The article that you reference is what I started working from, but I'm still
having difficulties. When I have the validation filter enabled, I get this
exception:
Apache Tomcat/5.5.23 - Error reportjavax.servlet.ServletException: The CAS
server returned no response.
org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(AbstractTicketValidationFilter.java:155)
org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(AuthenticationFilter.java:111)
root cause org.jasig.cas.client.validation.TicketValidationException: The CAS
server returned no response.
org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:181)
org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(AbstractTicketValidationFilter.java:132)
org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(AuthenticationFilter.java:111)
This is the entry in web.xml that I removed for my previous post:
<filter>
<filter-name>CAS Validation Filter</filter-name>
<filter-class>org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter</filter-class>
<init-param>
<param-name>casServerUrlPrefix</param-name>
<param-value>https://theCASserver:8443/cas</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CAS Validation Filter</filter-name>
<url-pattern>/num/*</url-pattern>
</filter-mapping>
Any ideas on what the config should look like if my app needs this validation
filter setup?
Thanks,
Sam
--- On Thu, 2/12/09, Scott Battaglia <[email protected]> wrote:
From: Scott Battaglia <[email protected]>
Subject: Re: [cas-user] Basic CAS question - auths every request?
To: [email protected]
Date: Thursday, February 12, 2009, 10:45 AM
Please follow this example which is for the web application and what I directed
you to before:
http://www.ja-sig.org/wiki/display/CASC/web.xml+for+Tomcat+5.5+Tomcat+Manager
This works. If you choose to ignore it and remove validation filters, then its
not going to work.
-Scott
On Thu, Feb 12, 2009 at 11:37 AM, schneisc <[email protected]> wrote:
I'm guessing I have a small error somewhere, but I don't see it. Here's the
web.xml edited with "theCASserver" and "theAPP" as the two hosts (otherwise all
is the same). What I see is this:
1) First request gets forwarded to CAS for login
1a) << successful login happens >>
1b) redirect to app:
http://theAPP:8080/jsp-examples/num/numguess.jsp?ticket=ST-6-LQm9NC4DQMTbbNOGbTBx-cas
2) every subsequent request redirects to the the CAS server and gets bounced
back to the the theAPP with a new ticket:
http://theAPP:8080/jsp-examples/num/numguess.jsp?ticket=ST-6-LQm9NC4DQMTbbNOGbTBx-cas
some web.xml snippets:
<context-param>
<param-name>serverName</param-name>
<param-value>http://theAPP:8080</param-value>
</context-param>
<filter>
<filter-name>CAS Authentication Filter</filter-name>
<filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class>
<init-param>
<param-name>casServerLoginUrl</param-name>
<param-value>https://theCASserver:8443/cas/login</param-value>
</init-param>
</filter>
<filter>
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
<filter-class>org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>CAS Authentication Filter</filter-name>
<url-pattern>/num/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
<url-pattern>/num/*</url-pattern>
</filter-mapping>
I originally had the CAS validation Filter setup in "theAPP" as well, but I took
it out thinking that should actually be running on "theCASserver" so I took it
out.
<filter-name>CAS Validation Filter</filter-name>
<filter-class>org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter</filter-class>
It's a bit confusing following the example web.xml since the CAS server and the
secured app are the same host and it's not entirely clear which filters and
config params belong to which "app" (I'm running on two different hosts). Any
help would be greatly appreciated.
-Sam
--- On Wed, 2/11/09, Scott Battaglia <[email protected]> wrote:
From: Scott Battaglia <[email protected]>
Subject: Re: [cas-user] Basic CAS question - auths every request?
To:
[email protected]
Date: Wednesday, February 11, 2009, 9:10 PM
You've probably misconfigured the client or disabled sessions. That example
Tomcat 5.5 Tomcat Manager web.xml should work fine and only go to CAS once.
-Scott
On Wed, Feb 11, 2009 at 5:26 PM, Sam <[email protected]> wrote:
I have configured CAS and a single client app (configure being used rather
loosely, as I didn't configure much). What I did was setup the client app
similar to
http://www.ja-sig.org/wiki/display/CASC/web.xml+for+Tomcat+5.5+Tomcat+Manager
(I am running tomcat 5.5 as well). CAS is running on a separate server with a
valid cert (this is dev environment). I created my own password validator that
seems to be working just fine.
I have the app running under HTTP for now and I have noticed that it sends a
request to CAS with every request to the server. It gets a new ticket to
validate and calls the CAS validation service (and succeeds without a problem).
The first request through it presents a login screen - subsequent requests
simply validate the new ticket.
My question is this:
Should the app be sending a request to CAS with every request it gets? This is
what seems to be happening and is very noticeable because it switches back and
forth between HTTP & HTTPS because I'm running the app under HTTP. It seems a
bit inefficient to validate the user with every request and I'm wondering if
I've misconfigured something (I'm using the CAS 3 client and associated
filters).
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
--
You are currently subscribed to [email protected] as: [email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
--
You are currently subscribed to [email protected] as: [email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
