Is the springSecurityContext.xml in both apps identical to the one you posted? I think you need serviceProperties.service to be different in each:
http://localhost:8080/app1/j_spring_cas_security_check http://localhost:8080/app2/j_spring_cas_security_check Vintaliy wrote: > > Hi all, > > I am using Cas server 3.3.2 and on client side using spring security. > > First step: > - access to application1 > - cas login > - send cridentials and redirect to main application1 page. > > > Second > - access to app2 > - cas login page [again] > ... > > I open in the same browser another tab, and just clicked on the links to > the another webapps. > > > don't understand what i did wrong, cas configuration problem or spring > configuration problem. > > Here is my springSecurityContext.xml: > <http entry-point-ref="casProcessingFilterEntryPoint"> > <intercept-url pattern="/logout.htm" filters="none"/> > <intercept-url pattern="/**/*.htm*" access="ROLE_MEMBER" /> > <logout logout-success-url="/logout.htm"/> > </http> > <beans:bean id="casProcessingFilterEntryPoint" > class="org.springframework.security.ui.cas.CasProcessingFilterEntryPoint"> > <beans:property name="loginUrl" > value="http://localhost:9090/cas/login"/> > <beans:property name="serviceProperties" ref="serviceProperties"/> > </beans:bean> > <beans:bean id="serviceProperties" > class="org.springframework.security.ui.cas.ServiceProperties"> > <beans:property name="service" > value="http://localhost:8080/pillbox/j_spring_cas_security_check"/> > <beans:property name="sendRenew" value="false"/> > </beans:bean> > > <authentication-manager alias="authenticationManager"/> > <beans:bean id="casProcessingFilter" > class="org.springframework.security.ui.cas.CasProcessingFilter"> > <custom-filter after="CAS_PROCESSING_FILTER"/> > <beans:property name="authenticationManager" > ref="authenticationManager"/> > <beans:property name="authenticationFailureUrl" value="/casfailed.jsp"/> > <beans:property name="defaultTargetUrl" value="/"/> > </beans:bean> > > <beans:bean id="casAuthenticationProvider" > class="org.springframework.security.providers.cas.CasAuthenticationProvider"> > <custom-authentication-provider /> > <beans:property name="userDetailsService" ref="userService"/> > <beans:property name="serviceProperties" ref="serviceProperties" /> > <beans:property name="ticketValidator"> > <beans:bean > class="org.jasig.cas.client.validation.Cas20ServiceTicketValidator"> > <beans:constructor-arg index="0" > value="http://localhost:9090/cas"; /> > > </beans:bean> > </beans:property> > <beans:property name="key" value="an_id_for_this_auth_provider_only"/> > </beans:bean> > > <authentication-provider user-service-ref='userService'/> > <beans:alias name="groupDao" alias="userService"/> > -- View this message in context: http://www.nabble.com/CAS-authentication-every-time-tp24369199p24382424.html Sent from the CAS Users mailing list archive at Nabble.com. -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
