Well the issue with the login turned out to be a JavaScript definition
in the casLoginBox.jsp that was removed as unnecessary. Turns out it is
referenced elsewhere and does need to be there. We can now get a login
form, but when successfully authenticated, the page displayed is the
"CAS not available" page rather than casGenericSuccess.jsp. The TGT
still gets correctly created however.
At this point unless/until someone can suggest a possible fix I am back
out of this and leaving the successful login message as "You have
successfully logged in."
On 8/21/14 11:37 AM, David A. Kovacic wrote:
> Update:
>
> Following the Unicom documetnation, we added the cas-addons dependency
> (using the latest version of the addons 1.11.1). Added the following
> authenticationSupport bean to our spring-configuration
> argumentExtractorsConfiguration.xml overlay file:
>
> |<bean id="authenticationSupport"
> class="net.unicon.cas.addons.authentication.internal.DefaultAuthenticationSupport"
> c:ticketRegistry-ref="ticketRegistry"/>
>
> We changed the end-state for the viewGenericLoginSuccess in the
> WEBINF/login-webflow.xml file as described in the article:
>
> ||<end-state id="viewGenericLoginSuccess" view="casLoginGenericSuccessView">
> <on-entry>
> <evaluate
> expression="authenticationSupport.getAuthenticatedPrincipalFrom(requestScope.ticketGrantingTicketId)"
> result="requestScope.principal"/>
> </on-entry>
> </end-state>
>
>
> and changed the
>
> <strong>
> ${sessionScope.openIdLocalId}
> </strong>
>
> statement in casGenericSuccess.jsp to
>
> <strong>
> <c:out value="${principal.id}" />
> </strong>
>
> |
> |as defined in the documentation. Maven built the package with no
> errors (after downloading a TON of extra stuff) and Tomcat
> successfully deployed| the cas.war file, again with no errors. When
> we go to the LOGIN page however, we get the "CAS not available" page
> rather than the login form. Again there are no error messages in the
> Tomcat or CAS log files, it just considers the service unavailable.
>
> The only thing I can think of is that the process seems to be pulling
> the ID from the TGT created in the cache and MAY be assuming the
> inMemory cache structure. We are using a replicated ehcache for the
> ticket registry with separate caches for the TGTs and STs (because of
> the replication). Can anyone comment on whether my guess is correct,
> and if so how we adapt the process to be used with an ehcache ticket
> registry?
>
>
> ||
> On 8/20/14 4:56 PM, David A. Kovacic wrote:
>> We would like to be able to access the authenticated user in the
>> casGenericSuccess.jsp view. I did find this article:
>>
>> https://github.com/Unicon/cas-addons/wiki/Authenticated-Principal-in-Generic-Success-Login-View
>>
>> but if is mostly described as part of CAS 3.5.2 and I've never seen
>> it described for CAS 4.0.0 which we are using. Is there a simpler
>> way to get that user in CAS 4.0.0? We've seen some code that
>> indicates you should be able to access ${sessionScope.openIdLocalId}
>> but that seems to be blank in casGenericSuccess.jsp.
>>
>> This is our casLoginView.jsp:
>>
>> <jsp:directive.include file="includes/top.jsp" />
>>
>> <c:if test="${not pageContext.request.secure}">
>> <div id="msg" class="errors">
>> <h2>Non-secure Connection</h2>
>> <p>You are currently accessing CAS over a non-secure connection.
>> Single Sign On WILL NOT WORK. In order to have single sign on work,
>> you MUST log in over HTTPS.</p>
>> </div>
>> </c:if>
>>
>> <div class="messageboxbox"></div>
>>
>> <jsp:directive.include file="includes/casLoginBox.jsp" />
>>
>> <jsp:directive.include file="includes/bottom.jsp" />
>>
>> and our include casLoginBox.jsp where the guts of the login form live:
>>
>> <form:form method="post" id="fm1" commandName="${commandName}"
>> htmlEscape="true" onsubmit="setCookie()" >
>> <form:errors path="*" id="msg" cssClass="errors" element="div"
>> htmlEscape="false" />
>>
>> <div id="login-box">
>> <div id="login-form-container">
>>
>> <div id="entryLogin">
>> <p>
>> <img alt="Enter your CWRU Network ID"
>> src="https:/cas/themes/cwru-id.png"/>
>> <c:choose>
>> <c:when test="${not empty sessionScope.openIdLocalId}">
>> <strong>${sessionScope.openIdLocalId}</strong>
>> <input type="hidden" id="username" name="username"
>> value="${sessionScope.openIdLocalId}" />
>> </c:when>
>> <c:otherwise>
>> <form:input cssClass="required" cssErrorClass="error"
>> id="username" size="25" tabindex="1" accesskey="${userNameAccessKey}"
>> path="username" autocomplete="off" htmlEscape="true" name="username"
>> /><br/>
>> </c:otherwise>
>> </c:choose>
>>
>> <span class="textentry"><a tabindex="10"
>> href="https://www.case.edu/wizard/wizard.html?idcheck";>Forget your
>> CWRU Network ID?</a></span>
>> </p>
>>
>> <p>
>> <img alt="Enter your password"
>> src="https:/cas/themes/password.png"/>
>> <form:password cssClass="required" cssErrorClass="error"
>> id="password" size="25" tabindex="2" path="password"
>> accesskey="${passwordAccessKey}" htmlEscape="true" autocomplete="off"
>> /><br/>
>> <span class="textentry">
>> <a tabindex="10"
>> href="https://its-services.case.edu/my-case-identity/password/reset/";>Forget
>> your password?</a>
>> </span>
>> </p>
>> </div>
>>
>> <div id="quickLink">
>>
>> <p>
>> <img alt="Quick Links" src="https:/cas/themes/quicklinks.png"/><br/>
>>
>> <span class="quickentry">
>> <a
>> href="https://its-services.case.edu/my-case-identity/activate/index.cgi";>Activate
>> CWRU Network ID</a><br/>
>> <a
>> href="https://its-services.case.edu/my-case-identity/password/reset/";>Reset
>> your password</a><br/>
>> <a
>> href="https://its-services.case.edu/my-case-identity/password/change/";>Change
>> your password</a><br/>
>> <a href="http://help.case.edu";>Help Desk</a><br/><a
>> href="https://www.case.edu/its/";>ITS homepage</a>
>> </span>
>> </p>
>> </div>
>>
>> <section class="row btn-row">
>> <input type="hidden" name="lt" value="${loginTicket}" />
>> <input type="hidden" name="execution"
>> value="${flowExecutionKey}" />
>> <input type="hidden" name="_eventId" value="submit" />
>> <div id="loginButton" align="center">
>> <input class="button" name="submit" accesskey="l"
>> value="<spring:message code="screen.welcome.button.login" />"
>> id="login-submit" alt="Login" src="/cas/themes/loginbutton.gif"
>> tabindex="3" type="image" />
>> </div>
>> </section>
>> <br/>
>> </div>
>> </div>
>> </div>
>>
>> The current casGenericSuccess.jsp page looks like:
>> <jsp:directive.include file="includes/top.jsp" />
>>
>> <div class="messageboxbox">
>> <div class="messagebox confirmation">You have successfully logged in as
>> <strong>
>> ${sessionScope.openIdLocalId}
>> </strong>
>> .<br/> Click <a id="logout" href="https:/cas/logout">here</a> to
>> logout.</div>
>> </div>
>>
>> <jsp:directive.include file="includes/casLoginBoxFiller.jsp" />
>>
>> <jsp:directive.include file="includes/bottom.jsp" />
>>
>>
>> --
>> You are currently subscribed to [email protected] as: [email protected]
>> To unsubscribe, change settings or access archives, see
>> http://www.ja-sig.org/wiki/display/JSG/cas-user
> --
> You are currently subscribed to [email protected] as: [email protected]
> To unsubscribe, change settings or access archives, see
> http://www.ja-sig.org/wiki/display/JSG/cas-user
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
