Nice work, Mike.
From: Buckley Michael [mailto:[email protected]]
Sent: Wednesday, November 6, 2013 7:42 AM
To: [email protected]
Subject: RE:[cas-user] CAS SPNEGO with fallback to LDAP issues
John,
I figured it out.
In the pom.xml file in the cas-server-webapp directory had to change the spnego
section from:
<groupId>org.jasig.cas</groupId>
<artifactId>cas-server-support-spnego</artifactId>
<version>3.5.2</version>
</dependency>
to:
<groupId>org.jasig.cas</groupId>
<artifactId>cas-server-support-spnego</artifactId>
<version>3.5.3-SNAPSHOT</version>
</dependency>
It's working now!
From: Buckley Michael
Sent: Wednesday, November 06, 2013 10:04 AM
To: [email protected]<mailto:[email protected]>
Subject: RE: CAS SPNEGO with fallback to LDAP issues
John,
I am getting the following when running mvn package inside the
cas-server-webapp directory:
testWiring(org.jasig.cas.WiringTests): Error creating bean with name
'negociateSpnego' defined in URL
[file:src/main/webapp/WEB-INF/cas-servlet.xml]: Error setting property values;
nested exception is org.springframework.beans.NotWritablePropertyException:
Invalid property 'mixedModeAuthentication' of bean class
[org.jasig.cas.support.spnego.web.flow.SpnegoNegociateCredentialsAction]: Bean
property 'mixedModeAuthentication' is not writable or has an invalid setter
method. Does the parameter type of the setter match the return type of the
getter?
Before running above, I ran mvn package in the cas-server-support-spnego
directory to compile that and it compiles OK with no errors.
I have verified that the SpnegoNegociateCredentialsAction.java file in the
cas-server-support-spnego directory has the new changes for
mixedModeAuthentication
Here is the entry in my cas-servlet.xml:
<bean id="negociateSpnego"
class="org.jasig.cas.support.spnego.web.flow.SpnegoNegociateCredentialsAction">
<property name="mixedModeAuthentication" value="true"/>
</bean>
Do I need to copy the new class files from inside the the
cas-server-support-spnego somewhere?
I am completely stumped here.
Please help.
Thank you,
Mike
From: Gasper, John [mailto:[email protected]]<mailto:[mailto:[email protected]]>
Sent: Monday, October 28, 2013 6:45 PM
To: [email protected]<mailto:[email protected]>
Subject: RE:[cas-user] CAS SPNEGO with fallback to LDAP issues
Mike,
This is actually in the cas-servlet.xml:
<bean id="negociateSpnego"
class="org.jasig.cas.support.spnego.web.flow.SpnegoNegociateCredentialsAction"
/> <property name="mixedModeAuthentication" value="true"/>
</bean>
Sorry,
John
From: Buckley Michael
[mailto:[email protected]]<mailto:[mailto:[email protected]]>
Sent: Thursday, October 24, 2013 8:08 PM
To: [email protected]<mailto:[email protected]>
Subject: RE:[cas-user] CAS SPNEGO with fallback to LDAP issues
John,
Thank you for the response. I am a bit of a newbie when it comes to java
stuff. How exactly do I set the value of the MixedModeAuthentication property
to true? I believe it's in the deployerConfigContext.xml.
Thanks,
Mike
From: Gasper, John [mailto:[email protected]]
Sent: Thursday, October 24, 2013 7:32 PM
To: [email protected]<mailto:[email protected]>
Subject: RE:[cas-user] CAS SPNEGO with fallback to LDAP issues
Hi Michael,
A patch has been posted to the 3.5.x branch that adds an option to revert to
the old method. 3.5.3 hasn't not officially released, so you'd need to compile
the SPNEGO module from source:
https://github.com/Jasig/cas/tree/3.5.x/cas-server-support-spnego/
You'll need to set the value of the MixedModeAuthentication property in the
SpnegoNegociateCredentialsAction bean to "true". This will display the login
form when the 401 hits instead of a blank page.
John
From: Buckley Michael
[mailto:[email protected]]<mailto:[mailto:[email protected]]>
Sent: Thursday, October 24, 2013 12:52 PM
To: [email protected]<mailto:[email protected]>
Subject: [cas-user] CAS SPNEGO with fallback to LDAP issues
I am running into the issue where a blank page (401 response) is being sent to
firefox using CAS configured with SPNEGO and LDAP.
The SPNEGO is working in IE as long as the user is logged into our AD domain.
However if they aren't logged into the domain, it is prompting with a pop-up
box for credentials.
If they put their login as DOMAIN\username or username@DOMAIN they are able to
login successfully. If they just type their username it goes to the forms
based login and they can login successfully without having to add the DOMAIN
part.
I have followed the documentation at
https://wiki.jasig.org/display/CASUM/SPNEGO and also
https://wiki.jasig.org/display/CASUM/LDAP
I have been googling and changing the login-webflow.xml files but I am still
getting the 401 response.
I also experimented with the solutions here:
https://issues.jasig.org/i#browse/CAS-1166
My question is what needs to be done so in the event that spnego fails on
firefox or IE, it sends them to the forms based login page?
Thank you for any help,
Michael Buckley
--
You are currently subscribed to
[email protected]<mailto:[email protected]> as:
[email protected]<mailto:[email protected]>
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
--
You are currently subscribed to
[email protected]<mailto:[email protected]> as:
[email protected]<mailto:[email protected]>
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
--
You are currently subscribed to
[email protected]<mailto:[email protected]> as:
[email protected]<mailto:[email protected]>
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
--
You are currently subscribed to
[email protected]<mailto:[email protected]> as:
[email protected]<mailto:[email protected]>
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
--
You are currently subscribed to
[email protected]<mailto:[email protected]> as:
[email protected]<mailto:[email protected]>
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
