Hi All I hope someone can help me. I have successfully implemented
Spring security and CAS for a web application. Now I want to use the
same approach for another app but I need to authenticate again for the
second app, not really SSO at all!
Here is my relevant config:
Code:
<?xml version="1.0" encoding="UTF-8"?>
<beans ...>
<bean id="serviceUrl" class="java.lang.String" >
<constructor-arg
value="http://d0309986:8010/MAP-QB/j_spring_cas_security_check"; />
</bean>
<bean id="casLoginUrl" class="java.lang.String" >
<constructor-arg value="http://d0309986:8010/cas/login"; />
</bean>
<bean id="accessDecisionManager"
class="org.springframework.security.vote.UnanimousBased">
<property name="decisionVoters">
<list>
<bean
class="org.springframework.security.vote.RoleVoter" />
</list>
</property>
</bean>
<bean id="authenticationController"
class="com.rsa.map.service.AuthenticationController">
<property name="authenticationService"
ref="authenticationService"/>
</bean>
<!-- Authentication Service -->
<security:authentication-manager alias="authenticationManager"/>
<bean id="authenticationService"
class="com.rsa.core.service.security.AuthenticationService">
<constructor-arg ref="authenticationManager" />
</bean>
<security:http entry-point-ref="casEntryPoint"
access-decision-manager-ref="accessDecisionManager">
<security:intercept-url pattern="/loginFlow.do" filters="none"/>
<security:intercept-url pattern="/mtaFlow.do" access="ROLE_USER"/>
</security:http>
<bean id="serviceProperties"
class="org.springframework.security.ui.cas.ServiceProperties">
<property name="service" ref="serviceUrl" />
<property name="sendRenew" value="false" />
</bean>
<bean id="casEntryPoint"
class="org.springframework.security.ui.cas.CasProcessingFilterEntryPoint">
<property name="loginUrl" ref="casLoginUrl" />
<property name="serviceProperties" ref="serviceProperties" />
</bean>
<bean id="casProcessingFilter"
class="org.springframework.security.ui.cas.CasProcessingFilter">
<security:custom-filter after="CAS_PROCESSING_FILTER" />
<property name="authenticationManager"
ref="authenticationManager" />
<property name="authenticationFailureUrl"
value="/casfailed.jsp" />
<property name="defaultTargetUrl" value="/" />
</bean>
<bean id="casAuthenticationProvider"
class="org.springframework.security.providers.cas.CasAuthenticationProvider">
<security:custom-authentication-provider />
<property name="userDetailsService" ref="userDetailsService" />
<property name="serviceProperties" ref="serviceProperties" />
<property name="ticketValidator">
<bean
class="org.jasig.cas.client.validation.Cas20ServiceTicketValidator">
<constructor-arg index="0"
value="http://d0309986:8010/cas"; />
</bean>
</property>
<property name="key" value="MAP" />
</bean>
<bean id="userDetailsService"
class="com.rsa.core.StubbedAuthenticationProvider" />
</beans>
The second webapp uses the same config with the exception of the
serviceUrl which is different
Can anyone see any glaring errors?
Thanks!
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
