Update:
Following the Unicom documetnation, we added the cas-addons dependency
(using the latest version of the addons 1.11.1). Added the following
authenticationSupport bean to our spring-configuration
argumentExtractorsConfiguration.xml overlay file:
|<bean id="authenticationSupport"
class="net.unicon.cas.addons.authentication.internal.DefaultAuthenticationSupport"
c:ticketRegistry-ref="ticketRegistry"/>
We changed the end-state for the viewGenericLoginSuccess in the
WEBINF/login-webflow.xml file as described in the article:
||<end-state id="viewGenericLoginSuccess" view="casLoginGenericSuccessView">
<on-entry>
<evaluate
expression="authenticationSupport.getAuthenticatedPrincipalFrom(requestScope.ticketGrantingTicketId)"
result="requestScope.principal"/>
</on-entry>
</end-state>
and changed the
<strong>
${sessionScope.openIdLocalId}
</strong>
statement in casGenericSuccess.jsp to
<strong>
<c:out value="${principal.id}" />
</strong>
|
|as defined in the documentation. Maven built the package with no errors
(after downloading a TON of extra stuff) and Tomcat successfully
deployed| the cas.war file, again with no errors. When we go to the
LOGIN page however, we get the "CAS not available" page rather than the
login form. Again there are no error messages in the Tomcat or CAS log
files, it just considers the service unavailable.
The only thing I can think of is that the process seems to be pulling
the ID from the TGT created in the cache and MAY be assuming the
inMemory cache structure. We are using a replicated ehcache for the
ticket registry with separate caches for the TGTs and STs (because of
the replication). Can anyone comment on whether my guess is correct,
and if so how we adapt the process to be used with an ehcache ticket
registry?
||
On 8/20/14 4:56 PM, David A. Kovacic wrote:
> We would like to be able to access the authenticated user in the
> casGenericSuccess.jsp view. I did find this article:
>
> https://github.com/Unicon/cas-addons/wiki/Authenticated-Principal-in-Generic-Success-Login-View
>
> but if is mostly described as part of CAS 3.5.2 and I've never seen it
> described for CAS 4.0.0 which we are using. Is there a simpler way to
> get that user in CAS 4.0.0? We've seen some code that indicates you
> should be able to access ${sessionScope.openIdLocalId} but that seems
> to be blank in casGenericSuccess.jsp.
>
> This is our casLoginView.jsp:
>
> <jsp:directive.include file="includes/top.jsp" />
>
> <c:if test="${not pageContext.request.secure}">
> <div id="msg" class="errors">
> <h2>Non-secure Connection</h2>
> <p>You are currently accessing CAS over a non-secure connection.
> Single Sign On WILL NOT WORK. In order to have single sign on work,
> you MUST log in over HTTPS.</p>
> </div>
> </c:if>
>
> <div class="messageboxbox"></div>
>
> <jsp:directive.include file="includes/casLoginBox.jsp" />
>
> <jsp:directive.include file="includes/bottom.jsp" />
>
> and our include casLoginBox.jsp where the guts of the login form live:
>
> <form:form method="post" id="fm1" commandName="${commandName}"
> htmlEscape="true" onsubmit="setCookie()" >
> <form:errors path="*" id="msg" cssClass="errors" element="div"
> htmlEscape="false" />
>
> <div id="login-box">
> <div id="login-form-container">
>
> <div id="entryLogin">
> <p>
> <img alt="Enter your CWRU Network ID"
> src="https:/cas/themes/cwru-id.png"/>
> <c:choose>
> <c:when test="${not empty sessionScope.openIdLocalId}">
> <strong>${sessionScope.openIdLocalId}</strong>
> <input type="hidden" id="username" name="username"
> value="${sessionScope.openIdLocalId}" />
> </c:when>
> <c:otherwise>
> <form:input cssClass="required" cssErrorClass="error"
> id="username" size="25" tabindex="1" accesskey="${userNameAccessKey}"
> path="username" autocomplete="off" htmlEscape="true" name="username"
> /><br/>
> </c:otherwise>
> </c:choose>
>
> <span class="textentry"><a tabindex="10"
> href="https://www.case.edu/wizard/wizard.html?idcheck";>Forget your
> CWRU Network ID?</a></span>
> </p>
>
> <p>
> <img alt="Enter your password"
> src="https:/cas/themes/password.png"/>
> <form:password cssClass="required" cssErrorClass="error"
> id="password" size="25" tabindex="2" path="password"
> accesskey="${passwordAccessKey}" htmlEscape="true" autocomplete="off"
> /><br/>
> <span class="textentry">
> <a tabindex="10"
> href="https://its-services.case.edu/my-case-identity/password/reset/";>Forget
> your password?</a>
> </span>
> </p>
> </div>
>
> <div id="quickLink">
>
> <p>
> <img alt="Quick Links" src="https:/cas/themes/quicklinks.png"/><br/>
>
> <span class="quickentry">
> <a
> href="https://its-services.case.edu/my-case-identity/activate/index.cgi";>Activate
> CWRU Network ID</a><br/>
> <a
> href="https://its-services.case.edu/my-case-identity/password/reset/";>Reset
> your password</a><br/>
> <a
> href="https://its-services.case.edu/my-case-identity/password/change/";>Change
> your password</a><br/>
> <a href="http://help.case.edu";>Help Desk</a><br/><a
> href="https://www.case.edu/its/";>ITS homepage</a>
> </span>
> </p>
> </div>
>
> <section class="row btn-row">
> <input type="hidden" name="lt" value="${loginTicket}" />
> <input type="hidden" name="execution" value="${flowExecutionKey}" />
> <input type="hidden" name="_eventId" value="submit" />
> <div id="loginButton" align="center">
> <input class="button" name="submit" accesskey="l"
> value="<spring:message code="screen.welcome.button.login" />"
> id="login-submit" alt="Login" src="/cas/themes/loginbutton.gif"
> tabindex="3" type="image" />
> </div>
> </section>
> <br/>
> </div>
> </div>
> </div>
>
> The current casGenericSuccess.jsp page looks like:
> <jsp:directive.include file="includes/top.jsp" />
>
> <div class="messageboxbox">
> <div class="messagebox confirmation">You have successfully logged in as
> <strong>
> ${sessionScope.openIdLocalId}
> </strong>
> .<br/> Click <a id="logout" href="https:/cas/logout">here</a> to
> logout.</div>
> </div>
>
> <jsp:directive.include file="includes/casLoginBoxFiller.jsp" />
>
> <jsp:directive.include file="includes/bottom.jsp" />
>
>
> --
> You are currently subscribed to [email protected] as: [email protected]
> To unsubscribe, change settings or access archives, see
> http://www.ja-sig.org/wiki/display/JSG/cas-user
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
