Thanks. So how come /admin/login also gives the same error result?(thought only /login is protected
Thanks, ----- Reply message ----- From: "Jérôme LELEU" <[email protected]> To: "[email protected]" <[email protected]> Subject: [cas-user] Having weird behavior when connecting to /login (or /admin/login) Date: Thu, Mar 27, 2014 2:54 PM Hi, The filterProcessesUrl is dedicated to receive service tickets during the CAS login process. Generally, the url is kept with the default value: /j_spring_cas_security_check. So the error you get is completely normal if you don't provide any service ticket. You should not call this url, but any protected url of your application to trigger a CAS round-trip. Best regards, Jérôme 2014-03-27 9:07 GMT+01:00 ray <[email protected]<mailto:[email protected]>>: Hi, In my cas service client (Spring client) I have this configuration: <http pattern="/resources/**" security="none"/> <http use-expressions="true" entry-point-ref="casEntryPoint"> <intercept-url pattern="/sync/**" access="permitAll"/> <intercept-url pattern="/**" access="isAuthenticated()"/> <access-denied-handler error-page="/no-access"/> <custom-filter ref="casFilter" position="CAS_FILTER"/> <custom-filter ref="singleLogoutFilter" before="LOGOUT_FILTER"/> <logout logout-url="/logout" logout-success-url="${cas.server.host}/cas/logout?service=${cas.service.host}"/> </http> <authentication-manager alias="authenticationManager"> <authentication-provider ref="casAuthProvider"/> </authentication-manager> <!-- authenticates CAS tickets, must be in custom-filter of cis.xml --> <bean id="casFilter" class="org.springframework.security.cas.web.CasAuthenticationFilter"> <property name="authenticationManager" ref="authenticationManager"/> <property name="filterProcessesUrl" value="/login"/> </bean> <bean id="casAuthProvider" class="org.springframework.security.cas.authentication.CasAuthenticationProvider"> <property name="ticketValidator" ref="ticketValidator"/> <property name="serviceProperties" ref="serviceProperties"/> <property name="key" value="Analytics"/> <property name="authenticationUserDetailsService" ref="myUserDetailsService"/> <!-- <property name="statelessTicketCache" ref="statelessTicketCache"/>--> </bean> Everything working as expected. the only this I dont get is when I am accessing localhost:8080/login instead of being redirect to CAS server I am getting: HTTP Status 401 - Authentication Failed: Failed to provide a CAS service ticket to validate (same goes for /admin/login) Is 'login' somehow protected by cas client? anyone could please explain me that? thanks, ray. -- You are currently subscribed to [email protected]<mailto:[email protected]> as: [email protected]<mailto:[email protected]> To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user This e-mail and the information it contains may be privileged and/or confidential. It is intended solely for the use of the named recipient(s). If you are not the intended recipient you may not disclose, copy, distribute or retain any part of this message or attachments. If you have received this e-mail in error please notify the sender immediately [by clicking 'Reply'] and delete this e-mail. -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
