Hello Community
Our team is currently facing a problem with the CAS running on a JBoss EAP
6.3.
1. We have written a AuthenticationHandler which extends from
AbstractUsernamePasswordAuthenticationHandler.
2. in overwritten authenticateUsernamePasswordInternal-Method we call our
WebService (JAX-WS) for user authentication.
3. This WebService request also sends a technical username and password for
authentication of the CAS webapp.
4. When we deploy the CAS Webapp to Tomcat (8.0) the WebService request
goes through and sends a basic auth header.
Unfortunately, as soon as we deploy the CAS to JBoss 6.3 we get a 401
unauthorized back. We have traced the request with wireshark
and were able to see that the basic authentication header is not sent with
the request.
I have attached the exception and the request. Has anybody faced the same
problem with CAS running on JBoss? Thanks in advance
08:22:17,888 WARNING [org.apache.cxf.phase.PhaseInterceptorChain] (http-
localhost/127.0.0.1:8443-1) Interceptor for {urn:sap-com:document:sap:soap:
functions:mc-style}ZCRM_SC_ID_VALIDATE_1#{urn:sap-com:document:sap:soap:functions:mc-style}ZcrmScIdValidate1
has thrown exception, unwinding now: org.apache.cxf.interceptor.Fault:
Could not send Message.
at
org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:64)
at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:272)
at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:570)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:479)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:382)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:335)
at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:96)
at
org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:136)
at com.sun.proxy.$Proxy101.zcrmScIdValidate1(Unknown Source)
at
ch.onion.amu.v1.service.jaxws.proxy.LoyScidValidateProxy.zcrmScIdValidate1(LoyScidValidateProxy.java:160)
[AMU-LoyScidValidateProxy-1.0.2-SNAPSHOT.jar:]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
[rt.jar:1.7.0_75]
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
[rt.jar:1.7.0_75]
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
[rt.jar:1.7.0_75]
at java.lang.reflect.Method.invoke(Method.java:606) [rt.jar:1.7.0_75]
at
ch.onion.aaa.v2.service.proxy.PooledServiceProxyInvocationHandler.invoke(PooledServiceProxyInvocationHandler.java:139)
[AAA-ProxyAPI-2.0.13.jar:]
at com.sun.proxy.$Proxy67.zcrmScIdValidate1(Unknown Source)
at
ch.onion.cas.webserver.scid.proxy.ScIdProxyClient.authenticate(ScIdProxyClient.java:42)
[classes:]
at
ch.onion.cas.authentication.handler.ScIdAuthenticationHandler.authenticateUsernamePasswordInternal(ScIdAuthenticationHandler.java:50)
[classes:]
at
org.jasig.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler.doAuthentication(AbstractUsernamePasswordAuthenticationHandler.java:76)
[cas-server-core-4.1.2.jar:4.1.2]
POST /AMU-LoyScidValidate-1 HTTP/1.1
Content-Type: text/xml; charset=UTF-8
X-Request-ID: 3de2ece9-ee8b-4af1-9028-dd159243c607
User-Agent: Apache CXF 2.7.12.SP1-redhat-1
Cache-Control: no-cache
Pragma: no-cache
Host: servicestest-cisp.hs.coop.ch
Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2
Connection: keep-alive
Content-Length: 372
<soap:Envelope
xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/";><SOAP-ENV:Header
xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"/><soap:Body><ns2:ZcrmScIdValidate1
xmlns:ns2="urn:sap-com:document:sap:soap:functions:mc-style"><ScId>asdfasdfa</ScId><ScIdPw>adfasdfasdf</ScIdPw><ScIdSiteId>001</ScIdSiteId></ns2:ZcrmScIdValidate1></soap:Body></soap:Envelope>HTTP/1.1
401 Unauthorized
Server: Apache-Coyote/1.1
Content-Length: 16
WWW-Authenticate: Basic realm="webservices"
X-Original-HTTP-Status-Code: 401
Content-Type: text/xml; charset=UTF-8
Date: Mon, 21 Dec 2015 07:29:57 GMT
401 Unauthorized
This is how the context is filled up with parameters:
// Add binding provider.
Map<String, Object> reqContext = ((BindingProvider)
serviceProxy).getRequestContext();
reqContext.put(BindingProvider.ENDPOINT_ADDRESS_PROPERTY,
getServiceProxyConfiguration().getServiceEndpoint().toString());
reqContext.put(BindingProvider.USERNAME_PROPERTY, "aUserName");
reqContext.put(BindingProvider.PASSWORD_PROPERTY, "aPassword");
--
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
