CAS + Spring Security support doesn't support gateway at the moment. Its on my list of things to do but doesn't necessarily mesh well with the way Spring Security works.
Redirecting to j_spring_cas_security_check isn't going to get you anywhere I don't think. I'm not sure if you can combine it with the anonymous support. Cheers, Scott On Mon, Apr 19, 2010 at 3:58 PM, prasanna h <[email protected]> wrote: > Hi All, > > I put in the following logic to add a gateway parameter to the cas login > request(in case of access to a non-secure page). > > final String urlEncodedService = > CommonUtils.constructServiceUrl(httpRequest, > httpResponse, > getServiceProperties().getService(), > null, > "ticket", > true > ); > > String redirectUrl = > CommonUtils.constructRedirectUrl(casAuthenticationEntryPoint.getLoginUrl(), > "service", > urlEncodedService, > getServiceProperties().isSendRenew(), > true); > > httpResponse.sendRedirect(redirectUrl); > > If I'm already logged into CAS via client A, I'm able to login > automatically into client B and the gateway works as expected. > When I'm not logged into CAS, I would expect to be routed to my page > without the CAS login page presented(as gateway is 'true'). But I get the > following error > > *Authentication Failed: Failed to provide a CAS service ticket to validate > * > * > * > This is my service URL > http://localhost:9080/iped/j_spring_cas_security_check > > Am I missing something here? > * > * > Thanks, > Prasanna > * > * > * > * > On Sun, Apr 18, 2010 at 5:57 AM, prasanna <[email protected]> wrote: > >> Hi, >> I've integrated Spring Security 3 with CAS. I'm stuck as I attempt to use >> CAS as a gateway. >> >> My app has a few protected and unprotected pages with each page having a >> login/logout link. I access a secure page after authenticating with CAS. >> Accessing any page during that session would still display the logout >> link(indicating that the user has authenticated with CAS). >> >> Currently, when I try to access a non-secure page(when I'm still logged >> into CAS from another casified app or have a remember me cookie set by my >> cas server), I would expect myself to be logged in automatically. But the >> non-secure page still displays a login link(clicking which talks to CAS and >> logs me in automatically as I previously authenticated successfully and the >> browser has not been closed). >> >> I do not want to redirect the user to CAS login page if he tries to access >> a non-secure resource, I just need to validate behind the scene to check if >> he still logged into CAS and if not redirect him to the non-secure page as a >> guest user. >> >> Please let me know what I need to add to my security context to achieve >> this. >> >> Prasanna >> >> ps:I've attached my web.xml and security xml. >> -- >> You are currently subscribed to [email protected] as: >> [email protected] >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/display/JSG/cas-user > > > -- > You are currently subscribed to [email protected] as: > [email protected] > > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
