
> </filter-mapping>
>
>
>
> <listener>
>
> <listener-class>org.springframework.
> web.context.ContextLoaderListener</listener-class>
>
> </listener>
>
> <filter>
>
> <filter-name>CAS HttpServletRequestWrapperFilter</filter-name>
>
> <filter-class>org.springframework.web.filter.DelegatingFilterProxy
> </filter-class>
>
> <init-param>
>
> <param-name>targetBeanName</param-name>
>
> <param-value>casHttpServletRequestWrapperFilter</param-value>
>
> </init-param>
>
> </filter>
>
>
>
> <filter-mapping>
>
> <filter-name>CAS HttpServletRequestWrapperFilter</filter-name>
>
> <url-pattern>/*</url-pattern>
>
> </filter-mapping>
>
>
>
> **************************************************
>
>
>
> and the securityConfiguration.xml looks lik:
>
>
>
> **************************************************
>
> <?xml version="1.0" encoding="UTF-8"?>
>
> <beans xmlns="http://www.springframework.org/schema/beans"
>
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
>
> xsi:schemaLocation="http://www.springframework.org/schema/beans
> http://www.springframework.org/schema/beans/spring-beans.xsd">
>
>
>
> <bean id="propertyPlaceholderConfigurer" class="
> org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
>
> <property name="location" value="/WEB-INF/cas-client.properties"/>
>
> </bean>
>
>
>
> <bean id="authorizedDecider" class="
> org.jasig.cas.client.authorization.DefaultAuthorizedDeciderImpl">
>
> <constructor-arg index="0">
>
> <list>
>
> <value>scott</value>
>
> <value>velpi</value>
>
> <value>apetro</value>
>
> </list>
>
> </constructor-arg>
>
> </bean>
>
>
>
> <bean id="httpClient" class="org.jasig.cas.util.HttpClient3FactoryBean
> "/>
>
>
>
> <bean id="proxyRetriever" class="
> org.jasig.cas.client.proxy.Cas20ProxyRetriever">
>
> <constructor-arg index="0" value="${cas.server.url}"/>
>
> <constructor-arg index="1" ref="httpClient"/>
>
> </bean>
>
>
>
> <bean id="proxyGrantingTicketStorage" class="
> org.jasig.cas.client.proxy.ProxyGrantingTicketStorageImpl"/>
>
>
>
> <bean id="ticketValidator" class="
> org.jasig.cas.client.validation.Cas20ProxyTicketValidator">
>
> <constructor-arg index="0" value="${cas.server.url}"/>
>
> <constructor-arg index="1" value="${cas.server.renew}"/>
>
> <constructor-arg index="2" ref="httpClient"/>
>
> <constructor-arg index="3"><list></list></constructor-arg>
>
> <constructor-arg index="4" value="true"/>
>
> </bean>
>
>
>
> <bean id="casHttpServletRequestWrapperFilter" class="
> org.jasig.cas.client.web.filter.HttpServletRequestWrapperFilter"/>
>
>
>
> <bean id="casValidationFilter" class="org.jasig.cas.client.
> web.filter.TicketValidationFilter">
>
> <constructor-arg index="0" value="${cas.client.serverName}"/>
>
> <constructor-arg index="1"><null/></constructor-arg>
>
> <constructor-arg index="2" ref="ticketValidator"/>
>
> </bean>
>
>
>
> <bean id="casAuthenticationFilter" class="org.jasig.cas.client.
> web.filter.AuthenticationFilter">
>
> <constructor-arg index="0" value="${cas.client.serverName}"/>
>
> <constructor-arg index="1"><null/></constructor-arg>
>
> <constructor-arg index="2" value="${cas.server.url}login"/>
>
> <constructor-arg index="3" value="${cas.server.renew}"/>
>
> <constructor-arg index="4" value="${cas.server.gateway}"/>
>
> </bean>
>
>
>
> <bean id="casAuthorizationFilter" class="org.jasig.cas.client.
> web.filter.AuthorizationFilter">
>
> <constructor-arg index="0" ref="authorizedDecider" />
>
> </bean>
>
> </beans>
>
> **************************************************
>
>
>
> and the cas-client.properties looks like:
>
>
>
> **************************************************
>
> cas.server.gateway=false
>
> cas.server.renew=false
>
> cas.server.url=https://<myservername>:8443/cas/
>
> cas.server.proxyCallbackUrl=https://<myservername>:3001/cas_proxy_callback
>
> cas.client.serverName=<myservername>:8100
>
> cas.client.proxyCallbackUrl=https://<myservername>:3001/cas_proxy_callback
>
> **************************************************
>
>
>
>
>
> 7) I tried to go to the home page of my client app and it still shows up
> instead of redirecting to the cas server.
>
> 8) I have don't nothing to the app at this point to get the username from
> the request. I was just seeing if the filter would work.
>
> Am I missing something?
>
>
>
> Sorry about the looooong message but I didn't know how else to show the
> config.
>
>
>
> Thanks in advance,
>
> Tom
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> _______________________________________________
> Yale CAS mailing list
> cas at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas
>
>
--
-Scott Battaglia
LinkedIn: http://www.linkedin.com/in/scottbattaglia
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas/attachments/20070913/f50f1893/attachment.html
More information about the cas
mailing list