Query: Java CAS client

Smita Raut smita.raut at patni.com
Thu Jan 15 05:09:24 EST 2009 

Thanks for your help.

 

Can you elaborate more on this.

 

I will give you some more explanation about my implementation.

 

When I started using cas on http, cas client used to throw an exception- 'It
works only with https' but then I found a workaround to this problem and I
commented few lines in SecureURL.java present in util of cas client.
Following are the lines I commented:

 

            if (!u.getProtocol().equals("https"))

                throw new IOException("only 'https' URLs are valid for this
method");

 

After this workaround, it started working fine. 

 

Please find attached file 'CASFIlter.java'. If you check method called
'doFilter', it first checks for user attribute in session and returns on
finding it. So I am not getting where SSL is coming into picture. Please
tell me if I am missing something.

 

Thanks,

Smita

 

 

  _____  

From: Thanh-Long HUYNH [mailto:thanhlong.huynh at gmail.com] 
Sent: Thursday, January 15, 2009 3:26 PM
To: smita.raut at patni.com
Cc: Yale CAS mailing list
Subject: Re: Query: Java CAS client

 

That's the problem, cas need to be requested through HTTPS to have SSO
activated.
I have had the same problem with you when i have started configuring cas.

Good luck.




2009/1/15 Smita Raut <smita.raut at patni.com>

 I am not using SSL or HTTPS. I am using HTTP.

 

  _____  

From: Thanh-Long HUYNH [mailto:thanhlong.huynh at gmail.com] 
Sent: Thursday, January 15, 2009 3:21 PM
To: smita.raut at patni.com; Yale CAS mailing list
Subject: Re: Query: Java CAS client

 

Do you request CAS through HTTPS or SSL ?

2009/1/15 Smita Raut <smita.raut at patni.com>

Hello,

 

I have installed CAS server and I am using Java CAS client library to access
CAS server from my Java web application. I have configured web.xm to apply
CAS filter to all the requests coming to my web application.

This whole set up works fine. It redirects the user to CAS login page for
the first time and after successful authentication it redirects it to the
service URL (page from my web application).

But according to my knowledge, on the second request from the same browser,
CAS client should see that ticket is present and should send a request to
CAS server to validate the ticket using validate URL provided. But it
doesn't. 

I opened up CAFiler.java file and saw the implementation. It seems client
first checks if session contains an attribute-
"edu.yale.its.tp.cas.client.filter.user". If this attribute is present it
stops and returns. It doesn't send the ticket for validation.

 

Please tell me if I am missing something or this is the right behavior.
Please revert back asap.

 

Thanks,

Smita Raut

 

_____________________________________________________________________ 

This e-mail message may contain proprietary, confidential or legally
privileged information for the sole use of the person or entity to whom this
message was originally addressed. Any review, e-transmission dissemination
or other use of or taking of any action in reliance upon this information by
persons or entities other than the intended recipient is prohibited. If you
have received this e-mail in error kindly delete this e-mail from your
records. If it appears that this mail has been forwarded to you without
proper authority, please notify us immediately at netadmin at patni.com and
delete this mail. 
_____________________________________________________________________ 


_______________________________________________
Yale CAS mailing list
cas at tp.its.yale.edu
http://tp.its.yale.edu/mailman/listinfo/cas

 

_____________________________________________________________________ 

This e-mail message may contain proprietary, confidential or legally
privileged information for the sole use of the person or entity to whom this
message was originally addressed. Any review, e-transmission dissemination
or other use of or taking of any action in reliance upon this information by
persons or entities other than the intended recipient is prohibited. If you
have received this e-mail in error kindly delete this e-mail from your
records. If it appears that this mail has been forwarded to you without
proper authority, please notify us immediately at netadmin at patni.com and
delete this mail. 
_____________________________________________________________________ 

 


_____________________________________________________________________ 

This e-mail message may contain proprietary, confidential or legally privileged information for the sole use of the person or entity to whom this message was originally addressed. Any review, e-transmission dissemination or other use of or taking of any action in reliance upon this information by persons or entities other than the intended recipient is prohibited. If you have received this e-mail in error kindly delete this e-mail from your records. If it appears that this mail has been forwarded to you without proper authority, please notify us immediately at netadmin at patni.com and delete this mail.
_____________________________________________________________________
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas/attachments/20090115/550a81a3/attachment-0001.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: CASFilter.java
Type: application/octet-stream
Size: 11516 bytes
Desc: not available
Url : http://tp.its.yale.edu/pipermail/cas/attachments/20090115/550a81a3/attachment-0001.obj

More information about the cas mailing list