Hi
I m trying to integrate cas client (spring-security-cas-client) with spring
security.
My security/xml file is
<bean id="userDetailsService"
class="com.myapp.webapps.login.security.myappUserDetailsService">
<property name="userService" ref="UserService" />
</bean>
<bean id="loggerListener"
class="com.myapp.webapps.loginsystem.utils.LoginLogger">
<property name="securityLogger" ref="securityLogger" />
<property name="userService" ref="UserService" />
</bean>
<bean id="securityLogger"
class="com.myapp.webapps.loginsystem.utils.SecurityLogger" scope="singleton">
<property name="sessionFactory" ref="sessionFactory" />
</bean>
<security:http entry-point-ref="casProcessingFilterEntryPoint">
<security:intercept-url pattern="/"
access="IS_AUTHENTICATED_FULLY" />
<security:authentication-manager alias="authenticationManager"/>
<bean id="casProcessingFilter"
class="org.springframework.security.cas.web.CasAuthenticationFilter">
<security:custom-filter after="CAS_PROCESSING_FILTER"/>
<property name="authenticationManager" ref="authenticationManager"/>
<property name="authenticationFailureUrl"
value="http://localhost:8080/cas/authorizationFailure.jsp"/>
<property name="defaultTargetUrl" value="/"/>
</bean>
<bean id="casProcessingFilterEntryPoint"
class="org.springframework.security.cas.web.CasAuthenticationEntryPoint">
<property name="loginUrl" value="http://localhost:8080/cas/login"/>
<property name="serviceProperties" ref="serviceProperties"/>
</bean>
<bean id="casAuthenticationProvider"
class="org.springframework.security.cas.authentication.CasAuthenticationProvider">
<security:custom-authentication-provider />
<property name="userDetailsService" ref="userService"/>
<property name="serviceProperties" ref="serviceProperties" />
<property name="ticketValidator">
<bean class="org.jasig.cas.client.validation.Cas20ServiceTicketValidator">
<constructor-arg index="0" value="http://localhost:8080/cas"; />
</bean>
</property>
</bean>
<bean id="serviceProperties"
class="org.springframework.security.cas.ServiceProperties">
<property name="service" value="http://localhost/myapp/"/>
<property name="sendRenew" value="false"/>
</bean>
<bean id="exceptionTranslationFilter"
class="org.springframework.security.ui.ExceptionTranslationFilter">
<property name="authenticationEntryPoint"><ref
local="casProcessingFilterEntryPoint"/> </property>
</bean>
I run in to 404 error and catalina logs showing "ListenerStart Error" and
stdout logs is not showing any error. i attached my log file.
Can anybody tell me is there any problem in my security.xml file or any
suggestions on how to solve this.
Thanks.
Mala
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user2011-04-06 10:31:38,443 INFO
[org.jasig.cas.services.DefaultServicesManagerImpl] - <Loaded 4 services.>
2011-04-06 10:31:38,584 WARN
[org.jasig.cas.authentication.handler.support.myapp.CustomHandler] -
<org.jasig.cas.authentication.handler.support.myapp.CustomHandlerin a testing
environment.don't enable in a production>
2011-04-06 10:31:39,396 INFO
[org.jasig.cas.util.AutowiringSchedulerFactoryBean] - <Starting Quartz
Scheduler now>
2011-04-06 10:31:49,787 INFO [org.springframework.web.context.ContextLoader] -
<Root WebApplicationContext: initialization started>
2011-04-06 10:31:49,818 INFO
[org.springframework.web.context.support.XmlWebApplicationContext] -
<Refreshing Root WebApplicationContext: startup date [Wed Apr 06 10:31:49 CDT
2011]; root of context hierarchy>
2011-04-06 10:31:49,881 INFO
[org.springframework.beans.factory.xml.XmlBeanDefinitionReader] - <Loading XML
bean definitions from ServletContext resource
[/WEB-INF/spring-configuration/ticketRegistry.xml]>
2011-04-06 10:31:49,974 INFO
[org.springframework.beans.factory.xml.XmlBeanDefinitionReader] - <Loading XML
bean definitions from ServletContext resource
[/WEB-INF/spring-configuration/ticketGrantingTicketCookieGenerator.xml]>
2011-04-06 10:31:49,974 INFO
[org.springframework.beans.factory.xml.XmlBeanDefinitionReader] - <Loading XML
bean definitions from ServletContext resource
[/WEB-INF/spring-configuration/propertyFileConfigurer.xml]>
2011-04-06 10:31:49,990 INFO
[org.springframework.beans.factory.xml.XmlBeanDefinitionReader] - <Loading XML
bean definitions from ServletContext resource
[/WEB-INF/spring-configuration/auditTrailContext.xml]>
2011-04-06 10:31:50,162 INFO
[org.springframework.beans.factory.xml.XmlBeanDefinitionReader] - <Loading XML
bean definitions from ServletContext resource
[/WEB-INF/spring-configuration/uniqueIdGenerators.xml]>
2011-04-06 10:31:50,177 INFO
[org.springframework.beans.factory.xml.XmlBeanDefinitionReader] - <Loading XML
bean definitions from ServletContext resource
[/WEB-INF/spring-configuration/filters.xml]>
2011-04-06 10:31:50,193 INFO
[org.springframework.beans.factory.xml.XmlBeanDefinitionReader] - <Loading XML
bean definitions from ServletContext resource
[/WEB-INF/spring-configuration/warnCookieGenerator.xml]>
2011-04-06 10:31:50,209 INFO
[org.springframework.beans.factory.xml.XmlBeanDefinitionReader] - <Loading XML
bean definitions from ServletContext resource
[/WEB-INF/spring-configuration/ticketExpirationPolicies.xml]>
2011-04-06 10:31:50,209 INFO
[org.springframework.beans.factory.xml.XmlBeanDefinitionReader] - <Loading XML
bean definitions from ServletContext resource
[/WEB-INF/spring-configuration/applicationContext.xml]>
2011-04-06 10:31:50,224 INFO
[org.springframework.beans.factory.xml.XmlBeanDefinitionReader] - <Loading XML
bean definitions from ServletContext resource
[/WEB-INF/spring-configuration/securityContext.xml]>
2011-04-06 10:31:50,302 INFO
[org.springframework.security.core.SpringSecurityCoreVersion] - <You are
running with Spring Security Core 3.0.5.RELEASE>
2011-04-06 10:31:50,302 INFO
[org.springframework.security.config.SecurityNamespaceHandler] - <Spring
Security 'config' module version is 3.0.4.RELEASE>
2011-04-06 10:31:50,365 INFO
[org.springframework.security.config.http.AuthenticationConfigBuilder] - <No
login page configured. The default internal one will be used. Use the
'login-page' attribute to set the URL of the login page.>
2011-04-06 10:31:50,365 INFO
[org.springframework.security.config.http.HttpSecurityBeanDefinitionParser] -
<Checking sorted filter chain: [Root bean: class
[org.springframework.security.web.context.SecurityContextPersistenceFilter];
scope=; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0;
autowireCandidate=true; primary=false; factoryBeanName=null;
factoryMethodName=null; initMethodName=null; destroyMethodName=null, order =
300, Root bean: class
[org.springframework.security.web.authentication.logout.LogoutFilter]; scope=;
abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0;
autowireCandidate=true; primary=false; factoryBeanName=null;
factoryMethodName=null; initMethodName=null; destroyMethodName=null, order =
400, <casProcessingFilter>, order = 701, Root bean: class
[org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter];
scope=; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0;
autowireCandidate=true; primary=false; factoryBeanName=null;
factoryMethodName=null; initMethodName=null; destroyMethodName=null, order =
800, Root bean: class
[org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter];
scope=; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0;
autowireCandidate=true; primary=false; factoryBeanName=null;
factoryMethodName=null; initMethodName=null; destroyMethodName=null, order =
1000, Root bean: class
[org.springframework.security.web.authentication.www.BasicAuthenticationFilter];
scope=; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0;
autowireCandidate=true; primary=false; factoryBeanName=null;
factoryMethodName=null; initMethodName=null; destroyMethodName=null, order =
1200, Root bean: class
[org.springframework.security.web.savedrequest.RequestCacheAwareFilter];
scope=; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0;
autowireCandidate=true; primary=false; factoryBeanName=null;
factoryMethodName=null; initMethodName=null; destroyMethodName=null, order =
1300, Root bean: class
[org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter];
scope=; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0;
autowireCandidate=true; primary=false; factoryBeanName=null;
factoryMethodName=null; initMethodName=null; destroyMethodName=null, order =
1400, Root bean: class
[org.springframework.security.web.authentication.AnonymousAuthenticationFilter];
scope=; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0;
autowireCandidate=true; primary=false; factoryBeanName=null;
factoryMethodName=null; initMethodName=null; destroyMethodName=null, order =
1600, Root bean: class
[org.springframework.security.web.session.SessionManagementFilter]; scope=;
abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0;
autowireCandidate=true; primary=false; factoryBeanName=null;
factoryMethodName=null; initMethodName=null; destroyMethodName=null, order =
1700, Root bean: class
[org.springframework.security.web.access.ExceptionTranslationFilter]; scope=;
abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0;
autowireCandidate=true; primary=false; factoryBeanName=null;
factoryMethodName=null; initMethodName=null; destroyMethodName=null, order =
1800,
<org.springframework.security.web.access.intercept.FilterSecurityInterceptor#0>,
order = 1900]>
2011-04-06 10:31:50,365 INFO
[org.springframework.beans.factory.xml.XmlBeanDefinitionReader] - <Loading XML
bean definitions from ServletContext resource
[/WEB-INF/spring-configuration/argumentExtractorsConfiguration.xml]>
2011-04-06 10:31:50,381 INFO
[org.springframework.beans.factory.xml.XmlBeanDefinitionReader] - <Loading XML
bean definitions from ServletContext resource
[/WEB-INF/deployerConfigContext.xml]>
2011-04-06 10:31:50,537 INFO
[org.springframework.beans.factory.config.PropertyPlaceholderConfigurer] -
<Loading properties file from ServletContext resource [/WEB-INF/cas.properties]>
2011-04-06 10:31:50,974 INFO
[org.springframework.beans.factory.support.DefaultListableBeanFactory] -
<Pre-instantiating singletons in
org.springframework.beans.factory.support.DefaultListableBeanFactory@e6f970:
defining beans
[ticketRegistry,ticketRegistryCleaner,jobDetailTicketRegistryCleaner,triggerJobDetailTicketRegistryCleaner,ticketGrantingTicketCookieGenerator,propertyPlaceholderConfigurer,org.springframework.aop.config.internalAutoProxyCreator,auditTrailManagementAspect,saveServiceResourceResolver,deleteServiceResourceResolver,saveServiceActionResolver,deleteServiceActionResolver,auditablePrincipalResolver,authenticationActionResolver,ticketCreationActionResolver,ticketValidationActionResolver,returnValueResourceResolver,ticketResourceResolver,ticketGrantingTicketUniqueIdGenerator,serviceTicketUniqueIdGenerator,proxy20TicketUniqueIdGenerator,samlServiceTicketUniqueIdGenerator,uniqueIdGeneratorsMap,characterEncodingFilter,warnCookieGenerator,serviceTicketExpirationPolicy,grantingTicketExpirationPolicy,timingAspect,messageSource,servicesManager,serviceRegistryReloaderJobDetail,periodicServiceRegistryReloaderTrigger,httpClient,persistentIdGenerator,centralAuthenticationService,proxy10Handler,proxy20Handler,advisorAutoProxyCreator,validationAnnotationBeanPostProcessor,scheduler,org.springframework.security.web.PortMapperImpl#0,org.springframework.security.web.context.HttpSessionSecurityContextRepository#0,org.springframework.security.web.authentication.session.SessionFixationProtectionStrategy#0,org.springframework.security.authentication.ProviderManager#0,org.springframework.security.access.vote.AffirmativeBased#0,org.springframework.security.web.access.intercept.FilterSecurityInterceptor#0,org.springframework.security.web.access.DefaultWebInvocationPrivilegeEvaluator#0,org.springframework.security.authentication.AnonymousAuthenticationProvider#0,org.springframework.security.web.savedrequest.HttpSessionRequestCache#0,org.springframework.security.web.authentication.www.BasicAuthenticationEntryPoint#0,org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter#0,org.springframework.security.config.http.UserDetailsServiceInjectionBeanPostProcessor#0,org.springframework.security.filterChainProxy,org.springframework.security.authentication.DefaultAuthenticationEventPublisher#0,org.springframework.security.authenticationManager,serviceProperties,casProcessingFilter,casProcessingFilterEntryPoint,casAuthenticationProvider,casArgumentExtractor,samlArgumentExtractor,argumentExtractors,authenticationManager,userDetailsService,attributeRepository,serviceRegistryDao,auditTrailManager];
root of factory hierarchy>
2011-04-06 10:31:51,334 INFO
[org.jasig.cas.services.DefaultServicesManagerImpl] - <Loaded 4 services.>
2011-04-06 10:31:51,443 WARN [com.myapp.custom.handler.myappCustomHandler] -
<com.myapp.custom.handler.myapp.CustomHandlerCas-server-myapp- custom Handler
Implementation.>
2011-04-06 10:31:51,943 INFO
[org.springframework.security.web.access.intercept.FilterSecurityInterceptor] -
<Validated configuration attributes>
2011-04-06 10:31:52,224 INFO
[org.springframework.context.support.DefaultLifecycleProcessor] - <Starting
beans in phase 2147483647>
2011-04-06 10:31:52,224 INFO
[org.jasig.cas.util.AutowiringSchedulerFactoryBean] - <Starting Quartz
Scheduler now>
2011-04-06 10:31:52,224 INFO [org.springframework.web.context.ContextLoader] -
<Root WebApplicationContext: initialization completed in 2437 ms>
2011-04-06 10:31:52,287 INFO
[org.springframework.web.servlet.DispatcherServlet] - <FrameworkServlet 'cas':
initialization started>
2011-04-06 10:31:52,287 INFO
[org.springframework.web.context.support.XmlWebApplicationContext] -
<Refreshing WebApplicationContext for namespace 'cas-servlet': startup date
[Wed Apr 06 10:31:52 CDT 2011]; parent: Root WebApplicationContext>
2011-04-06 10:31:52,287 INFO
[org.springframework.beans.factory.xml.XmlBeanDefinitionReader] - <Loading XML
bean definitions from ServletContext resource [/WEB-INF/cas-servlet.xml]>
2011-04-06 10:31:52,490 INFO
[org.springframework.beans.factory.config.PropertyPlaceholderConfigurer] -
<Loading properties file from ServletContext resource [/WEB-INF/cas.properties]>
2011-04-06 10:31:52,490 INFO
[org.springframework.beans.factory.support.DefaultListableBeanFactory] -
<Pre-instantiating singletons in
org.springframework.beans.factory.support.DefaultListableBeanFactory@1a422d9:
defining beans
[casPropertyPlaceholderConfigurer2,themeResolver,viewResolver,localeResolver,localeChangeInterceptor,urlBasedViewResolver,errorHandlerResolver,org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter#0,handlerMappingC,passThroughController,openIdProviderController,serviceLogoutViewController,org.springframework.webflow.mvc.servlet.FlowHandlerMapping#0,org.springframework.webflow.mvc.servlet.FlowHandlerAdapter#0,flowUrlHandler,flowExecutor,flowRegistry,org.springframework.binding.convert.service.DefaultConversionService#0,builder,expressionParser,viewFactoryCreator,proxyValidateController,serviceValidateController,samlValidateController,legacyValidateController,proxyController,viewStatisticsController,logoutController,initialFlowSetupAction,authenticationViaFormAction,generateServiceTicketAction,sendTicketGrantingTicketAction,gatewayServicesManagementCheck,addRegisteredServiceSimpleFormController,editRegisteredServiceSimpleFormController,registeredServiceValidator,manageRegisteredServicesMultiActionController,messageInterpolator,credentialsValidator];
parent:
org.springframework.beans.factory.support.DefaultListableBeanFactory@e6f970>
2011-04-06 10:31:52,537 INFO
[org.springframework.web.servlet.handler.SimpleUrlHandlerMapping] - <Mapped URL
path [/proxyValidate] onto handler 'proxyValidateController'>
2011-04-06 10:31:52,537 INFO
[org.springframework.web.servlet.handler.SimpleUrlHandlerMapping] - <Mapped URL
path [/validate] onto handler 'legacyValidateController'>
2011-04-06 10:31:52,537 INFO
[org.springframework.web.servlet.handler.SimpleUrlHandlerMapping] - <Mapped URL
path [/services/*] onto handler 'manageRegisteredServicesMultiActionController'>
2011-04-06 10:31:52,537 INFO
[org.springframework.web.servlet.handler.SimpleUrlHandlerMapping] - <Mapped URL
path [/serviceValidate] onto handler 'serviceValidateController'>
2011-04-06 10:31:52,553 INFO
[org.springframework.web.servlet.handler.SimpleUrlHandlerMapping] - <Mapped URL
path [/services/viewStatistics.html] onto handler 'viewStatisticsController'>
2011-04-06 10:31:52,553 INFO
[org.springframework.web.servlet.handler.SimpleUrlHandlerMapping] - <Mapped URL
path [/openid/*] onto handler 'openIdProviderController'>
2011-04-06 10:31:52,553 INFO
[org.springframework.web.servlet.handler.SimpleUrlHandlerMapping] - <Mapped URL
path [/logout] onto handler 'logoutController'>
2011-04-06 10:31:52,568 INFO
[org.springframework.web.servlet.handler.SimpleUrlHandlerMapping] - <Mapped URL
path [/services/loggedOut.html] onto handler 'serviceLogoutViewController'>
2011-04-06 10:31:52,568 INFO
[org.springframework.web.servlet.handler.SimpleUrlHandlerMapping] - <Mapped URL
path [/samlValidate] onto handler 'samlValidateController'>
2011-04-06 10:31:52,568 INFO
[org.springframework.web.servlet.handler.SimpleUrlHandlerMapping] - <Mapped URL
path [/proxy] onto handler 'proxyController'>
2011-04-06 10:31:52,584 INFO
[org.springframework.web.servlet.handler.SimpleUrlHandlerMapping] - <Mapped URL
path [/services/edit.html] onto handler
'editRegisteredServiceSimpleFormController'>
2011-04-06 10:31:52,584 INFO
[org.springframework.web.servlet.handler.SimpleUrlHandlerMapping] - <Mapped URL
path [/403.html] onto handler 'passThroughController'>
2011-04-06 10:31:52,584 INFO
[org.springframework.web.servlet.handler.SimpleUrlHandlerMapping] - <Mapped URL
path [/services/add.html] onto handler
'addRegisteredServiceSimpleFormController'>
2011-04-06 10:31:52,584 INFO
[org.springframework.web.servlet.handler.SimpleUrlHandlerMapping] - <Mapped URL
path [/authorizationFailure.html] onto handler 'passThroughController'>
2011-04-06 10:31:52,771 INFO
[org.springframework.web.servlet.DispatcherServlet] - <FrameworkServlet 'cas':
initialization completed in 484 ms>
2011-04-06 10:31:58,224 INFO
[org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] -
<Beginning ticket cleanup.>
2011-04-06 10:31:58,224 INFO
[org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] - <0
tickets found to be removed.>
2011-04-06 10:31:58,224 INFO
[org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] -
<Finished ticket cleanup.>
log4j:WARN No appenders could be found for logger
(org.springframework.core.CollectionFactory).
log4j:WARN Please initialize the log4j system properly.
AbandonedObjectPool is used
(org.apache.tomcat.dbcp.dbcp.AbandonedObjectPool@287ca7)
LogAbandoned: true
RemoveAbandoned: true
RemoveAbandonedTimeout: 300
log4j:ERROR LogMananger.repositorySelector was null likely due to error in
class reloading, using NOPLoggerRepository.
2011-04-06 10:32:11,115 INFO
[org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] -
<Beginning ticket cleanup.>
2011-04-06 10:32:11,115 INFO
[org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] - <0
tickets found to be removed.>
2011-04-06 10:32:11,115 INFO
[org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] -
<Finished ticket cleanup.>
