Hi everyone, I have found my problem, the traitor is org.jasig.cas.client.session.SingleSignOutFilter !!!
By removing this my requests are working fine now. I will try to find exact problem in this class but for now I can say that something fishy is going on around here. Zbynek From: Zbynek Vavros/Czech Republic/IBM@IBMCZ To: [email protected], Cc: [email protected], [email protected] Date: 04/05/2013 08:35 AM Subject: Re: [cas-user] Using CAS with PHP/Java bridge makes POSTs never complete Im not using PhpCas - classic Java (Spring) version bt my project contains php files as presentation layer. See my config file : <?xml version="1.0" encoding="UTF-8"?> <beans xmlns="http://www.springframework.org/schema/beans"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xmlns:security= "http://www.springframework.org/schema/security"; xsi:schemaLocation=" http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.1.xsd";> <!-- Basic HTTP security config, sorry I cant comment all in here,read something already --> <security:http use-expressions="true" entry-point-ref="casEntryPoint" > <security:intercept-url pattern="/login.xhtml" access="permitAll" /> <security:intercept-url pattern="/publicResources/**" access="permitAll" /> <security:intercept-url pattern="/views/**" access="hasRole('ROLE_USER')" /> <security:custom-filter position="CAS_FILTER" ref="casFilter" /> <security:logout logout-success-url="/index.php" /> <security:custom-filter ref="requestSingleLogoutFilter" before="LOGOUT_FILTER" /> <security:custom-filter ref="singleLogoutFilter" before="CAS_FILTER" /> </security:http> <!-- Simple authentication manager --> <security:authentication-manager alias="authenticationManager"> <security:authentication-provider ref="casAuthenticationProvider" /> </security:authentication-manager> <!-- URL for CAS to call when ticket is ready --> <bean id="serviceProperties" class= "org.springframework.security.cas.ServiceProperties"> <property name="service" value= "https://localhost:8443/php-module/j_spring_cas_security_check"; /> <property name="sendRenew" value="false" /> </bean> <!-- CAS filter that will redirect user to CAS login page --> <bean id="casFilter" class= "org.springframework.security.cas.web.CasAuthenticationFilter"> <property name="authenticationManager" ref= "authenticationManager" /> </bean> <!-- Entry point used by CAS filter, to know where to redirect andwhere to send the ticket afterwards --> <bean id="casEntryPoint" class= "org.springframework.security.cas.web.CasAuthenticationEntryPoint"> <property name="loginUrl" value= "https://localhost:8443/cas/login"; /> <property name="serviceProperties" ref="serviceProperties" /> </bean> <!-- Authentication provider - what to say about it --> <bean id="casAuthenticationProvider" class= "org.springframework.security.cas.authentication.CasAuthenticationProvider" > <property name="userDetailsService" ref="userService" /> <property name="serviceProperties" ref="serviceProperties" /> <property name="ticketValidator"> <bean class= "org.jasig.cas.client.validation.Cas20ServiceTicketValidator"> <constructor-arg index="0" value= "https://localhost:8443/cas"; /> </bean> </property> <property name="key" value="an_id_for_this_auth_provider_only" /> </bean> <!-- User service that is called after CAS has finished to populateroles from ARMS --> <!-- <bean id="userService" class="com.ibm.cz.tis.framework.security.ArmsUserDetailService"> <property name="applicationIdentificator" value="tis-framework- php-module" /> </bean> --> <security:user-service id="userService"> <security:user name="user" authorities="ROLE_USER"/> <security:user name="admin" authorities="ROLE_USER, ROLE_ADMIN" /> </security:user-service> <!-- Invalidates session so it is really a SSO logout --> <bean id="singleLogoutFilter" class= "org.jasig.cas.client.session.SingleSignOutFilter" /> <!-- CAS filter that will redirect user to "logout success" page --> <bean id="requestSingleLogoutFilter" class= "org.springframework.security.web.authentication.logout.LogoutFilter"> <constructor-arg value=" https://localhost:8443/cas/logout"; /> <constructor-arg> <bean class= "org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler" /> </constructor-arg> <property name="filterProcessesUrl" value= "/j_spring_cas_security_logout" /> </bean> </beans> From: Ricardo B <[email protected]> To: [email protected], Cc: [email protected], [email protected], Zbynek Vavros/Czech Republic/IBM@IBMCZ Date: 04/03/2013 05:39 PM Subject: Re: [cas-user] Using CAS with PHP/Java bridge makes POSTs never complete Your file does not show anything about PhpCas, if you could put operations where you have the problem maybe we can help -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
