Hi, I'm trying to CAS and a couple of apps (appA and appB) configured for SSO.
Both appA and appB are configured to authenticate against CAS and in both cases
authentication is working correctly. If I start with appA and login,I get
authenticated and the CASTGC cookie gets set, same thing happens if I start
with appB.
In my case an authenticated user in appA is able to click on a link and be
redirected to appB. But when the user is redirected to appB they are challenged
again for login creds. If enter the creds I can then get to appB.
I assume it is just that I've not correctly configured something but in reading
through the CAS docs I've found where I'm going wrong.
My web.xml configs are...
appA
>>>>
<filter>
<filter-name>CAS Authentication Filter</filter-name>
<filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class>
<init-param>
<param-name>casServerLoginUrl</param-name>
<param-value>http://localhost:8080/login</param-value>
</init-param>
<init-param>
<param-name>serverName</param-name>
<param-value>http://localhost:8084</param-value>
</init-param>
</filter>
<filter>
<filter-name>CAS Validation Filter</filter-name>
<filter-class>org.jasig.cas.client.validation.Saml11TicketValidationFilter</filter-class>
<init-param>
<param-name>casServerUrlPrefix</param-name>
<param-value>http://localhost:8080</param-value>
</init-param>
<init-param>
<param-name>serverName</param-name>
<param-value>http://localhost:8084</param-value>
</init-param>
</filter>
<filter>
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
<filter-class>org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filter-class>
</filter>
<filter>
<filter-name>CAS Assertion Thread Local Filter</filter-name>
<filter-class>org.jasig.cas.client.util.AssertionThreadLocalFilter</filter-class>
</filter>
<<<
appB
>>>
<filter>
<filter-name>CAS Authentication Filter</filter-name>
<filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class>
<init-param>
<param-name>casServerLoginUrl</param-name>
<param-value>http://localhost:8080/login</param-value>
</init-param>
<init-param>
<param-name>serverName</param-name>
<param-value>http://localhost:8081</param-value>
</init-param>
</filter>
<filter>
<filter-name>CAS Validation Filter</filter-name>
<filter-class>org.jasig.cas.client.validation.Saml11TicketValidationFilter</filter-class>
<init-param>
<param-name>casServerUrlPrefix</param-name>
<param-value>http://localhost:8080</param-value>
</init-param>
<init-param>
<param-name>serverName</param-name>
<param-value>http://localhost:8081</param-value>
</init-param>
</filter>
<filter>
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
<filter-class>org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filter-class>
</filter>
<filter>
<filter-name>CAS Assertion Thread Local Filter</filter-name>
<filter-class>org.jasig.cas.client.util.AssertionThreadLocalFilter</filter-class>
</filter>
<<<
with some CAS server debug output thrown in for good measure
>>>
[java] DEBUG [2009-10-19 18:42:06,556] [http--8080-4$28137909]
AuthenticationViaFormAction - Action 'AuthenticationViaFormAction' beginning
execution
[java] DEBUG [2009-10-19 18:42:06,556] [http--8080-4$28137909]
AuthenticationViaFormAction - Executing bind
[java] DEBUG [2009-10-19 18:42:06,556] [http--8080-4$28137909]
AuthenticationViaFormAction - Found existing form object with name
'credentials' of type [class
org.jasig.cas.authentication.principal.UsernamePasswordCredentials] in scope
Flow
[java] DEBUG [2009-10-19 18:42:06,556] [http--8080-4$28137909]
AuthenticationViaFormAction - No property editor registrar set, no custom
editors to register
[java] DEBUG [2009-10-19 18:42:06,587] [http--8080-4$28137909]
AuthenticationViaFormAction - Binding allowed request parameters in map['lt' ->
'_c59B7F3F2-A126-45EB-19A3-E0B62629BA68_k20309474-3BCC-AC08-4A05-DA5AFEFD06E8',
'service' -> 'http://localho
t:8084/reviews/demo', 'username' -> '[email protected]', '_eventId' ->
'submit', 'submit' -> 'Submit', 'password' -> '1Follow'] to form object with
name 'credentials', pre-bind formObject toString = [username: null]
[java] DEBUG [2009-10-19 18:42:06,587] [http--8080-4$28137909]
AuthenticationViaFormAction - (Any field is allowed)
[java] DEBUG [2009-10-19 18:42:06,603] [http--8080-4$28137909]
AuthenticationViaFormAction - Binding completed for form object with name
'credentials', post-bind formObject toString = [username: [email protected]]
[java] DEBUG [2009-10-19 18:42:06,603] [http--8080-4$28137909]
AuthenticationViaFormAction - There are [0] errors, details: []
[java] DEBUG [2009-10-19 18:42:06,603] [http--8080-4$28137909]
AuthenticationViaFormAction - Executing validation
[java] DEBUG [2009-10-19 18:42:06,603] [http--8080-4$28137909]
AuthenticationViaFormAction - Invoking validator
org.jasig.cas.validation.usernamepasswordcredentialsvalida...@186330
[java] DEBUG [2009-10-19 18:42:06,603] [http--8080-4$28137909]
AuthenticationViaFormAction - Validation completed for form object
[java] DEBUG [2009-10-19 18:42:06,603] [http--8080-4$28137909]
AuthenticationViaFormAction - There are [0] errors, details: []
[java] DEBUG [2009-10-19 18:42:06,603] [http--8080-4$28137909]
AuthenticationViaFormAction - Putting form errors instance in scope Flash
[java] DEBUG [2009-10-19 18:42:06,603] [http--8080-4$28137909]
AuthenticationViaFormAction - Action 'AuthenticationViaFormAction' completed
execution; result is 'success'
[java] DEBUG [2009-10-19 18:42:06,603] [http--8080-4$28137909]
AuthenticationViaFormAction - Action 'AuthenticationViaFormAction' beginning
execution
[java] DEBUG [2009-10-19 18:42:06,603] [http--8080-4$28137909]
AuthenticationViaFormAction - Found existing form object with name
'credentials' of type [class
org.jasig.cas.authentication.principal.UsernamePasswordCredentials] in scope
Flow
[java] DEBUG [2009-10-19 18:42:06,680] [http--8080-4$28137909]
CentralAuthenticationServiceImpl - Attempting to create TicketGrantingTicket
for [username: [email protected]]
[java] INFO [2009-10-19 18:42:06,960] [http--8080-4$28137909]
AuthenticationManagerImpl - AuthenticationHandler:
com.homeaway.bluesun.cas.authentication.BluesunAuthenticationHandler
successfully authenticated the user which provided the following cre
entials: [username: [email protected]]
[java] DEBUG [2009-10-19 18:42:06,960] [http--8080-4$28137909]
UsernamePasswordCredentialsToPrincipalResolver - Attempting to resolve a
principal...
[java] DEBUG [2009-10-19 18:42:06,976] [http--8080-4$28137909]
UsernamePasswordCredentialsToPrincipalResolver - Creating SimplePrincipal for
[[email protected]]
[java] DEBUG [2009-10-19 18:42:07,380] [http--8080-4$28137909]
CookieRetrievingCookieGenerator - Removed cookie with name [CASPRIVACY]
[java] DEBUG [2009-10-19 18:42:07,380] [http--8080-4$28137909]
AuthenticationViaFormAction - Action 'AuthenticationViaFormAction' completed
execution; result is 'success'
[java] DEBUG [2009-10-19 18:42:07,380] [http--8080-4$28137909]
SendTicketGrantingTicketAction - Action 'SendTicketGrantingTicketAction'
beginning execution
[java] DEBUG [2009-10-19 18:42:07,380] [http--8080-4$28137909]
CookieRetrievingCookieGenerator - Added cookie with name [CASTGC] and value
[TGT-1-qY4l1fDjtUvYI6RLfPuvcpLVcG0EmfAe60nKduydDNhXeIhd6y-localhost:8080]
[java] DEBUG [2009-10-19 18:42:07,380] [http--8080-4$28137909]
SendTicketGrantingTicketAction - Action 'SendTicketGrantingTicketAction'
completed execution; result is 'success'
[java] DEBUG [2009-10-19 18:42:07,395] [http--8080-4$28137909]
GenerateServiceTicketAction - Action 'GenerateServiceTicketAction' beginning
execution
[java] INFO [2009-10-19 18:42:07,473] [http--8080-4$28137909]
CentralAuthenticationServiceImpl - Granted service ticket
[ST-1-SIy6TrgD7FbTdxKoANnU-localhost:8080] for service
[http://localhost:8084/reviews/demo] for user [[email protected]]
[java] DEBUG [2009-10-19 18:42:07,519] [http--8080-4$28137909]
GenerateServiceTicketAction - Action 'GenerateServiceTicketAction' completed
execution; result is 'success'
[java] DEBUG [2009-10-19 18:42:07,675] [http--8080-11$30385692]
SamlArgumentExtractor - Extractor generated service for:
http://localhost:8084/reviews/demo
[java] DEBUG [2009-10-19 18:43:20,449] [http--8080-10$24447827]
InitialFlowSetupAction - Action 'InitialFlowSetupAction' beginning execution
[java] DEBUG [2009-10-19 18:43:20,449] [http--8080-10$24447827]
CasArgumentExtractor - Extractor generated service for:
http://localhost:8081/secured/account/editAccount.htm
[java] DEBUG [2009-10-19 18:43:20,449] [http--8080-10$24447827]
InitialFlowSetupAction - Placing service in FlowScope:
http://localhost:8081/secured/account/editAccount.htm
[java] DEBUG [2009-10-19 18:43:20,449] [http--8080-10$24447827]
InitialFlowSetupAction - Action 'InitialFlowSetupAction' completed execution;
result is 'success'
[java] DEBUG [2009-10-19 18:43:20,449] [http--8080-10$24447827]
AuthenticationViaFormAction - Action 'AuthenticationViaFormAction' beginning
execution
[java] DEBUG [2009-10-19 18:43:20,449] [http--8080-10$24447827]
AuthenticationViaFormAction - Executing setupForm
[java] DEBUG [2009-10-19 18:43:20,449] [http--8080-10$24447827]
AuthenticationViaFormAction - Creating new form object with name 'credentials'
[java] DEBUG [2009-10-19 18:43:20,449] [http--8080-10$24447827]
AuthenticationViaFormAction - Creating new instance of form object class [class
org.jasig.cas.authentication.principal.UsernamePasswordCredentials]
[java] DEBUG [2009-10-19 18:43:20,449] [http--8080-10$24447827]
AuthenticationViaFormAction - Putting form object of type [class
org.jasig.cas.authentication.principal.UsernamePasswordCredentials] in scope
Flow with name 'credentials'
[java] DEBUG [2009-10-19 18:43:20,449] [http--8080-10$24447827]
AuthenticationViaFormAction - Creating new form errors for object with name
'credentials'
[java] DEBUG [2009-10-19 18:43:20,449] [http--8080-10$24447827]
AuthenticationViaFormAction - No property editor registrar set, no custom
editors to register
[java] DEBUG [2009-10-19 18:43:20,449] [http--8080-10$24447827]
AuthenticationViaFormAction - Putting form errors instance in scope Flash
[java] DEBUG [2009-10-19 18:43:20,449] [http--8080-10$24447827]
AuthenticationViaFormAction - Action 'AuthenticationViaFormAction' completed
execution; result is 'success'
[java] DEBUG [2009-10-19 18:43:20,480] [http--8080-10$24447827]
AuthenticationViaFormAction - Action 'AuthenticationViaFormAction' beginning
execution
[java] DEBUG [2009-10-19 18:43:20,480] [http--8080-10$24447827]
AuthenticationViaFormAction - Action 'AuthenticationViaFormAction' completed
execution; result is 'success'
[java] DEBUG [2009-10-19 18:45:18,943] [http--8080-12$2548297]
InitialFlowSetupAction - Action 'InitialFlowSetupAction' beginning execution
[java] DEBUG [2009-10-19 18:45:18,943] [http--8080-12$2548297]
CasArgumentExtractor - Extractor generated service for:
http://localhost:8081/secured/account/editAccount.htm
[java] DEBUG [2009-10-19 18:45:18,943] [http--8080-12$2548297]
InitialFlowSetupAction - Placing service in FlowScope:
http://localhost:8081/secured/account/editAccount.htm
[java] DEBUG [2009-10-19 18:45:18,943] [http--8080-12$2548297]
InitialFlowSetupAction - Action 'InitialFlowSetupAction' completed execution;
result is 'success'
[java] DEBUG [2009-10-19 18:45:18,943] [http--8080-12$2548297]
AuthenticationViaFormAction - Action 'AuthenticationViaFormAction' beginning
execution
[java] DEBUG [2009-10-19 18:45:18,943] [http--8080-12$2548297]
AuthenticationViaFormAction - Executing setupForm
[java] DEBUG [2009-10-19 18:45:18,943] [http--8080-12$2548297]
AuthenticationViaFormAction - Creating new form object with name 'credentials'
[java] DEBUG [2009-10-19 18:45:18,943] [http--8080-12$2548297]
AuthenticationViaFormAction - Creating new instance of form object class [class
org.jasig.cas.authentication.principal.UsernamePasswordCredentials]
[java] DEBUG [2009-10-19 18:45:18,943] [http--8080-12$2548297]
AuthenticationViaFormAction - Putting form object of type [class
org.jasig.cas.authentication.principal.UsernamePasswordCredentials] in scope
Flow with name 'credentials'
[java] DEBUG [2009-10-19 18:45:18,943] [http--8080-12$2548297]
AuthenticationViaFormAction - Creating new form errors for object with name
'credentials'
[java] DEBUG [2009-10-19 18:45:18,974] [http--8080-12$2548297]
AuthenticationViaFormAction - No property editor registrar set, no custom
editors to register
[java] DEBUG [2009-10-19 18:45:18,974] [http--8080-12$2548297]
AuthenticationViaFormAction - Putting form errors instance in scope Flash
[java] DEBUG [2009-10-19 18:45:18,974] [http--8080-12$2548297]
AuthenticationViaFormAction - Action 'AuthenticationViaFormAction' completed
execution; result is 'success'
[java] DEBUG [2009-10-19 18:45:18,974] [http--8080-12$2548297]
AuthenticationViaFormAction - Action 'AuthenticationViaFormAction' beginning
execution
[java] DEBUG [2009-10-19 18:45:18,974] [http--8080-12$2548297]
AuthenticationViaFormAction - Action 'AuthenticationViaFormAction' completed
execution; result is 'success'
[java] DEBUG [2009-10-19 18:45:21,283] [http--8080-12$31690392]
InitialFlowSetupAction - Action 'InitialFlowSetupAction' beginning execution
[java] DEBUG [2009-10-19 18:45:21,283] [http--8080-12$31690392]
CasArgumentExtractor - Extractor generated service for:
http://localhost:8081/secured/account/editAccount.htm
[java] DEBUG [2009-10-19 18:45:21,283] [http--8080-12$31690392]
InitialFlowSetupAction - Placing service in FlowScope:
http://localhost:8081/secured/account/editAccount.htm
[java] DEBUG [2009-10-19 18:45:21,283] [http--8080-12$31690392]
InitialFlowSetupAction - Action 'InitialFlowSetupAction' completed execution;
result is 'success'
[java] DEBUG [2009-10-19 18:45:21,283] [http--8080-12$31690392]
AuthenticationViaFormAction - Action 'AuthenticationViaFormAction' beginning
execution
[java] DEBUG [2009-10-19 18:45:21,283] [http--8080-12$31690392]
AuthenticationViaFormAction - Executing setupForm
[java] DEBUG [2009-10-19 18:45:21,283] [http--8080-12$31690392]
AuthenticationViaFormAction - Creating new form object with name 'credentials'
[java] DEBUG [2009-10-19 18:45:21,283] [http--8080-12$31690392]
AuthenticationViaFormAction - Creating new instance of form object class [class
org.jasig.cas.authentication.principal.UsernamePasswordCredentials]
[java] DEBUG [2009-10-19 18:45:21,283] [http--8080-12$31690392]
AuthenticationViaFormAction - Putting form object of type [class
org.jasig.cas.authentication.principal.UsernamePasswordCredentials] in scope
Flow with name 'credentials'
[java] DEBUG [2009-10-19 18:45:21,283] [http--8080-12$31690392]
AuthenticationViaFormAction - Creating new form errors for object with name
'credentials'
[java] DEBUG [2009-10-19 18:45:21,283] [http--8080-12$31690392]
AuthenticationViaFormAction - No property editor registrar set, no custom
editors to register
[java] DEBUG [2009-10-19 18:45:21,283] [http--8080-12$31690392]
AuthenticationViaFormAction - Putting form errors instance in scope Flash
[java] DEBUG [2009-10-19 18:45:21,283] [http--8080-12$31690392]
AuthenticationViaFormAction - Action 'AuthenticationViaFormAction' completed
execution; result is 'success'
[java] DEBUG [2009-10-19 18:45:21,314] [http--8080-12$31690392]
AuthenticationViaFormAction - Action 'AuthenticationViaFormAction' beginning
execution
[java] DEBUG [2009-10-19 18:45:21,314] [http--8080-12$31690392]
AuthenticationViaFormAction - Action 'AuthenticationViaFormAction' completed
execution; result is 'success'
<<<
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
