Marvin Addison wrote: > > I reviewed your web.xml, and it looks correct. Please turn up the > logging for org.jasig.cas.client to DEBUG and post the logs for a > request that should trigger the WebAuthenticationFilter. >
Hi, first of all there's been a minor glitch in my web.xml, namely the <security-constraint><web-resource-collection><url-pattern>/TestServlet</url-pattern> in turned out to be insufficient to "catch" request to e.g. /TestServlet?action=do. I've fixed that (by setting extending it to /TestServlet*) and now the output of the servlet (which calls EJBs via a remote interface) appears, but still - as if the user was unauthenticated. No redirect happens. I've turned the log level to DEBUG in the following categories: "org.jasig.cas.client", "org.jboss.security", "org.jboss.web.tomcat.security", "org.apache.catalina.core.ContainerBase". Unfortunately, there's not much to quote: 15:29:02,046 INFO [org.jasig.cas.client.jboss.authentication.WebAuthenticationFilter] User principal not found. Removing CAS assertion from session to force reauthentication. Just a single line per request. I've reviewed the the source code of WebAuthenticationFilter again and still don't see the redirection part. Could you enlighten me, please? I only see two things it does: authenticate in case of ticket presence and assertion absence or clear assertion in case of absence of the user principal. Thank you for your response and I hope you might have a clue what's going on, best regards, Maciek -- View this message in context: http://jasig.275507.n4.nabble.com/Problems-with-CAS-ifying-a-JEE-application-using-JAAS-tp3044438p3044940.html Sent from the CAS Users mailing list archive at Nabble.com. -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
