I have installed CAS with a flat file authorization, and CAS works and via
/cas/login I can login with a user created in my case "scott/password".
Next I want to do the same thing via REST but I can not get this working.
CAS was built to support REST.
I can see that the user is authenticated properly, but I can not get a
ticket via REST, as I see that "WARN
[org.jasig.cas.CentralAuthenticationServiceImpl] - <ServiceManagement:
Unauthorized Service Access. Service [*] not found in Service Registry."
I have searched high and low for a solution, as it seems like a very simple
use case, but I can not find any to the solution to the problem.
The issue seems to be related to deploycontext.xml:
class="org.jasig.cas.services.InMemoryServiceRegistryDaoImpl">
<property name="registeredServices">
<list>
<bean
class="org.jasig.cas.services.RegexRegisteredService">
<property name="id" value="0" />
<property name="name" value="HTTP and IMAP" />
<property name="description" value="Allows HTTP(S)
and IMAP(S) protocols" />
<property name="serviceId"
value="^(http?|https?|imap?|imaps?)://.*" />
<property name="evaluationOrder" value="10000001" />
</bean>
</list>
but I've tried everything upto and including * for the serviceid, without
success. For now as this is testing I'd be happy with no security at all
and allowing everything and everything from anywhere however, so long as it
allowed REST to work, in the long run I'd just like REST to be allowed to
get a ticket, (not only the ticket granting ticket).
2014-05-12 15:33:42,120 INFO
[org.jasig.cas.authentication.AuthenticationManagerImpl] -
<org.jasig.cas.adaptors.generic.FileAuthenticationHandler successfully
authenticated [username: scott]>
2014-05-12 15:33:42,121 INFO
[org.jasig.cas.authentication.AuthenticationManagerImpl] - <Resolved
principal scott>
2014-05-12 15:33:42,121 INFO
[org.jasig.cas.authentication.AuthenticationManagerImpl] -
<org.jasig.cas.adaptors.generic.FileAuthenticationHandler@7d78af29
authenticated scott with credential [username: scott].>
2014-05-12 15:33:42,128 INFO
[com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit
trail record BEGIN
=============================================================
WHO: [username: scott]
WHAT: supplied credentials: [username: scott]
ACTION: AUTHENTICATION_SUCCESS
APPLICATION: CAS
WHEN: Mon May 12 15:33:42 UTC 2014
CLIENT IP ADDRESS: 10.145.156.41
SERVER IP ADDRESS: 10.152.105.225
=============================================================
>
2014-05-12 15:33:42,133 INFO
[com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit
trail record BEGIN
=============================================================
WHO: [username: scott]
WHAT:
TGT-1-yHQkEDLtdu4FQbEQCvR4yGRgxESKAaP7VFyZKMw32uHl4D7asC-cas01.example.org
ACTION: TICKET_GRANTING_TICKET_CREATED
APPLICATION: CAS
WHEN: Mon May 12 15:33:42 UTC 2014
CLIENT IP ADDRESS: 10.145.156.XX
SERVER IP ADDRESS: 10.152.105.YY
=============================================================
>
2014-05-12 15:33:42,282 WARN
[org.jasig.cas.CentralAuthenticationServiceImpl] - <ServiceManagement:
Unauthorized Service Access. Service [*] not found in Service Registry.>
2014-05-12 15:33:42,283 INFO
[com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit
trail record BEGIN
=============================================================
WHO: scott
WHAT: *
ACTION: SERVICE_TICKET_NOT_CREATED
APPLICATION: CAS
WHEN: Mon May 12 15:33:42 UTC 2014
CLIENT IP ADDRESS: 10.145.156.XX
SERVER IP ADDRESS: 10.152.105.YY
=============================================================
>
2014-05-12 15:33:42,284 ERROR
[org.jasig.cas.integration.restlet.TicketGrantingTicketResource] -
<service.not.authorized>
org.jasig.cas.services.UnauthorizedServiceException: service.not.authorized
at
org.jasig.cas.CentralAuthenticationServiceImpl.grantServiceTicket_aroundBody2(CentralAuthenticationServiceImpl.java:205)
at
org.jasig.cas.CentralAuthenticationServiceImpl.grantServiceTicket_aroundBody3$advice(CentralAuthenticationServiceImpl.java:57)
at
org.jasig.cas.CentralAuthenticationServiceImpl.grantServiceTicket(CentralAuthenticationServiceImpl.java:1)
at
org.jasig.cas.CentralAuthenticationServiceImpl.grantServiceTicket_aroundBody4(CentralAuthenticationServiceImpl.java:276)
at
org.jasig.cas.CentralAuthenticationServiceImpl.grantServiceTicket_aroundBody5$advice(CentralAuthenticationServiceImpl.java:57)
at
org.jasig.cas.CentralAuthenticationServiceImpl.grantServiceTicket(CentralAuthenticationServiceImpl.java:1)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at
org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:318)
at
org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:183)
at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150)
at
org.springframework.aop.aspectj.MethodInvocationProceedingJoinPoint.proceed(MethodInvocationProceedingJoinPoint.java:80)
at
org.perf4j.aop.AbstractTimingAspect$1.proceed(AbstractTimingAspect.java:47)
at
org.perf4j.aop.AgnosticTimingAspect.runProfiledMethod(AgnosticTimingAspect.java:53)
at
org.perf4j.aop.AbstractTimingAspect.doPerfLogging(AbstractTimingAspect.java:45)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at
org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethodWithGivenArgs(AbstractAspectJAdvice.java:621)
at
org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethod(AbstractAspectJAdvice.java:610)
at
org.springframework.aop.aspectj.AspectJAroundAdvice.invoke(AspectJAroundAdvice.java:65)
at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:161)
at
org.springframework.aop.aspectj.MethodInvocationProceedingJoinPoint.proceed(MethodInvocationProceedingJoinPoint.java:80)
at
com.github.inspektr.audit.AuditTrailManagementAspect.handleAuditTrail(AuditTrailManagementAspect.java:126)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at
org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethodWithGivenArgs(AbstractAspectJAdvice.java:621)
at
org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethod(AbstractAspectJAdvice.java:610)
at
org.springframework.aop.aspectj.AspectJAroundAdvice.invoke(AspectJAroundAdvice.java:65)
at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:161)
at
org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:90)
at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at
org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:202)
at com.sun.proxy.$Proxy96.grantServiceTicket(Unknown Source)
at
org.jasig.cas.integration.restlet.TicketGrantingTicketResource.acceptRepresentation(TicketGrantingTicketResource.java:91)
at org.restlet.resource.Resource.post(Resource.java:688)
at org.restlet.resource.Resource.handlePost(Resource.java:537)
at org.restlet.Finder.handle(Finder.java:357)
at org.restlet.Filter.doHandle(Filter.java:150)
at org.restlet.Filter.handle(Filter.java:195)
at org.restlet.Router.handle(Router.java:504)
at org.restlet.Filter.doHandle(Filter.java:150)
at org.restlet.Filter.handle(Filter.java:195)
at org.restlet.Filter.doHandle(Filter.java:150)
at org.restlet.Filter.handle(Filter.java:195)
at org.restlet.Filter.doHandle(Filter.java:150)
at com.noelios.restlet.StatusFilter.doHandle(StatusFilter.java:130)
at org.restlet.Filter.handle(Filter.java:195)
at org.restlet.Filter.doHandle(Filter.java:150)
at org.restlet.Filter.handle(Filter.java:195)
at com.noelios.restlet.ChainHelper.handle(ChainHelper.java:124)
at
com.noelios.restlet.application.ApplicationHelper.handle(ApplicationHelper.java:112)
at org.restlet.Application.handle(Application.java:341)
at
com.noelios.restlet.ext.servlet.ServletConverter.service(ServletConverter.java:198)
at
com.noelios.restlet.ext.spring.RestletFrameworkServlet.doService(RestletFrameworkServlet.java:106)
at
org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:882)
at
org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:789)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:647)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:728)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
at
org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
at
org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:88)
at
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76)
at
org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346)
at
org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:259)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
at
com.github.inspektr.common.web.ClientInfoThreadLocalFilter.doFilter(ClientInfoThreadLocalFilter.java:63)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:222)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:123)
at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:502)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:171)
at
com.googlecode.psiprobe.Tomcat70AgentValve.invoke(Tomcat70AgentValve.java:38)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:100)
at
org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:953)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:409)
at
org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1044)
at
org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:607)
at
org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:315)
at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at java.lang.Thread.run(Thread.java:744)
What else is required to allow the REST server to create a ticket?
Thanks,
ERIC
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
