Its actually a much simpler configuration: https://fisheye.springsource.org/browse/spring-security/samples/cas/client/src/main/webapp/WEB-INF/applicationContext-security.xml?r=HEAD
That should get you started. (You'll also need some config in the web.xml) Cheers, Scott On Tue, May 4, 2010 at 7:58 AM, Arjan Seesing <[email protected]> wrote: > I figured so much. Can you guestamate how much work it is to upgrade to > Spring Security 3.0.x? Is this almost a dropin replacement? > > Arjan Seesing > > > On Mon, May 3, 2010 at 19:04, Scott Battaglia-2 [via Jasig] <[hidden > email] <http://user/SendEmail.jtp?type=node&node=2125375&i=0>> wrote: > >> I don't know how much help you'll get here. Acegi Security 1.0.6 is >> extremely old (they are currently on Spring Security 3.0.x). >> >> >> On Mon, May 3, 2010 at 11:16 AM, Arjan Seesing <[hidden >> email]<http://user/SendEmail.jtp?type=node&node=2124259&i=0> >> > wrote: >> >>> >>> Hello, >>> >>> We implemented a CAS client in our web application. This application was >>> setup with Acegi security in the past, so we used the acegi cas client >>> (acegi-security-1.0.6.jar and the casclient.jar from yale.edu). With the >>> example configurations it all works correctly. But when we went into >>> production and the production server seems to be a lot slower with the >>> CAS >>> client than without. So much so that the server is so overloaded that >>> people >>> are not able to work. >>> >>> We reproduced the slowness in our test environment, but we're not able to >>> pinpoint the cause of the slowdown. We used a profiler, but everything >>> seems >>> to be slower, not some call in the cas client code. >>> >>> Has anyone seen this happen before? >>> Below is the cas part of the configuration, but it all seems very >>> standard. >>> >>> <bean id="casProcessingFilter" >>> class="org.acegisecurity.ui.cas.CasProcessingFilter"> >>> <property name="authenticationManager"> >>> <ref bean="authenticationManager" /> >>> </property> >>> <property name="authenticationFailureUrl" >>> value="/casfailed.jsp"/> >>> <property name="defaultTargetUrl" >>> value="/faces/pages/start.xhtml"/> >>> <property name="filterProcessesUrl" >>> value="/j_acegi_cas_security_check" /> >>> <property name="alwaysUseDefaultTargetUrl" value="false" >>> /> >>> </bean> >>> >>> <bean id="casProcessingFilterEntryPoint" >>> class="org.acegisecurity.ui.cas.CasProcessingFilterEntryPoint"> >>> <property name="loginUrl"> >>> <value>${sso.server.path}/login</value> >>> </property> >>> <property name="serviceProperties"> >>> <ref bean="serviceProperties" /> >>> </property> >>> </bean> >>> >>> <bean id="exceptionTranslationFilter" >>> class="org.acegisecurity.ui.ExceptionTranslationFilter"> >>> <property name="authenticationEntryPoint"> >>> <ref local="casProcessingFilterEntryPoint" /> >>> </property> >>> </bean> >>> >>> <bean id="serviceProperties" >>> class="org.acegisecurity.ui.cas.ServiceProperties"> >>> <property name="service"> >>> >>> <value>${context.server.path}/j_acegi_cas_security_check</value> >>> </property> >>> <property name="sendRenew"> >>> <value>false</value> >>> </property> >>> </bean> >>> >>> <bean id="authenticationManager" >>> class="org.acegisecurity.providers.ProviderManager"> >>> <property name="providers"> >>> <list> >>> <ref bean="casAuthenticationProvider" /> >>> <bean >>> >>> class="org.acegisecurity.providers.anonymous.AnonymousAuthenticationProvider"> >>> <property name="key" >>> value="_hubview_v3_"/> >>> </bean> >>> </list> >>> </property> >>> </bean> >>> >>> <bean id="casAuthenticationProvider" >>> >>> class="org.acegisecurity.providers.cas.CasAuthenticationProvider"> >>> <property name="casAuthoritiesPopulator"> >>> <ref bean="casAuthoritiesPopulator" /> >>> </property> >>> <property name="casProxyDecider"> >>> <ref bean="casProxyDecider" /> >>> </property> >>> <property name="ticketValidator"> >>> <ref bean="casProxyTicketValidator" /> >>> </property> >>> <property name="statelessTicketCache"> >>> <ref bean="statelessTicketCache" /> >>> </property> >>> <property name="key"> >>> >>> <value>my_password_for_this_auth_provider_only</value> >>> </property> >>> </bean> >>> >>> <bean id="casProxyTicketValidator" >>> >>> >>> class="org.acegisecurity.providers.cas.ticketvalidator.CasProxyTicketValidator"> >>> <property name="casValidate"> >>> <value>${sso.server.path}/proxyValidate</value> >>> </property> >>> <!-- property name="proxyCallbackUrl"> >>> <value> >>> https://localhost:8443/contacts-cas/casProxy/receptor</value> >>> </property--> >>> <property name="serviceProperties"> >>> <ref bean="serviceProperties" /> >>> </property> >>> <!--property >>> >>> name="trustStore"><value>/some/path/to/your/lib/security/cacerts</value></property--> >>> </bean> >>> >>> <bean id="cacheManager" >>> >>> class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean"> >>> <property name="configLocation"> >>> <value>classpath:/ehcache.xml</value> >>> </property> >>> </bean> >>> >>> <bean id="ticketCacheBackend" >>> class="org.springframework.cache.ehcache.EhCacheFactoryBean"> >>> <property name="cacheManager"> >>> <ref local="cacheManager" /> >>> </property> >>> <property name="cacheName"> >>> <value>ticketCache</value> >>> </property> >>> </bean> >>> >>> <bean id="statelessTicketCache" >>> >>> class="org.acegisecurity.providers.cas.cache.EhCacheBasedTicketCache"> >>> <property name="cache"> >>> <ref local="ticketCacheBackend" /> >>> </property> >>> </bean> >>> >>> <bean id="casAuthoritiesPopulator" >>> >>> >>> class="org.acegisecurity.providers.cas.populator.DaoCasAuthoritiesPopulator"> >>> <property name="userDetailsService"> >>> <ref bean="acegiSecurityService" /> >>> </property> >>> </bean> >>> >>> <bean id="casProxyDecider" >>> >>> class="org.acegisecurity.providers.cas.proxy.RejectProxyTickets" /> >>> >>> Regards, >>> >>> Arjan Seesing >>> -- >>> View this message in context: >>> http://jasig.275507.n4.nabble.com/CAS-Acegi-client-seems-to-make-the-application-a-lot-slower-tp2124112p2124112.html >>> Sent from the CAS Users mailing list archive at Nabble.com. >>> >>> -- >>> You are currently subscribed to [hidden >>> email]<http://user/SendEmail.jtp?type=node&node=2124259&i=1>as: [hidden >>> email] <http://user/SendEmail.jtp?type=node&node=2124259&i=2> >>> >>> To unsubscribe, change settings or access archives, see >>> http://www.ja-sig.org/wiki/display/JSG/cas-user >>> >> >> -- >> You are currently subscribed to [hidden email] >> <http://user/SendEmail.jtp?type=node&node=2124259&i=3> as: [hidden email] >> <http://user/SendEmail.jtp?type=node&node=2124259&i=4> >> >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/display/JSG/cas-user >> >> >> >> ------------------------------ >> View message @ >> http://jasig.275507.n4.nabble.com/CAS-Acegi-client-seems-to-make-the-application-a-lot-slower-tp2124112p2124259.html >> To unsubscribe from CAS Acegi client seems to make the application a lot >> slower, click here. >> >> > > ------------------------------ > View this message in context: Re: CAS Acegi client seems to make the > application a lot > slower<http://jasig.275507.n4.nabble.com/CAS-Acegi-client-seems-to-make-the-application-a-lot-slower-tp2124112p2125375.html> > > Sent from the CAS Users mailing list > archive<http://jasig.275507.n4.nabble.com/CAS-Users-f255676.html>at > Nabble.com. > > -- > You are currently subscribed to [email protected] as: > [email protected] > > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
