Your configuration looks correct so I don't see why its not working. Can you remote debug your Tomcat instance and see if the wrapper is getting executed?
On Thu, Jul 1, 2010 at 10:41 AM, jean linlin <[email protected]> wrote: > > Yes it well went through CAS Authentication . > There's a service Ticket generated by CAS . > We can see in the following log the call of AuthenticationFilter and > Cas20ProxyReceivingTicketValidationFilter but nothing about > HttpServletRequestWrapperFilter ? > > Here is my log File ( the beginning of the log is the user recovery through > Kerberos ) > my username is 'Administrateur' : > > 2010-07-01 16:10:41,202 DEBUG > [org.jasig.cas.client.authentication.AuthenticationFilter] - no ticket and > no assertion found > 2010-07-01 16:10:41,203 DEBUG > [org.jasig.cas.client.authentication.AuthenticationFilter] - Constructed > service url: https://xxxx:8443/PrjTestSihTom > 2010-07-01 16:10:41,203 DEBUG > [org.jasig.cas.client.authentication.AuthenticationFilter] - redirecting to > " > https://xxxx:8443/cas_tom/login?service=https%3A%2F%2Fdebianportail.adportail.net%3A8443%2FPrjTestSihTom > " > 2010-07-01 16:10:41,354 DEBUG > [org.jasig.cas.web.flow.InitialFlowSetupAction] - Action > 'InitialFlowSetupAction' beginning execution > 2010-07-01 16:10:41,354 DEBUG > [org.jasig.cas.web.support.CasArgumentExtractor] - Extractor generated > service for: https://xxxx:8443/PrjTestSihTom > 2010-07-01 16:10:41,354 DEBUG > [org.jasig.cas.web.flow.InitialFlowSetupAction] - Placing service in > FlowScope: https://xxxx:8443/PrjTestSihTom > 2010-07-01 16:10:41,355 DEBUG > [org.jasig.cas.web.flow.InitialFlowSetupAction] - Action > 'InitialFlowSetupAction' completed execution; result is 'success' > 2010-07-01 16:10:41,355 DEBUG > [org.jasig.cas.support.spnego.web.flow.SpnegoNegociateCredentialsAction] - > Action 'SpnegoNegociateCredentialsAction' beginning execution > 2010-07-01 16:10:41,355 DEBUG > [org.jasig.cas.support.spnego.web.flow.SpnegoNegociateCredentialsAction] - > Authorization header not found. Sending WWW-Authenticate header > 2010-07-01 16:10:41,356 DEBUG > [org.jasig.cas.support.spnego.web.flow.SpnegoNegociateCredentialsAction] - > Action 'SpnegoNegociateCredentialsAction' completed execution; result is > 'success' > 2010-07-01 16:10:41,356 DEBUG > [org.jasig.cas.support.spnego.web.flow.SpnegoCredentialsAction] - Action > 'SpnegoCredentialsAction' beginning execution > 2010-07-01 16:10:41,356 DEBUG > [org.jasig.cas.support.spnego.web.flow.SpnegoCredentialsAction] - Action > 'SpnegoCredentialsAction' completed execution; result is 'error' > 2010-07-01 16:10:41,356 DEBUG > [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Action > 'AuthenticationViaFormAction' beginning execution > 2010-07-01 16:10:41,357 DEBUG > [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Executing setupForm > 2010-07-01 16:10:41,357 DEBUG > [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Creating new form > object with name 'credentials' > 2010-07-01 16:10:41,357 DEBUG > [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Creating new > instance > of form object class [class > org.jasig.cas.authentication.principal.UsernamePasswordCredentials] > 2010-07-01 16:10:41,357 DEBUG > [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Putting form object > of type [class > org.jasig.cas.authentication.principal.UsernamePasswordCredentials] in > scope > Flow with name 'credentials' > 2010-07-01 16:10:41,358 DEBUG > [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Creating new form > errors for object with name 'credentials' > 2010-07-01 16:10:41,358 DEBUG > [org.jasig.cas.web.flow.AuthenticationViaFormAction] - No property editor > registrar set, no custom editors to register > 2010-07-01 16:10:41,358 DEBUG > [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Putting form errors > instance in scope Flash > 2010-07-01 16:10:41,358 DEBUG > [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Action > 'AuthenticationViaFormAction' completed execution; result is 'success' > 2010-07-01 16:10:41,359 DEBUG > [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Action > 'AuthenticationViaFormAction' beginning execution > 2010-07-01 16:10:41,359 DEBUG > [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Action > 'AuthenticationViaFormAction' completed execution; result is 'success' > 2010-07-01 16:10:41,387 DEBUG > [org.jasig.cas.web.flow.InitialFlowSetupAction] - Action > 'InitialFlowSetupAction' beginning execution > 2010-07-01 16:10:41,387 DEBUG > [org.jasig.cas.web.support.CasArgumentExtractor] - Extractor generated > service for: https://xxxx:8443/PrjTestSihTom > 2010-07-01 16:10:41,387 DEBUG > [org.jasig.cas.web.flow.InitialFlowSetupAction] - Placing service in > FlowScope: https://xxxx:8443/PrjTestSihTom > 2010-07-01 16:10:41,387 DEBUG > [org.jasig.cas.web.flow.InitialFlowSetupAction] - Action > 'InitialFlowSetupAction' completed execution; result is 'success' > 2010-07-01 16:10:41,388 DEBUG > [org.jasig.cas.support.spnego.web.flow.SpnegoNegociateCredentialsAction] - > Action 'SpnegoNegociateCredentialsAction' beginning execution > 2010-07-01 16:10:41,388 DEBUG > [org.jasig.cas.support.spnego.web.flow.SpnegoNegociateCredentialsAction] - > Action 'SpnegoNegociateCredentialsAction' completed execution; result is > 'success' > 2010-07-01 16:10:41,388 DEBUG > [org.jasig.cas.support.spnego.web.flow.SpnegoCredentialsAction] - Action > 'SpnegoCredentialsAction' beginning execution > 2010-07-01 16:10:41,388 DEBUG > [org.jasig.cas.support.spnego.web.flow.SpnegoCredentialsAction] - SPNEGO > Authorization header found with 1748 bytes > 2010-07-01 16:10:41,394 DEBUG > [org.jasig.cas.support.spnego.web.flow.SpnegoCredentialsAction] - Obtained > token: `� + �� > 0� �$0" *�H�� *�H�� > + �7 > �� � � �`� � *�H�� > n� �0�  � � �� �a� �0� Ü ï¿½ > ADPORTAIL.NET�.0,� �%0# HTTP debianportail.adportail.net�� > �0� �� � �� � � |��TS��Tȉ��bW��s > >� �2j�y�� Z r�z"��Yj�W#�� > �Z > ����)ve ��>� �4cH��I8��� > �Y�A��+��$��% @jp��{�)å“žq�3ķ� > �LO_ �~~ �[= ݛ�� �` e� > �JF VnO�]��p �� ���6p.e��f8� �u}�G���+ > ^q�H �˴�cq T���q����n�. > �� %5R��rQ� M�� k�_�0��� > ���\�� (�xN^�U�m ��&?R�ł�Vz�JP � > 7v � %�̫�gؑ��� �S2Dud > �� k���f� > ��?��}�?���g����)��5\�-�}4 � �� > 2ij��< ��V `� ����P;� ���� -M�� > w � :>��n� ��R�̿_�:�+ ��N > ï¿...@��[�n���2�� �"� > �i��Qn��YCh�+?�mlo�1)� tk� �n8�b6F� > ���˘���'�� > L�9����[����’D���m4vȞ�< eÈ>am�Nk<& > .<U� ����)?,���)��cz&�3�����rT�F!� > �X� +!�R�w�G>� �<� �ʶ > > K hb 99�_� ���'�0�="��g#nV *b f��*a��8f�� > �iG ��6�XgI�I�� �BYP�~��'��J�T�B�c"� > 4 �gF?���c���\ϺA� 3ħ���B > iF5���A}��-�� (�x� > $3��솄�R �A܃UB��K �� > 0��2�ۻ�� Ó–h'uv� sXç¡© �tM��1�����3�+ .L5 > ���噛� ' �]+h���q_����XE�� YÎ h� 5& > vXw�� > �� > �� �F�� > �"r�!Ì© ��XݘA�� ;� pÒƒKC]����k=G �xP��� > ���9��j lv] > ,��E, l�F��Ll�X�4�� k)����0��� ��� > ��W � ��fV���و� > j�C���Z�E�-���Y�])���b��MD�7uvݶ�2P6�� > mR=� s\�n� > ��s�'�C�m \�O��eË � �]��� ï¿½ç ©ï¿½[; ï¿½ï¿½ï¿½Þ > ��}ÀC�����i�1��]!h, > �E� m���#� ��6`�:3�x���YO� �� ;� > lp責d=d����Y�I� > 2010-07-01 16:10:41,395 DEBUG > [org.jasig.cas.CentralAuthenticationServiceImpl] - Attempting to create > TicketGrantingTicket for Principal is null > 2010-07-01 16:10:41,434 DEBUG > > [org.jasig.cas.support.spnego.authentication.handler.support.JCIFSSpnegoAuthenticationHandler] > - Setting nextToken in credentials > 2010-07-01 16:10:41,434 DEBUG > > [org.jasig.cas.support.spnego.authentication.handler.support.JCIFSSpnegoAuthenticationHandler] > - Kerberos Credentials is valid for user [[email protected]] > 2010-07-01 16:10:41,434 INFO > [org.jasig.cas.authentication.AuthenticationManagerImpl] - > AuthenticationHandler: > > org.jasig.cas.support.spnego.authentication.handler.support.JCIFSSpnegoAuthenticationHandler > successfully authenticated the user which provided the following > credentials: Administrateur > 2010-07-01 16:10:41,434 DEBUG > > [org.jasig.cas.support.spnego.authentication.principal.SpnegoCredentialsToPrincipalResolver] > - Attempting to resolve a principal... > 2010-07-01 16:10:41,435 DEBUG > > [org.jasig.cas.support.spnego.authentication.principal.SpnegoCredentialsToPrincipalResolver] > - Creating SimplePrincipal for [Administrateur] > 2010-07-01 16:10:41,436 DEBUG > [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - Added ticket > [TGT-5-jWarrLq2HUDLsurKthTdzfVgbTzigFlCHC3xFcWmRbjK5SfcJD-cas_tom] to > registry. > 2010-07-01 16:10:41,436 DEBUG > [org.jasig.cas.support.spnego.web.flow.SpnegoCredentialsAction] - Obtained > output token: � 0}� > � *�H�� �i g`e *�H�� > oV0T� � �H0F� �? =�w�[ �>�� N Ô˜t��� > � ��c�jy�*!?�g?�I=��{�HlI�P�%=A�� JQ|N > 2010-07-01 16:10:41,436 DEBUG > [org.jasig.cas.support.spnego.web.flow.SpnegoCredentialsAction] - Action > 'SpnegoCredentialsAction' completed execution; result is 'success' > 2010-07-01 16:10:41,436 DEBUG > [org.jasig.cas.web.flow.SendTicketGrantingTicketAction] - Action > 'SendTicketGrantingTicketAction' beginning execution > 2010-07-01 16:10:41,436 DEBUG > [org.jasig.cas.web.support.CookieRetrievingCookieGenerator] - Added cookie > with name [CASTGC] and value > [TGT-5-jWarrLq2HUDLsurKthTdzfVgbTzigFlCHC3xFcWmRbjK5SfcJD-cas_tom] > 2010-07-01 16:10:41,437 DEBUG > [org.jasig.cas.web.flow.SendTicketGrantingTicketAction] - Action > 'SendTicketGrantingTicketAction' completed execution; result is 'success' > 2010-07-01 16:10:41,437 DEBUG > [org.jasig.cas.web.flow.GenerateServiceTicketAction] - Action > 'GenerateServiceTicketAction' beginning execution > 2010-07-01 16:10:41,437 DEBUG > [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - Attempting to > retrieve ticket > [TGT-5-jWarrLq2HUDLsurKthTdzfVgbTzigFlCHC3xFcWmRbjK5SfcJD-cas_tom] > 2010-07-01 16:10:41,437 DEBUG > [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - Ticket > [TGT-5-jWarrLq2HUDLsurKthTdzfVgbTzigFlCHC3xFcWmRbjK5SfcJD-cas_tom] found in > registry. > 2010-07-01 16:10:41,438 DEBUG > [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - Added ticket > [ST-6-PgQKyxGA7R4iXemQr9M6-cas_tom] to registry. > 2010-07-01 16:10:41,438 INFO > [org.jasig.cas.CentralAuthenticationServiceImpl] - Granted service ticket > [ST-6-PgQKyxGA7R4iXemQr9M6-cas_tom] for service > [https://xxxx:8443/PrjTestSihTom] for user [Administrateur] > 2010-07-01 16:10:41,438 DEBUG > [org.jasig.cas.web.flow.GenerateServiceTicketAction] - Action > 'GenerateServiceTicketAction' completed execution; result is 'success' > 2010-07-01 16:10:41,444 DEBUG > [org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter] > - Attempting to validate ticket: ST-6-PgQKyxGA7R4iXemQr9M6-cas_tom > 2010-07-01 16:10:41,445 DEBUG > [org.jasig.cas.client.validation.Cas20ServiceTicketValidator] - Placing URL > parameters in map. > 2010-07-01 16:10:41,445 DEBUG > [org.jasig.cas.client.validation.Cas20ServiceTicketValidator] - Calling > template URL attribute map. > 2010-07-01 16:10:41,446 DEBUG > [org.jasig.cas.client.validation.Cas20ServiceTicketValidator] - Loading > custom parameters from configuration. > 2010-07-01 16:10:41,446 DEBUG > [org.jasig.cas.client.validation.Cas20ServiceTicketValidator] - > Constructing > validation url: > > https://xxxx:8443/cas_tom/serviceValidate?ticket=ST-6-PgQKyxGA7R4iXemQr9M6-cas_tom&service=https%3A%2F%2Fdebianportail.adportail.net%3A8443%2FPrjTestSihTom > 2010-07-01 16:10:41,446 DEBUG > [org.jasig.cas.client.validation.Cas20ServiceTicketValidator] - Retrieving > response from server. > 2010-07-01 16:10:41,467 DEBUG > [org.jasig.cas.web.support.CasArgumentExtractor] - Extractor generated > service for: https://xxxx:8443/PrjTestSihTom > 2010-07-01 16:10:41,469 DEBUG > [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - Attempting to > retrieve ticket [ST-6-PgQKyxGA7R4iXemQr9M6-cas_tom] > 2010-07-01 16:10:41,469 DEBUG > [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - Ticket > [ST-6-PgQKyxGA7R4iXemQr9M6-cas_tom] found in registry. > 2010-07-01 16:10:41,469 DEBUG > [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - Removing ticket > [ST-6-PgQKyxGA7R4iXemQr9M6-cas_tom] from registry > 2010-07-01 16:10:41,479 DEBUG > [org.jasig.cas.client.validation.Cas20ServiceTicketValidator] - Server > response: <cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'> > <cas:authenticationSuccess> > <cas:user>Administrateur</cas:user> > > > </cas:authenticationSuccess> > </cas:serviceResponse> > > 2010-07-01 16:10:41,484 INFO > [org.jasig.cas.client.proxy.ProxyGrantingTicketStorageImpl] - No Proxy > Ticket found for > 2010-07-01 16:10:41,484 DEBUG > [org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter] > - Successfully authenticated user: Administrateur > 2010-07-01 16:10:41,485 DEBUG > [org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter] > - Redirecting after successful ticket validation. > > > > thanks in advance! > -- > View this message in context: > http://jasig.275507.n4.nabble.com/Authentication-Kerberos-correct-But-RemoteUser-is-always-Null-tp2272739p2275264.html > Sent from the CAS Users mailing list archive at Nabble.com. > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
