Hi, I want to authenticate in CAS using users windows credentials. i.e. Do not prompt the domain user for the password.
I was following https://wiki.jasig.org/display/CASUM/SPNEGO https://wiki.jasig.org/display/CASUM/SPNEGO to try to enable NTLM with CAS, but I had no luck with it at all. My Env: Active Directory Server/Domain Controller: - Win 2003 - Realm: convoy.local CAS server: - tomcat 6 - jdk 1.6.20 - cas version 3.4.7 - hostname is convoy-cas.wealth-tec.com - win 2008 R2 64bit 1. I have create a SPN account called cas in my AD/DC and ensure using DES encryption http://jasig.275507.n4.nabble.com/file/n3438373/cas-ad.png 2. I run ktpass to map the server to the SPN user ktpass.exe /princ HTTP/[email protected] /pass * /mapuser [email protected] /ptype KRB5_NT_PRINCIPAL /crypto RC4-HMAC-NT 3. I setup the login webflow as described in the wiki http://jasig.275507.n4.nabble.com/file/n3438373/login-webflow.xml login-webflow.xml 4. update the cas-servlet http://jasig.275507.n4.nabble.com/file/n3438373/cas-servlet.xml cas-servlet.xml 5. update the deployerConfigContaext http://jasig.275507.n4.nabble.com/file/n3438373/deployerConfigContext.xml deployerConfigContext.xml 6. I added tomcat windows server to domain convoy.local 7. I can see the following error in cas log: 2011-04-09 19:36:51,031 INFO [org.jasig.cas.authentication.AuthenticationManagerImpl] - AuthenticationHandler: org.jasig.cas.support.spnego.authentication.handler.support.JCIFSSpnegoAuthenticationHandler failed to authenticate the user which provided the following credentials: unknown 2011-04-09 19:36:51,036 INFO [com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit trail record BEGIN ============================================================= WHO: unknown WHAT: supplied credentials: unknown ACTION: AUTHENTICATION_FAILED APPLICATION: CAS WHEN: Sat Apr 09 19:36:51 CST 2011 CLIENT IP ADDRESS: 192.168.116.157 SERVER IP ADDRESS: unknown ============================================================= Any help? http://jasig.275507.n4.nabble.com/file/n3438373/login.conf login.conf -- View this message in context: http://jasig.275507.n4.nabble.com/SPNEGO-with-CAS-running-on-Windows-Machine-tp3438373p3438373.html Sent from the CAS Users mailing list archive at Nabble.com. -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
