Michael, Can you please share your SPNEGO configuration? I have spent weeks without any luck in getting it to work. LDAP works fine though. Thanks.
On Thursday, November 7, 2013 2:59:20 AM UTC+5, Gasper, John wrote: > > Nice work, Mike. > > > > *From:* Buckley Michael [mailto:[email protected] <javascript:>] > *Sent:* Wednesday, November 6, 2013 7:42 AM > *To:* [email protected] <javascript:> > *Subject:* RE:[cas-user] CAS SPNEGO with fallback to LDAP issues > > > > John, > > I figured it out. > > In the pom.xml file in the cas-server-webapp directory had to change the > spnego section from: > <groupId>org.jasig.cas</groupId> > > <artifactId>cas-server-support-spnego</artifactId> > > <version>3.5.2</version> > > </dependency> > > > > to: > > <groupId>org.jasig.cas</groupId> > > <artifactId>cas-server-support-spnego</artifactId> > > <version>3.5.3-SNAPSHOT</version> > > </dependency> > > > > It’s working now! > > > > *From:* Buckley Michael > *Sent:* Wednesday, November 06, 2013 10:04 AM > *To:* [email protected] <javascript:> > *Subject:* RE: CAS SPNEGO with fallback to LDAP issues > > > > John, > > I am getting the following when running mvn package inside the > cas-server-webapp directory: > > testWiring(org.jasig.cas.WiringTests): Error creating bean with name > 'negociateSpnego' defined in URL > [file:src/main/webapp/WEB-INF/cas-servlet.xml]: Error setting property > values; nested exception is > org.springframework.beans.NotWritablePropertyException: Invalid property > 'mixedModeAuthentication' of bean class > [org.jasig.cas.support.spnego.web.flow.SpnegoNegociateCredentialsAction]: > Bean property 'mixedModeAuthentication' is not writable or has an invalid > setter method. Does the parameter type of the setter match the return type > of the getter? > > > > Before running above, I ran mvn package in the cas-server-support-spnego > directory to compile that and it compiles OK with no errors. > > > > I have verified that the SpnegoNegociateCredentialsAction.java file in the > cas-server-support-spnego directory has the new changes for > mixedModeAuthentication > > Here is the entry in my cas-servlet.xml: > > <bean id="negociateSpnego" > class="org.jasig.cas.support.spnego.web.flow.SpnegoNegociateCredentialsAction"> > > <property name="mixedModeAuthentication" value="true"/> > > </bean> > > > > Do I need to copy the new class files from inside the the > cas-server-support-spnego somewhere? > > > > > I am completely stumped here. > > Please help. > > > > Thank you, > > Mike > > > > *From:* Gasper, John [[email protected]] <javascript:> > *Sent:* Monday, October 28, 2013 6:45 PM > *To:* [email protected] <javascript:> > *Subject:* RE:[cas-user] CAS SPNEGO with fallback to LDAP issues > > > > Mike, > > > > This is actually in the cas-servlet.xml: > > <bean id="negociateSpnego" > class="org.jasig.cas.support.spnego.web.flow.SpnegoNegociateCredentialsAction" > > /> <property name="mixedModeAuthentication" value="true"/> > > </bean> > > > > Sorry, > > John > > > > *From:* Buckley Michael [mailto:[email protected]] <javascript:> > *Sent:* Thursday, October 24, 2013 8:08 PM > *To:* [email protected] <javascript:> > *Subject:* RE:[cas-user] CAS SPNEGO with fallback to LDAP issues > > > > John, > > Thank you for the response. I am a bit of a newbie when it comes to java > stuff. How exactly do I set the value of the MixedModeAuthentication > property to true? I believe it’s in the deployerConfigContext.xml. > > > > Thanks, > > Mike > > > > *From:* Gasper, John [mailto:[email protected] <javascript:>] > *Sent:* Thursday, October 24, 2013 7:32 PM > *To:* [email protected] <javascript:> > *Subject:* RE:[cas-user] CAS SPNEGO with fallback to LDAP issues > > > > Hi Michael, > > > > A patch has been posted to the 3.5.x branch that adds an option to revert > to the old method. 3.5.3 hasn’t not officially released, so you’d need to > compile the SPNEGO module from source: > https://github.com/Jasig/cas/tree/3.5.x/cas-server-support-spnego/ > > > > You’ll need to set the value of the MixedModeAuthentication property in > the SpnegoNegociateCredentialsAction bean to “true”. This will display the > login form when the 401 hits instead of a blank page. > > > > John > > > > *From:* Buckley Michael [mailto:[email protected]] <javascript:> > *Sent:* Thursday, October 24, 2013 12:52 PM > *To:* [email protected] <javascript:> > *Subject:* [cas-user] CAS SPNEGO with fallback to LDAP issues > > > > I am running into the issue where a blank page (401 response) is being > sent to firefox using CAS configured with SPNEGO and LDAP. > The SPNEGO is working in IE as long as the user is logged into our AD > domain. However if they aren’t logged into the domain, it is prompting > with a pop-up box for credentials. > > If they put their login as DOMAIN\username or username@DOMAIN they are > able to login successfully. If they just type their username it goes to > the forms based login and they can login successfully without having to add > the DOMAIN part. > > I have followed the documentation at > https://wiki.jasig.org/display/CASUM/SPNEGO and also > https://wiki.jasig.org/display/CASUM/LDAP > > I have been googling and changing the login-webflow.xml files but I am > still getting the 401 response. > I also experimented with the solutions here: > https://issues.jasig.org/i#browse/CAS-1166 > > > My question is what needs to be done so in the event that spnego fails on > firefox or IE, it sends them to the forms based login page? > > > > > Thank you for any help, > > > > Michael Buckley > > > > -- > You are currently subscribed to [email protected] <javascript:> as: > [email protected] <javascript:> > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- > You are currently subscribed to [email protected] <javascript:> as: > [email protected] <javascript:> > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- > You are currently subscribed to [email protected] <javascript:> as: > [email protected] <javascript:> > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- > You are currently subscribed to [email protected] <javascript:> as: > [email protected] <javascript:> > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- > You are currently subscribed to [email protected] <javascript:> as: > [email protected] <javascript:> > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- > You are currently subscribed to [email protected] <javascript:> as: > [email protected] <javascript:> > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
