Scott --
Thanks, do have any refrences for doing this proxying stuff. Thanks again RR scott_battaglia wrote: > > My guess you need to supply the applet with a proxy ticket so that it can > authenticate the user. Your web application should obtain one and then > pass > it to the applet. > > Cheers, > Scott > > > On Fri, Apr 24, 2009 at 2:58 PM, rrakesh <[email protected]> > wrote: > >> >> I have web application which uses CAS for SSO between another web >> application. So that part is working fine. >> >> In one of my web application I got a applet in a secure page, before user >> comes to this page user might already have been logged in using CAS. And >> when user comes to this secured page which contains applet, the applet >> does >> not loaded it throws and exception. >> >> Following are some of my filter settings I have: >> >> <bean id="springSecurityFilterChain" >> class="org.springframework.security.util.FilterChainProxy"> >> <sec:filter-chain-map path-type="ant"> >> <sec:filter-chain pattern="/softwarechecker/**" >> filters="none" /> >> <sec:filter-chain pattern="/user/css/**" >> filters="none" /> >> <sec:filter-chain pattern="/user/images/**" >> filters="none" /> >> <sec:filter-chain pattern="/user/js/**" >> filters="none" /> >> <sec:filter-chain pattern="/**" >> >> filters="httpSessionContextIntegrationFilter,userLogoutFilter, >> >> learnerAuthenticationProcessingFilter, >> exceptionTranslationFilter, >> filterInvocationInterceptor" >> /> >> </sec:filter-chain-map> >> </bean> >> >> <bean id="filterInvocationInterceptor" >> >> class="org.springframework.security.intercept.web.FilterSecurityInterceptor"> >> <property name="authenticationManager"> >> <ref local="_learnerAuthenticationManager" /> >> </property> >> <property name="accessDecisionManager"> >> <ref local="httpRequestAccessDecisionManager" /> >> </property> >> <property name="objectDefinitionSource"> >> <sec:filter-invocation-definition-source> >> <sec:intercept-url pattern="/user/**" >> access="ROLE_USER" /> >> </sec:filter-invocation-definition-source> >> </property> >> </bean> >> >> And when I turned on the debugging on the web app for the CAS security >> filter stuff this is what I captured >> >> >> 14:41:28,240 DEBUG [FilterChainProxy] Converted URL to lowercase, from: >> '/user/client/applet/SynchronizationApplet.class'; to: >> '/user/client/applet/SynchronizationApplet.class' >> 14:41:28,240 DEBUG [FilterChainProxy] Candidate is: >> '/user/client/applet/SynchronizationApplet.class'; pattern is /**; >> matched=true >> 14:41:28,240 DEBUG [FilterChainProxy] >> /user/client/applet/SynchronizationApplet.class at position 1 of 7 in >> additional filter chain; firing Filter: >> 'org.springframework.security.context.HttpSessionContextIntegrationFilter[ >> order=200; ]' >> 14:41:28,240 DEBUG [HttpSessionContextIntegrationFilter] HttpSession >> returned null object for SPRING_SECURITY_CONTEXT >> 14:41:28,240 DEBUG [HttpSessionContextIntegrationFilter] New >> SecurityContext >> instance will be associated with SecurityContextHolder >> 14:41:28,240 DEBUG [FilterChainProxy] >> /user/client/applet/SynchronizationApplet.class at position 2 of 7 in >> additional filter chain; firing Filter: >> 'org.springframework.security.ui.logout.LogoutFilter[ order=300; ]' >> 14:41:28,240 DEBUG [FilterChainProxy] >> /user/client/applet/SynchronizationApplet.class at position 3 of 7 in >> additional filter chain; firing Filter: >> >> 'com.test.common.security.impl.authentication.TestAuthenticationProcessingFilter[ >> order=700; ]' >> 14:41:28,240 DEBUG [FilterChainProxy] >> /user/client/applet/SynchronizationApplet.class at position 4 of 7 in >> additional filter chain; firing Filter: >> 'org.springframework.security.ui.cas.CasProcessingFilter[ order=600; ]' >> 14:41:28,240 DEBUG [FilterChainProxy] >> /user/client/applet/SynchronizationApplet.class at position 5 of 7 in >> additional filter chain; firing Filter: >> >> 'com.test.common.security.impl.authentication.TestAuthenticationProcessingFilter[ >> order=700; ]' >> 14:41:28,240 DEBUG [FilterChainProxy] >> /user/client/applet/SynchronizationApplet.class at position 6 of 7 in >> additional filter chain; firing Filter: >> 'org.springframework.security.ui.ExceptionTranslationFilter[ order=1400; >> ]' >> 14:41:28,240 DEBUG [FilterChainProxy] >> /user/client/applet/SynchronizationApplet.class at position 7 of 7 in >> additional filter chain; firing Filter: >> >> 'org.springframework.security.intercept.web.filtersecurityintercep...@2a91b1 >> ' >> 14:41:28,240 DEBUG [DefaultFilterInvocationDefinitionSource] Converted >> URL >> to lowercase, from: '/user/client/applet/SynchronizationApplet.class'; >> to: >> '/user/client/applet/SynchronizationApplet.class' >> 14:41:28,240 DEBUG [DefaultFilterInvocationDefinitionSource] Candidate >> is: >> '/user/client/applet/SynchronizationApplet.class'; pattern is /user/**; >> matched=true >> 14:41:28,240 DEBUG [AbstractSecurityInterceptor] Secure object: >> FilterInvocation: URL: /user/client/applet/SynchronizationApplet.class; >> ConfigAttributes: [ROLE_USER] >> 14:41:28,240 DEBUG [ExceptionTranslationFilter] Authentication exception >> occurred; redirecting to authentication entry point >> org.springframework.security.AuthenticationCredentialsNotFoundException: >> An >> Authentication object was not found in the SecurityContext >> at >> >> org.springframework.security.intercept.AbstractSecurityInterceptor.credentialsNotFound(AbstractSecurityInterceptor.java:342) >> at >> >> org.springframework.security.intercept.AbstractSecurityInterceptor.beforeInvocation(AbstractSecurityInterceptor.java:254) >> at >> >> org.springframework.security.intercept.web.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:106) >> at >> >> org.springframework.security.intercept.web.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:83) >> >> Thanks for reading the questions, any help or pointers please. >> RR >> -- >> View this message in context: >> http://www.nabble.com/CASifying-the-Applet-in-Web-Application-tp23222878p23222878.html >> Sent from the CAS Users mailing list archive at Nabble.com. >> >> >> -- >> You are currently subscribed to [email protected] as: >> [email protected] >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/display/JSG/cas-user >> > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > -- View this message in context: http://www.nabble.com/CASifying-the-Applet-in-Web-Application-tp23222878p23395437.html Sent from the CAS Users mailing list archive at Nabble.com. -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
