[cas-user] Problem with authentication of remote application to CAS server

Thu, 19 Apr 2018 14:30:07 -0700 

Hi i have a cas server on a nginx reverse proxy and my application with the
shiro.ini file are configureted to authenticated to this CAS server so this
application are ok

the problem now is with a remote application that is not in the same server
of the and its web.xml has this configuration:

<!-- CAS -->
  <filter>
    <filter-name>CAS Authentication Filter</filter-name>

<filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class>
    <init-param>
      <param-name>casServerLoginUrl</param-name>
      <param-value>https://siampapps.mp/cas/login</param-value>
    </init-param>
    <init-param>
      <param-name>serverName</param-name>
      <param-value>https://selectronicas.mp:8443</param-value>
    </init-param>
  </filter>

Im not sure whether to use the filter

org.jasig.cas.client.validation.Cas10TicketValidationFilte
 OR


<filter-name>CAS Validation Filter</filter-name>

<filter-class>org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter</filter-class>
        <init-param>

could you tell me whats the difference


  <filter>
    <filter-name>CAS Validation Filter</filter-name>

<filter-class>org.jasig.cas.client.validation.Cas10TicketValidationFilter</filter-class>
    <init-param>
      <param-name>casServerUrlPrefix</param-name>
      <param-value>https://siampapps.mp/cas</param-value>
    </init-param>
    <init-param>
      <param-name>serverName</param-name>
      <param-value>https://selectronicas.mp:8443</param-value>
    </init-param>
    <init-param>
      <param-name>redirectAfterValidation</param-name>
      <param-value>true</param-value>
    </init-param>
  </filter>

  <filter>
    <filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>

<filter-class>org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filter-class>
  </filter>

  <filter-mapping>
    <filter-name>CAS Authentication Filter</filter-name>
    <url-pattern>/*</url-pattern>
  </filter-mapping>

  <filter-mapping>
    <filter-name>CAS Validation Filter</filter-name>
    <url-pattern>/*</url-pattern>
  </filter-mapping>

  <filter-mapping>
    <filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
    <url-pattern>/*</url-pattern>
  </filter-mapping>
  <!-- FIN DEL CAS -->


and my nginx cas configuration is this:

location /cas {
proxy_pass http://siampv5.mp;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_http_version 1.1;
proxy_request_buffering off;
proxy_set_header Connection "";
proxy_set_header X-Forwarded-Proto https;
}


but when a user try to authenticate to my cas it show the next error on the
log of the server:

thanks for your help

[2018-04-19T14:58:29.452-0600] [Payara 4.1] [WARNING] []
[javax.enterprise.web] [tid: _ThreadID=35 _ThreadName=http-thread-pool(6)]
[timeMillis: 1524171509452] [levelValue: 900] [[
  StandardWrapperValve[cas]: Servlet.service() for servlet cas threw
exception
java.util.ConcurrentModificationException
        at
java.util.ArrayList$Itr.checkForComodification(ArrayList.java:901)
        at java.util.ArrayList$Itr.next(ArrayList.java:851)
        at
java.util.AbstractCollection.toString(AbstractCollection.java:461)
        at
org.jasig.inspektr.aspect.TraceLogAspect.traceMethod(TraceLogAspect.java:48)
        at
org.jasig.cas.ticket.TicketGrantingTicketImpl.getSupplementalAuthentications(TicketGrantingTicketImpl.java:247)
        at
org.jasig.cas.CentralAuthenticationServiceImpl.evaluatePossibilityOfMixedPrincipals(CentralAuthenticationServiceImpl.java:209)
        at
org.jasig.cas.CentralAuthenticationServiceImpl.grantServiceTicket_aroundBody2(CentralAuthenticationServiceImpl.java:145)
        at
org.jasig.cas.CentralAuthenticationServiceImpl$AjcClosure3.run(CentralAuthenticationServiceImpl.java:1)
        at
org.aspectj.runtime.reflect.JoinPointImpl.proceed(JoinPointImpl.java:149)
        at
org.jasig.inspektr.aspect.TraceLogAspect.traceMethod(TraceLogAspect.java:44)
        at
org.jasig.cas.CentralAuthenticationServiceImpl.grantServiceTicket(CentralAuthenticationServiceImpl.java:136)
        at sun.reflect.GeneratedMethodAccessor24429.invoke(Unknown Source)
        at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:498)
        at
org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:302)
        at
org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:190)
        at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:157)
        at
org.springframework.aop.aspectj.MethodInvocationProceedingJoinPoint.proceed(MethodInvocationProceedingJoinPoint.java:85)
        at
org.jasig.inspektr.audit.AuditTrailManagementAspect.handleAuditTrail(AuditTrailManagementAspect.java:128)
        at sun.reflect.GeneratedMethodAccessor24425.invoke(Unknown Source)
        at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:498)
        at
org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethodWithGivenArgs(AbstractAspectJAdvice.java:621)
        at
org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethod(AbstractAspectJAdvice.java:610)
        at
org.springframework.aop.aspectj.AspectJAroundAdvice.invoke(AspectJAroundAdvice.java:68)
        at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:168)
        at
org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:92)
        at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)
        at
com.ryantenney.metrics.spring.MeteredMethodInterceptor.invoke(MeteredMethodInterceptor.java:45)
        at
com.ryantenney.metrics.spring.MeteredMethodInterceptor.invoke(MeteredMethodInterceptor.java:32)
        at
com.ryantenney.metrics.spring.AbstractMetricMethodInterceptor.invoke(AbstractMetricMethodInterceptor.java:59)
        at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)
        at
com.ryantenney.metrics.spring.TimedMethodInterceptor.invoke(TimedMethodInterceptor.java:48)
        at
com.ryantenney.metrics.spring.TimedMethodInterceptor.invoke(TimedMethodInterceptor.java:34)
        at
com.ryantenney.metrics.spring.AbstractMetricMethodInterceptor.invoke(AbstractMetricMethodInterceptor.java:59)
        at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)
        at
com.ryantenney.metrics.spring.CountedMethodInterceptor.invoke(CountedMethodInterceptor.java:46)
        at
com.ryantenney.metrics.spring.CountedMethodInterceptor.invoke(CountedMethodInterceptor.java:32)
        at
com.ryantenney.metrics.spring.AbstractMetricMethodInterceptor.invoke(AbstractMetricMethodInterceptor.java:59)
        at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)
        at
org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:208)
        at com.sun.proxy.$Proxy859.grantServiceTicket(Unknown Source)
        at
org.jasig.cas.web.flow.GenerateServiceTicketAction.doExecute(GenerateServiceTicketAction.java:79)
        at
org.springframework.webflow.action.AbstractAction.execute(AbstractAction.java:188)
        at
org.springframework.webflow.execution.ActionExecutor.execute(ActionExecutor.java:51)
        at
org.springframework.webflow.action.EvaluateAction.doExecute(EvaluateAction.java:77)
        at
org.springframework.webflow.action.AbstractAction.execute(AbstractAction.java:188)
        at
org.springframework.webflow.execution.AnnotatedAction.execute(AnnotatedAction.java:145)
        at
org.springframework.webflow.execution.ActionExecutor.execute(ActionExecutor.java:51)
        at
org.springframework.webflow.engine.ActionState.doEnter(ActionState.java:101)
        at org.springframework.webflow.engine.State.enter(State.java:194)
        at
org.springframework.webflow.engine.Transition.execute(Transition.java:228)
        at
org.springframework.webflow.engine.DecisionState.doEnter(DecisionState.java:51)
        at org.springframework.webflow.engine.State.enter(State.java:194)
        at
org.springframework.webflow.engine.Transition.execute(Transition.java:228)
        at
org.springframework.webflow.engine.DecisionState.doEnter(DecisionState.java:51)
        at org.springframework.webflow.engine.State.enter(State.java:194)
        at
org.springframework.webflow.engine.Transition.execute(Transition.java:228)
        at
org.springframework.webflow.engine.impl.FlowExecutionImpl.execute(FlowExecutionImpl.java:395)
        at
org.springframework.webflow.engine.impl.RequestControlContextImpl.execute(RequestControlContextImpl.java:214)
        at
org.springframework.webflow.engine.TransitionableState.handleEvent(TransitionableState.java:116)
        at
org.springframework.webflow.engine.Flow.handleEvent(Flow.java:547)
        at
org.springframework.webflow.engine.impl.FlowExecutionImpl.handleEvent(FlowExecutionImpl.java:390)
        at
org.springframework.webflow.engine.impl.RequestControlContextImpl.handleEvent(RequestControlContextImpl.java:210)
        at
org.springframework.webflow.engine.ActionState.doEnter(ActionState.java:105)
        at org.springframework.webflow.engine.State.enter(State.java:194)
        at org.springframework.webflow.engine.Flow.start(Flow.java:527)
        at
org.springframework.webflow.engine.impl.FlowExecutionImpl.start(FlowExecutionImpl.java:368)
        at
org.springframework.webflow.engine.impl.FlowExecutionImpl.start(FlowExecutionImpl.java:223)
        at
org.springframework.webflow.executor.FlowExecutorImpl.launchExecution(FlowExecutorImpl.java:140)
        at
org.springframework.webflow.mvc.servlet.FlowHandlerAdapter.handle(FlowHandlerAdapter.java:238)
        at
org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:959)
        at
org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:893)
        at
org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:970)
        at
org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:861)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:687)
        at
org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:846)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)
        at
org.apache.catalina.core.StandardWrapper.service(StandardWrapper.java:1693)
        at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:344)
        at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214)
        at
org.jasig.cas.security.ResponseHeadersEnforcementFilter.doFilter(ResponseHeadersEnforcementFilter.java:227)
        at
org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346)
        at
org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:262)
        at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:256)
        at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214)
        at
org.jasig.cas.security.RequestParameterPolicyEnforcementFilter.doFilter(RequestParameterPolicyEnforcementFilter.java:250)
        at
org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346)
        at
org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:262)
        at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:256)
        at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214)
        at
org.jasig.inspektr.common.web.ClientInfoThreadLocalFilter.doFilter(ClientInfoThreadLocalFilter.java:62)
        at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:256)
        at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214)
        at
org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:121)
        at
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
        at
org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346)
        at
org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:262)
        at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:256)
        at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214)
        at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:316)
        at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:161)
        at
org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:734)
        at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:673)
        at com.sun.enterprise.web.WebPipeline.invoke(WebPipeline.java:99)
        at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:174)
        at
org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:416)
        at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:283)
        at
com.sun.enterprise.v3.services.impl.ContainerMapper$HttpHandlerCallable.call(ContainerMapper.java:466)
        at
com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:169)
        at
org.glassfish.grizzly.http.server.HttpHandler.runService(HttpHandler.java:206)
        at
org.glassfish.grizzly.http.server.HttpHandler.doHandle(HttpHandler.java:180)
        at
org.glassfish.grizzly.http.server.HttpServerFilter.handleRead(HttpServerFilter.java:235)
        at
org.glassfish.grizzly.filterchain.ExecutorResolver$9.execute(ExecutorResolver.java:119)
        at
org.glassfish.grizzly.filterchain.DefaultFilterChain.executeFilter(DefaultFilterChain.java:284)
        at
org.glassfish.grizzly.filterchain.DefaultFilterChain.executeChainPart(DefaultFilterChain.java:201)
        at
org.glassfish.grizzly.filterchain.DefaultFilterChain.execute(DefaultFilterChain.java:133)
        at
org.glassfish.grizzly.filterchain.DefaultFilterChain.process(DefaultFilterChain.java:112)
        at
org.glassfish.grizzly.ProcessorExecutor.execute(ProcessorExecutor.java:77)
        at
org.glassfish.grizzly.nio.transport.TCPNIOTransport.fireIOEvent(TCPNIOTransport.java:526)
        at
org.glassfish.grizzly.strategies.AbstractIOStrategy.fireIOEvent(AbstractIOStrategy.java:112)
        at
org.glassfish.grizzly.strategies.WorkerThreadIOStrategy.run0(WorkerThreadIOStrategy.java:117)
        at
org.glassfish.grizzly.strategies.WorkerThreadIOStrategy.access$100(WorkerThreadIOStrategy.java:56)
        at
org.glassfish.grizzly.strategies.WorkerThreadIOStrategy$WorkerThreadRunnable.run(WorkerThreadIOStrategy.java:137)
        at
org.glassfish.grizzly.threadpool.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:593)
        at
org.glassfish.grizzly.threadpool.AbstractThreadPool$Worker.run(AbstractThreadPool.java:573)
        at java.lang.Thread.run(Thread.java:745)
]]

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CANEG9%2BeEqyL_g28e%2BzQqoUzCgBpXXYQSP7xy-OFo1OJt9yR86A%40mail.gmail.com.

Reply via email to