Hello Ray, I have changed the configuration got this from logged file. But the URL is redirecting too many times causing ERROR TOO MANY REDIRECTS. >From Log file:
2020-11-05 15:51:21.877 DEBUG 13867 --- [https-jsse-nio-8443-exec-3] o.s.s.cas.web.CasAuthenticationFilter : serviceTicketRequest = false 2020-11-05 15:51:21.877 DEBUG 13867 --- [https-jsse-nio-8443-exec-3] o.s.s.cas.web.CasAuthenticationFilter : proxyReceptorConfigured = false 2020-11-05 15:51:21.877 DEBUG 13867 --- [https-jsse-nio-8443-exec-3] o.s.s.cas.web.CasAuthenticationFilter : proxyReceptorRequest = false 2020-11-05 15:51:21.877 DEBUG 13867 --- [https-jsse-nio-8443-exec-3] o.s.s.cas.web.CasAuthenticationFilter : proxyTicketRequest = false 2020-11-05 15:51:21.877 DEBUG 13867 --- [https-jsse-nio-8443-exec-3] o.s.s.cas.web.CasAuthenticationFilter : requiresAuthentication = false 2020-11-05 15:51:21.878 DEBUG 13867 --- [https-jsse-nio-8443-exec-3] o.s.s.w.a.AnonymousAuthenticationFilter : Populated SecurityContextHolder with anonymous token: 'org.springframework.security.authentication.AnonymousAuthenticationToken@9972129b: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@0: RemoteIpAddress: 10.2.101.208; SessionId: 46E280D90E89E9935FE52EA62CA29C65; Granted Authorities: ROLE_ANONYMOUS' Looks like I am authenticated but it redirects too many times. Any Suggestions? Thanks Sagar On Thu, Nov 5, 2020 at 10:36 AM Ray Bon <[email protected]> wrote: > Sagar, > > I thought spring security provided everything, all you have to do is add > some config. > Do you need this SSOController? > > Maybe look at the spring documentation to see how they suggest > configuration. > > Ray > > On Thu, 2020-11-05 at 08:54 -0600, sagar ghimire wrote: > > Notice: This message was sent from outside the University of Victoria > email system. Please be cautious with links and sensitive information. > > Hello Ray, > I have turned on the logging for my application and this is what i got. > The token is > org.springframework.security.authentication.AnonymousAuthenticationToken@5367e0b6: > Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; > Details: > org.springframework.security.web.authentication.WebAuthenticationDetails@1de6: > RemoteIpAddress: 10.2.101.208; SessionId: null; Granted Authorities: > ROLE_ANONYMOUS > 2020-11-05 08:42:10.167 ERROR 21715 --- [nio-8443-exec-4] > o.s.b.w.servlet.support.ErrorPageFilter : Cannot forward to error page for > request [/] as the response has already been committed. As a result, the > response may have the wrong status code. If your application is running on > WebSphere Application Server you may be able to resolve this problem by > setting com.ibm.ws.webcontainer.invokeFlushAfterService to false > > > It looks like I am getting logged in but getting rendered to error page > for some reason. > This is my controller looks like. > > package > > com.mynw.sso.Controller > > ; > > > > import > > com.mynw.sso.CASConfig > > ; > > > import > > org.jasig.cas.client.authentication.AttributePrincipal > > ; > > > import > > org.jasig.cas.client.validation.Assertion > > ; > > > import > > org.springframework.security.authentication.AnonymousAuthenticationToken > > ; > > > import > > org.springframework.security.cas.authentication.CasAuthenticationToken > > ; > > > import > > org.springframework.security.core.context.SecurityContext > > ; > > > import > > org.springframework.security.core.context.SecurityContextHolder > > ; > > > import > > org.springframework.stereotype. > > Controller > > ; > > > import > > org.springframework.ui.Model > > ; > > > import > > org.springframework.web.bind.annotation. > > GetMapping > > ; > > > > import > > java.sql.SQLOutput > > ; > > > import > > java.util.logging.Logger > > ; > > > > @Controller > > > public class > > SSOController { > > > > > @GetMapping > > ( > > "/" > > ) > > > public > > String > > index > > (Model model){ > > > SecurityContext ctx= SecurityContextHolder. > > getContext > > () > > ; > > > AnonymousAuthenticationToken aat = (AnonymousAuthenticationToken) > ctx.getAuthentication() > > ; > > > System. > > out > > .println( > > "The token is " > > + aat) > > ; > > > model.addAttribute( > > "UserName" > > , > > aat.toString()) > > ; > > > > > return > > "index" > > ; > > > } > > > } > > > Thanks > Sagar > > On Wed, Nov 4, 2020 at 4:07 PM Ray Bon <[email protected]> wrote: > > Sagar, > > Turn up logging in spring. Try to figure out what token is. > > Ray > > On Wed, 2020-11-04 at 14:11 -0600, sagar ghimire wrote: > > Notice: This message was sent from outside the University of Victoria > email system. Please be cautious with links and sensitive information. > > Roy, > I have attached the image before the red line one. Also I was looking at > the server logs and found : > > 2020-11-04 12:16:05.770 ERROR 13281 --- [nio-8443-exec-4] > o.s.b.w.servlet.support.ErrorPageFilter : Forwarding to error page from > request [/] due to exception > [org.springframework.security.authentication.AnonymousAuthenticationToken > cannot be cast to > org.springframework.security.cas.authentication.CasAuthenticationToken] > > java.lang.ClassCastException: > org.springframework.security.authentication.AnonymousAuthenticationToken > cannot be cast to > org.springframework.security.cas.authentication.CasAuthenticationToken > > > > > It looks like token casting is the problem that I have been encountering. > Any suggestions? > > > Thank you > Sagar > > On Wed, Nov 4, 2020 at 12:57 PM Ray Bon <[email protected]> wrote: > > Sagar, > > The ST handler must be publicly accessible. If > inb9fnhr.nwmissouri.edu:8443/MyNWSSO/ takes you to cas login, it will not > be able to receive the ST, but redirect to cas for login in an endless loop. > What is happening on the line above the red one in the image? > > Ray > > On Wed, 2020-11-04 at 12:33 -0600, sagar ghimire wrote: > > Notice: This message was sent from outside the University of Victoria > email system. Please be cautious with links and sensitive information. > > Hello Ray, > I have configured my Spring Boot App but I think the problem is when the > CAS redirect to my webapp with Service Ticket my web app is not > revalidating the ticket to CAS server again. The reference that I have > taken for this webapp is from > > https://medium.com/@venkateshpnk22/single-sign-on-in-cas-client-setup-with-spring-security-b51a7e70294d > Also I have attached the error when I hit the > inb9fnhr.nwmissouri.edu:8443/MyNWSSO/ it render to sign in and after sign > in I got 404. > > > Thanks > > Sagar Ghimire > Software Developer > Northwest Missouri State University > > > > On Wed, Nov 4, 2020 at 12:26 PM Ray Bon <[email protected]> wrote: > > Sagar, > > What happens when you browse directly to > inb9fnhr.nwmissouri.edu:8443/MyNWSSO/ > > This sounds like a problem with your application configuration and not > cas. Or are you asking how to configure your cas client? > > Ray > > On Wed, 2020-11-04 at 09:56 -0800, sagar ghimire wrote: > > Notice: This message was sent from outside the University of Victoria > email system. Please be cautious with links and sensitive information. > > Hello, > I have configured CAS in my Spring boot app and when I log in it render to > 404 not found with the Service Ticket. > Attached is the error image that i got. > > > Thanks > Sagar > > -- > > > Ray Bon > Programmer Analyst > Development Services, University Systems > 2507218831 | CLE 019 | [email protected] > > I respectfully acknowledge that my place of work is located within the > ancestral, traditional and unceded territory of the Songhees, Esquimalt and > WSÁNEĆ Nations. > > -- > - Website: https://apereo.github.io/cas > - Gitter Chatroom: https://gitter.im/apereo/cas > - List Guidelines: https://goo.gl/1VRrw7 > - Contributions: https://goo.gl/mh7qDG > --- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/a/apereo.org/d/msgid/cas-user/05f195cffc9329228b4705f81da7e13f4037c9e8.camel%40uvic.ca > <https://groups.google.com/a/apereo.org/d/msgid/cas-user/05f195cffc9329228b4705f81da7e13f4037c9e8.camel%40uvic.ca?utm_medium=email&utm_source=footer> > . > > -- > > > Ray Bon > Programmer Analyst > Development Services, University Systems > 2507218831 | CLE 019 | [email protected] > > I respectfully acknowledge that my place of work is located within the > ancestral, traditional and unceded territory of the Songhees, Esquimalt and > WSÁNEĆ Nations. > > -- > - Website: https://apereo.github.io/cas > - Gitter Chatroom: https://gitter.im/apereo/cas > - List Guidelines: https://goo.gl/1VRrw7 > - Contributions: https://goo.gl/mh7qDG > --- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/a/apereo.org/d/msgid/cas-user/e563cb5582248e3b61299aaf01998f5ad03367e9.camel%40uvic.ca > <https://groups.google.com/a/apereo.org/d/msgid/cas-user/e563cb5582248e3b61299aaf01998f5ad03367e9.camel%40uvic.ca?utm_medium=email&utm_source=footer> > . > > -- > > > Ray Bon > Programmer Analyst > Development Services, University Systems > 2507218831 | CLE 019 | [email protected] > > I respectfully acknowledge that my place of work is located within the > ancestral, traditional and unceded territory of the Songhees, Esquimalt and > WSÁNEĆ Nations. > > -- > - Website: https://apereo.github.io/cas > - Gitter Chatroom: https://gitter.im/apereo/cas > - List Guidelines: https://goo.gl/1VRrw7 > - Contributions: https://goo.gl/mh7qDG > --- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/a/apereo.org/d/msgid/cas-user/07f16efd28acdce013b788b077df0565efd9c4df.camel%40uvic.ca > <https://groups.google.com/a/apereo.org/d/msgid/cas-user/07f16efd28acdce013b788b077df0565efd9c4df.camel%40uvic.ca?utm_medium=email&utm_source=footer> > . > > -- > > Ray Bon > Programmer Analyst > Development Services, University Systems > 2507218831 | CLE 019 | [email protected] > > I respectfully acknowledge that my place of work is located within the > ancestral, traditional and unceded territory of the Songhees, Esquimalt and > WSÁNEĆ Nations. > > -- > - Website: https://apereo.github.io/cas > - Gitter Chatroom: https://gitter.im/apereo/cas > - List Guidelines: https://goo.gl/1VRrw7 > - Contributions: https://goo.gl/mh7qDG > --- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/a/apereo.org/d/msgid/cas-user/6798adce6b2ccbf9fc5cd8a6b57390b19e1adbaf.camel%40uvic.ca > <https://groups.google.com/a/apereo.org/d/msgid/cas-user/6798adce6b2ccbf9fc5cd8a6b57390b19e1adbaf.camel%40uvic.ca?utm_medium=email&utm_source=footer> > . > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAKBdEbeuKi%2BN1A6girF6NNSMH4M_hZaGSiLKJW_5GjwoMMcC2g%40mail.gmail.com.
