Hi,
i had searched online and in this forum about such a case where in
getUserPrincipal() is returning null though the validation succeeds.
cas version
=======
3.5.0
here are my configurations
web.xml
======
<filter>
<filter-name>CAS Validation Filter</filter-name>
<!--
<filter-class>org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter</filter-class>
-->
<filter-class>org.jasig.cas.client.validation.Saml11TicketValidationFilter</filter-class>
<init-param>
<param-name>casServerUrlPrefix</param-name>
<param-value>https://casserver/cas/</param-value>
</init-param>
<init-param>
<param-name>serverName</param-name>
<param-value>http://localhost:8280</param-value>
</init-param>
<init-param>
<param-name>proxyCallbackUrl</param-name>
<param-value>https://casserver/cas/proxyCallback</param-value>
</init-param>
<init-param>
<param-name>proxyReceptorUrl</param-name>
<param-value>/services/proxyCallback</param-value>
</init-param>
<init-param>
<param-name>redirectAfterValidation</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<param-name>useSession</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<param-name>acceptAnyProxy</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<param-name>tolerance</param-name>
<param-value>75000</param-value>
</init-param>
</filter>
<context-param>
<param-name>serverName</param-name>
<param-value>http://localhost:8280</param-value>
</context-param>
<filter>
<filter-name>CAS Authentication Filter</filter-name>
<!--
<filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class>
-->
<filter-class>org.jasig.cas.client.authentication.Saml11AuthenticationFilter</filter-class>
<init-param>
<param-name>casServerLoginUrl</param-name>
<param-value>https://casserver/cas/login</param-value>
</init-param>
<init-param>
<param-name>serverName</param-name>
<param-value>http://localhost:8280</param-value>
</init-param>
<!--<init-param>
<param-name>renew</param-name>
<param-value>false</param-value>
</init-param>
<init-param>
<param-name>gateway</param-name>
<param-value>false</param-value>
</init-param> -->
</filter>
<filter>
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
<filter-class>org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>CAS Validation Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>CAS Authentication Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
pom.xml
======
<dependency>
<groupId>commons-logging</groupId>
<artifactId>commons-logging</artifactId>
<version>1.1.1</version>
</dependency>
<dependency>
<groupId>log4j</groupId>
<artifactId>log4j</artifactId>
<version>1.2.16</version>
</dependency>
<dependency>
<groupId>org.jasig.cas.client</groupId>
<artifactId>cas-client-core</artifactId>
<version>3.1.12</version>
</dependency>
<dependency>
<groupId>org.opensaml</groupId>
<artifactId>opensaml1</artifactId>
<version>1.1</version>
</dependency>
<dependency>
<groupId>commons-codec</groupId>
<artifactId>commons-codec</artifactId>
<version>1.6</version>
</dependency>
<dependency>
<groupId>org.apache.santuario</groupId>
<artifactId>xmlsec</artifactId>
<version>1.4.3</version>
</dependency>
deployerContextConfig.xml
=================
<bean id="attributeRepository"
class="org.jasig.services.persondir.support.jdbc.MultiRowJdbcPersonAttributeDao">
<constructor-arg index="0" ref="dataSource" />
<constructor-arg index="1" value="select LOGINNAME, 'USER_ROLE'
as attr_name, ROLENAME FROM USER_ROLE WHERE {0}" />
<property name="nameValueColumnMappings">
<map>
<entry key="attr_name" value="ROLENAME" />
</map>
</property>
<property name="queryAttributeMapping">
<map>
<entry key="username" value="LOGINNAME" />
</map>
</property>
<property name="resultAttributeMapping">
<map>
<entry key="USER_ROLE" value="USER_ROLE"/>
</map>
</property>
</bean>
<bean
class="org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver"
p:attributeRepository-ref="attributeRepository" />
also on the services set up screen for the service i wanted to cassify i choose
the user attribute and selected the checkbox "gnore Attribute Management via
this Tool".
What i see in cas logs is that the user is authenticated and then service
ticket is also validated.
here is the end URL after the validation succeeded and then my restful API
returned 200 OK.
?TARGET=http%3A%2F%2Flocalhost%3A8280%2Fservices%2Frest%2Fusers%2F1641201&SAMLart=AAFSsPYAkNKN6Mb0Q6Li8D8gawrtLKYlHjia%2FBIgP%2FM%2FHk0ia5CTiodH
all is cool except that the request.getUserPrincipal() is null
I tried various versions of cas-client-core. the 3.1.10 does not have the
samlauthenticationfilter thus tried 3.2.0 and still no user principal. then
used the 3.1.12 just to check if there was any issue with the versions of the
jar.
what ever client jar i used its the same result.
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
