Hi Jérôme,
I've reset my configuration and get rid of Spring DelegatingFilterProxy
in web.xml. So now this is the only change in web.xml:
<filter>
<filter-name>CAS Authentication Filter</filter-name>
........
* <init-param>
<param-name>gateway</param-name>
<param-value>true</param-value> </init-param> *
........
And voila, it works fine. The only issue is when the user hasn't logged
yet. In this case the browser always get redirected with the TARGET
parameter in the url but this is a minor problem.
Thank you very much for your help. I was really stuck...
BTW, here's the log:
12:07:39,832 org.jasig.cas.client.session.SingleSignOutFilter TRACE:
Ignoring URI /portal/cms/aa
12:07:39,833 org.jasig.cas.client.util.CommonUtils DEBUG: serviceUrl
generated: https://localhost:8043/portal/cms/aa
12:07:39,833 org.jasig.cas.client.authentication.AuthenticationFilter
DEBUG: no ticket and no assertion found
12:07:39,833 org.jasig.cas.client.authentication.AuthenticationFilter
DEBUG: setting gateway attribute in session
12:07:39,833 org.jasig.cas.client.authentication.AuthenticationFilter
DEBUG: Constructed service url: https://localhost:8043/portal/cms/aa
12:07:39,834 org.jasig.cas.client.authentication.AuthenticationFilter
DEBUG: redirecting to "
https://cas.dev.server.org:444/cas/login?TARGET=https%3A%2F%2Flocalhost%3A8043%2Fportal%2Fcms%2Faa&gateway=true
"
12:07:39,854 org.jasig.cas.client.session.SingleSignOutHandler DEBUG:
Recording session for token
AAFSsPYAkNKN6Mb0Q6Li8D8gawrtLNmfJ9BTNMav6OOBw47o6YsDPr8W
12:07:39,855
org.jasig.cas.client.session.HashMapBackedSessionMappingStorage DEBUG:
Attempting to remove Session=[727EC7E0A0099D4FA8D4F5188402FB56
12:07:39,855
org.jasig.cas.client.session.HashMapBackedSessionMappingStorage DEBUG: No
mapping for session found. Ignoring.
12:07:39,855 org.jasig.cas.client.util.CommonUtils DEBUG: serviceUrl
generated:
https://localhost:8043/portal/cms/aa?TARGET=https%3A%2F%2Flocalhost%3A8043%2Fportal%2Fcms%2Faa
12:07:39,855 org.jasig.cas.client.validation.AbstractTicketValidationFilter
DEBUG: Attempting to validate ticket:
AAFSsPYAkNKN6Mb0Q6Li8D8gawrtLNmfJ9BTNMav6OOBw47o6YsDPr8W
12:07:39,855 org.jasig.cas.client.util.CommonUtils DEBUG: serviceUrl
generated:
https://localhost:8043/portal/cms/aa?TARGET=https%3A%2F%2Flocalhost%3A8043%2Fportal%2Fcms%2Faa
12:07:39,855
org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator DEBUG:
Placing URL parameters in map.
12:07:39,855
org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator DEBUG:
Calling template URL attribute map.
12:07:39,855
org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator DEBUG:
Loading custom parameters from configuration.
12:07:39,856
org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator DEBUG:
Constructing validation url:
https://cas.dev.server.org:444/cas/samlValidate?TARGET=https%3A%2F%2Flocalhost%3A8043%2Fportal%2Fcms%2Faa%3FTARGET%3Dhttps%253A%252F%252Flocalhost%253A8043%252Fportal%252Fcms%252Faa
12:07:39,856
org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator DEBUG:
Retrieving response from server.
12:07:39,885
org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator DEBUG:
Server response: <?xml version="1.0" encoding="UTF-8"?><SOAP-ENV:Envelope
xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/
"><SOAP-ENV:Body><saml1p:Response.....
12:07:39,901 org.jasig.cas.client.validation.AbstractTicketValidationFilter
DEBUG: Successfully authenticated user: baldur
12:07:39,901 org.jasig.cas.client.validation.AbstractTicketValidationFilter
DEBUG: Redirecting after successful ticket validation.
12:07:39,901 org.jasig.cas.client.util.CommonUtils DEBUG: serviceUrl
generated:
https://localhost:8043/portal/cms/aa?TARGET=https%3A%2F%2Flocalhost%3A8043%2Fportal%2Fcms%2Faa
12:07:39,904 org.jasig.cas.client.session.SingleSignOutFilter TRACE:
Ignoring URI /portal/cms/aa
2014-08-28 11:35 GMT+02:00 Jérôme LELEU <lel...@gmail.com>:
> I meant: your logs on the CAS client / application side, to see if the
> service ticket has been properly validated.
>
> Best regards,
>
> Jérôme LELEU
> Founder of CAS in the cloud: www.casinthecloud.com | Twitter: @leleuj
> Chairman of CAS: www.jasig.org/cas | Creator of pac4j: www.pac4j.org
>
>
> 2014-08-28 10:54 GMT+02:00 Baldur Dae <baldur....@gmail.com>:
>
> Thank you very much for your quick response. For the time being, I only
>> get the following log:
>>
>> [org.jasig.cas.CentralAuthenticationServiceImpl] - Granted service
>> ticket [ST-12-XXXXXX] for service [https://localhost:8043/portal/cms]
>> for user [baldur]
>> 2014-08-28 10:47:10,648 INFO
>> [com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit
>> trail record BEGIN
>> =============================================================
>> WHO: baldur
>> WHAT:ST-12-XXXXXX for https://localhost:8043/portal/cms
>> ACTION: SERVICE_TICKET_CREATED
>> APPLICATION: CAS
>>
>> Checking my log configuration again...
>>
>>
>>
>> 2014-08-28 10:15 GMT+02:00 Jérôme LELEU <lel...@gmail.com>:
>>
>>> Hi,
>>>
>>> It should work as you returned to your application with a service ticket.
>>>
>>> Don't you have something relevant in your logs? Would you mind enabling
>>> logs on org.jasig.cas?
>>>
>>> Thanks.
>>> Best regards,
>>>
>>>
>>> Jérôme LELEU
>>> Founder of CAS in the cloud: www.casinthecloud.com | Twitter: @leleuj
>>> Chairman of CAS: www.jasig.org/cas | Creator of pac4j: www.pac4j.org
>>>
>>>
>>> 2014-08-28 9:55 GMT+02:00 Baldur Dae <baldur....@gmail.com>:
>>>
>>>> Hi,
>>>> I'm using CAS distribution based on version 3.4.1. So far client
>>>> webapps have used CAS in non gateway mode. I'd like to configure gateway
>>>> mode for a new webapp which serves public pages. However I can't make it
>>>> run correctly. I paste my current configuration.
>>>>
>>>> *web.xml:*
>>>> <filter>
>>>> <filter-name>CAS Authentication Filter</filter-name>
>>>>
>>>> <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
>>>> <init-param>
>>>> <param-name>targetBeanName</param-name>
>>>> <param-value>casAuthenticationFilter</param-value>
>>>> </init-param>
>>>> </filter>
>>>>
>>>> *casAuthenticationFilter Spring bean:*
>>>> <bean id="casAuthenticationFilter"
>>>> class="org.jasig.cas.client.authentication.Saml11AuthenticationFilter">
>>>> <property name="casServerLoginUrl" value="
>>>> https://server/sso/login"; />
>>>> <property name="serverName" value="https://client/"; />
>>>> <property name="gateway" value="true" />
>>>> </bean>
>>>>
>>>> The result is OK when the user isn't logged in but when the user has a
>>>> validated CAS session it doesn't show user information. Resulting flow is
>>>> like this:
>>>> - User goes to /portal/cms (webapp in gateway mode)
>>>> - Browser gets a redirect (302) to /cas/login
>>>> ?service=https%3A%2F%2Flocalhost%3A8043%2Fportal%2Fcms&gateway=true
>>>> - Browser gets a new redirect (302) to
>>>> /portal/cms/aa?ticket=ST-35-4GbGiDc...
>>>> - The process stops here but there's no user information available
>>>>
>>>>
>>>> Please help me, I can't figure out what I'm doing wrong
>>>>
>>>> Thanks very much
>>>>
>>>> --
>>>> You are currently subscribed to cas-user@lists.jasig.org as:
>>>> lel...@gmail.com
>>>> To unsubscribe, change settings or access archives, see
>>>> http://www.ja-sig.org/wiki/display/JSG/cas-user
>>>>
>>>>
>>> --
>>> You are currently subscribed to cas-user@lists.jasig.org as:
>>> baldur....@gmail.com
>>> To unsubscribe, change settings or access archives, see
>>> http://www.ja-sig.org/wiki/display/JSG/cas-user
>>>
>>>
>> --
>> You are currently subscribed to cas-user@lists.jasig.org as: lel...@gmail.com
>> To unsubscribe, change settings or access archives, see
>> http://www.ja-sig.org/wiki/display/JSG/cas-user
>>
>>
> --
> You are currently subscribed to cas-user@lists.jasig.org as:
> baldur....@gmail.com
> To unsubscribe, change settings or access archives, see
> http://www.ja-sig.org/wiki/display/JSG/cas-user
>
>
--
You are currently subscribed to cas-user@lists.jasig.org as:
arch...@mail-archive.com
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
