please disregard the last email, below is the complete web.xml snippet:
Thanks! that did it
I configured the proxycall back url so that only the Validation filter
was protecting it and not the authentication filter, and then it worked.
Here's a snippet from my working web.xml:
<filter>
<filter-name>CASSingleSignOutFilter</filter-name>
<filter-class>
org.jasig.cas.client.session.SingleSignOutFilter
</filter-class>
<init-param>
<param-name>artifactParameterName</param-name>
<param-value>ticket</param-value>
</init-param>
</filter>
<filter>
<filter-name>CASAuthenticationFilter</filter-name>
<filter-class>
org.jasig.cas.client.authentication.AuthenticationFilter
</filter-class>
<init-param>
<param-name>casServerLoginUrl</param-name>
<param-value>
https://CASSERVER:8443/cas/login
</param-value>
</init-param>
<init-param>
<param-name>service</param-name>
<param-value>
http://CLIENT1:8180/CRISCAS/pages/index.jsf
</param-value>
</init-param>
<!-- http://17inchvista:8180/CRISCAS/pages/index.jsf -->
<init-param>
<param-name>serverName</param-name>
<param-value>http://CLIENT1:8180</param-value>
</init-param>
<init-param>
<param-name>renew</param-name>
<param-value>false</param-value>
</init-param>
<init-param>
<param-name>gateway</param-name>
<param-value>false</param-value>
</init-param>
<init-param>
<param-name>artifactParameterName</param-name>
<param-value>ticket</param-value>
</init-param>
<init-param>
<param-name>serviceParameterName</param-name>
<param-value>service</param-value>
</init-param>
<init-param>
<param-name>encodeServiceUrl</param-name>
<param-value>true</param-value>
</init-param>
<!--
<init-param>
<param-name>gatewayStorageClass</param-name>
<param-value></param-value>
</init-param>
-->
</filter>
<filter>
<filter-name>CASValidationFilter</filter-name>
<filter-class>
org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter
</filter-class>
<init-param>
<param-name>casServerUrlPrefix</param-name>
<param-value>https://CASSERVER:8443/cas</param-value>
</init-param>
<init-param>
<param-name>serverName</param-name>
<param-value>http://CLIENT1:8180</param-value>
</init-param>
<init-param>
<param-name>proxyCallbackUrl</param-name>
<param-value>https://CLIENT1:8543/CRISCAS/proxyCallback
</param-value>
</init-param>
<init-param>
<param-name>proxyReceptorUrl</param-name>
<param-value>/proxyCallback</param-value>
</init-param>
<init-param>
<param-name>allowAnyProxy</param-name>
<param-value>true</param-value>
</init-param>
</filter>
<filter>
<filter-name>CASHttpServletRequestWrapperFilter</filter-name>
<filter-class>
org.jasig.cas.client.util.HttpServletRequestWrapperFilter
</filter-class>
</filter>
<filter>
<filter-name>CASAssertionThreadLocalFilter</filter-name>
<filter-class>
org.jasig.cas.client.util.AssertionThreadLocalFilter
</filter-class>
</filter>
<filter-mapping>
<filter-name>CASSingleSignOutFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>CASAuthenticationFilter</filter-name>
<url-pattern>/pages/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>CASValidationFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>CASHttpServletRequestWrapperFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>CASAssertionThreadLocalFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
