How to get the username (netID)?

tedzo tedzo2003 at yahoo.com
Mon Apr 7 01:48:31 EDT 2008 

Ok, so I am looking at the SingleSignOutFilter and SingleSignOutHttpSessionListener and these are per webapp (i.e, defined in every webapp's web.xml). Also, the code indicates that the filter invalidates the session in the webapp where the user attempted to logout. So, I am not sure I understand how this can cause the same user's sessions in other webapps to also be destroyed. In short, how can this work?

I am guessing I don't understand how a HttpSessionListener works...

Thanks.

----- Original Message ----
From: tedzo <tedzo2003 at yahoo.com>
To: Yale CAS mailing list <cas at tp.its.yale.edu>
Sent: Sunday, April 6, 2008 9:53:37 PM
Subject: Re: How to get the username (netID)?

Scott,
Thank you for your response.

Actually, it turned out that I needed to include the other filters too (not just the authentication filter, unlike the Yale Client I was used to). After I included the ValidationFilter, it worked just fine.

I have now included the SingleZSignoutFilter and the SessionListener in order to get SingleSignout working and its not? I added the filter and listener to web.xml of 2 webapps. I invalidate the session and redirect to /cas/logout when the user chooses to logout in one of the webapps. The logout page displays. I assumed at this point that I would be logged out of the other webapp too. Thats not hapenning. What am I missing? (I admit, I haven't yet searched the archives for mails detailing similar problems...)

Thanks for your time.

Av.

----- Original Message ----
From: Scott Battaglia <scott.battaglia at gmail.com>
To: Yale CAS mailing list <cas at tp.its.yale.edu>
Sent: Sunday, April 6, 2008 6:27:01 PM
Subject: Re: How to get the username (netID)?

Hi,

What order are your filters in?  Our wiki page (which I think you were looking at) shows the order they should appear in.  If they're in that order, they should work.  At least we haven't noticed any problems so far :-)

-Scott

On Sat, Apr 5, 2008 at 2:01 PM, tedzo <tedzo2003 at yahoo.com> wrote:
Thank you Calcutta for your response.

After reading the document a bit more I too realized that I would need the HttpServletRequestWrapper. So, I added that. However I am hitting a weird NullPointerException when I try to get the RemoteUser- Apparantly, getUserPrincipal() is null within HttpServletRequestWrapperFilter.

I am not sure what the cause of that would be. Is there an issue with the SSL certificate or something? I was successfully using server 3.06 and Yale client 2.1.1 on this machine and I replaced both with newer versions (3.1.2 and 3.1.1 client). So, I assumed everything should just start working...

Exception Status Code : 500
Resource : /DXX/login.jsp
Error : org.apache.jasper.JasperException: An exception occurred processing JSP
page /login.jsp at line 85

82:     System.out.println("2222*****************");
83:         String ticket = request.getParameter("ticket");
84:     System.out.println("3333*****************");
85:         String user = request.getRemoteUser();
86:     System.out.println("4444*****************");
87:         int ec = -1;
88:


Stacktrace:
org.apache.jasper.servlet.JspServletWrapper.handleJspException(JspServletWrapper
.java:524)
org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:435)
org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:320)
org.apache.jasper.servlet.JspServlet.service(JspServlet.java:266)
javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
root cause: [java.lang.NullPointerException] :: null
org.jasig.cas.client.util.HttpServletRequestWrapperFilter$CasHttpServletRequestW
rapper.getRemoteUser(HttpServletRequestWrapperFilter.java:80)
org.apache.jsp.login_jsp._jspService(login_jsp.java:1098)
org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)
javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:393)

GET Query : rdir=%2FDXX%2Fmain.jsp%3Bjsessionid%3D10FA876D949F2C47D450E6055A2DB8
79%3Fticket%3DST-1-bL1W1fQcus4ak3PDc9wi&error=7&ticket=ST-2-c5icFZJZe0LMbAaOATNc


2008-04-05 10:42:38,428 DEBUG [http-8080-2] authentication.AuthenticationFilter:
81     - no ticket and no assertion found
2008-04-05 10:42:38,428 DEBUG [http-8080-2] util.CommonUtils :195     - serviceU
rl generated: http://ani.dxx.com:8080/DXX/login.jsp?rdir=%2FDXX%2FW
EB-INF%2Fapplication%2Ferror%2Fexception.jsp%3Frdir%3D%252FDXX%252Fmain.jsp%253B
jsessionid%253D10FA876D949F2C47D450E6055A2DB879%253Fticket%253DST-1-bL1W1fQcus4a

Thank you for your time.


----- Original Message ----
From: Oh Calcutta <ohcalcutta at gmail.com>
To: Yale CAS mailing list <cas at tp.its.yale.edu>


Sent: Friday, April 4, 2008 11:42:35 PM
Subject: Re: How to get the username (netID)?

    
- If you enable HttpServletRequestWrapper filter, then you can do asimple request.getRemoteUser() to get the NetId.
 

tedzo wrote:      Someprogress in my quest to use JA-SIG client 3.1.1 and eventually theSingleSignOutFilter...
I am trying to get a hold of the username (netId) but have been unableto. It seems that I should be able to get to it usingsession.getAttribute("_const_cas_assertion_") from my jsp. But thatdoesn't seem to work.
  
What am I missing?
  
Thanks.
  
  
  -----Original Message ----
From: tedzo <tedzo2003 at yahoo.com>
To: Yale CAS mailing list <cas at tp.its.yale.edu>
Sent: Friday, April 4, 2008 10:48:29 PM
Subject: Re: Which version of cas to use for SingleSignOut feature?
  
    Ok,I found 
  http://www.ja-sig.org/wiki/display/CASC/Configuring+the+JA-SIG+CAS+Client+for+Java+in+the+web.xml
  
That document describes 6 different filters (AuthenticationFilter,HttpServletRequestWrapper and so on). I am not sure if I need toconfigure all the filters or can I get away with just theAuthenticationFilter? In the Yale version I configured just the onefilter (CASFilter) for authentication.
  
Any pointers?
  
Thanks.
  
  -----Original Message ----
From: tedzo <tedzo2003 at yahoo.com>
To: Yale CAS mailing list <cas at tp.its.yale.edu>
Sent: Friday, April 4, 2008 10:22:55 PM
Subject: Re: Which version of cas to use for SingleSignOut feature?
  
    Thatwill be a problem :( I guess I will have to move to the newer versions.
  
Is using JA-SIG Java client similar to using the Yale Client? I waslooking for a tutorial of some sort that explains configuring/using theJA-SIG Java Client and didn't find any. This doesn't seem to work http://www.ja-sig.org/products/cas/client/client-java/index.html.
  
I am seeing references to cas-client.properites etc and I am not surehow to proceed.
For the Yale Java client, I just added the filter info in web.xml and Iwas off and running....
  
Your help is appreciated.
  
Thanks.
  
  -----Original Message ----
From: Adam Rybicki <arybicki at unicon.net>
To: Yale CAS mailing list <cas at tp.its.yale.edu>
Sent: Friday, April 4, 2008 4:38:01 PM
Subject: Re: Which version of cas to use for SingleSignOut feature?
  
  Hi,
  
The versions you are using do not support SSOut.  You need CAS Server3.1.1 or 3.1.2 if you must use a "release" version or 3.2.1-RC1 if youare OK with using a "release candidate" version.
  
Yale CAS client does not support SSOut, but perhaps someone willcontribute it.  The JA-SIG CAS Client version 3.1.1 supports SSOut, andthat's the latest version available.
  
The earliest versions that should correctly support SSOut are 3.1.1 forCAS Server and 3.1 for JA-SIG CAS Client.
  
Adam
  
tedzo wrote:          Helloall,
I am trying to find out which versions of cas server and cas javaclient I need to use in order to be able to use the SingleSignOutfeature. I currently have cas server 3.0.6 and Yale client 2.1.1. 
    
- Does it matter which version of client I use?
- What are the earliest versions that support the said feature?
    
Thanks.
    
    
    
    You rock. That's why Blockbuster's offering you one
month of Blockbuster Total Access, No Cost.    
_______________________________________________
Yale CAS mailing list
cas at tp.its.yale.edu
http://tp.its.yale.edu/mailman/listinfo/cas

      
  
  
  
  
  You rock. That's why Blockbuster's offering you one
month of Blockbuster Total Access, No Cost.
  
  
  
  
  You rock. That's why Blockbuster's offering you one
month of Blockbuster Total Access, No Cost.
  
  
  
  
  You rock. That's why Blockbuster's offering you one
month of Blockbuster Total Access, No Cost.  
_______________________________________________
Yale CAS mailing list
cas at tp.its.yale.edu
http://tp.its.yale.edu/mailman/listinfo/cas

  








      You rock. That's why Blockbuster's offering you one month of Blockbuster Total Access, No Cost.



_______________________________________________
Yale CAS mailing list
cas at tp.its.yale.edu
http://tp.its.yale.edu/mailman/listinfo/cas





-- 
-Scott Battaglia
PGP Public Key Id: 0x383733AA
LinkedIn: http://www.linkedin.com/in/scottbattaglia




      You rock. That's why Blockbuster's offering you one month of Blockbuster Total Access, No Cost.





      ____________________________________________________________________________________
You rock. That's why Blockbuster's offering you one month of Blockbuster Total Access, No Cost.  
http://tc.deals.yahoo.com/tc/blockbuster/text5.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas/attachments/20080406/93935fdd/attachment-0001.html

More information about the cas mailing list