Hi, Did you try with a more recent CAS client by Spring Security (3.2.5.RELEASE)? Did you enable DEBUG logs (org.jasig) on client side to see the SAML response returned by the CAS server?
Thanks. Best regards, Jérôme LELEU Founder of CAS in the cloud: www.casinthecloud.com | Twitter: @leleuj Chairman of CAS: www.jasig.org/cas | Creator of pac4j: www.pac4j.org 2014-11-04 7:27 GMT+01:00 jeffrey tan <[email protected]>: > > http://stackoverflow.com/questions/26710286/cas-4-does-not-work-properly-with-cas-client-core-3-1-12 > > As title shown, currently i am using CAS 3.5.2, therefore i upgrade to CAS > 4.i just change the user name casuser and mellon to admin admin. its a very > minimal changes. > therefore when i try to login, for example: > > 1 login, abcd/login > > 2 redirect to cas/login > > 3 after success logon, its redirect to abcd/login?st=xxxxxx with blank > page. > > > do i miss somethings? or i need to change pom.xml? > > below is part of my pom.xml > > <dependency> > <groupId>org.springframework.security</groupId> > <artifactId>spring-security-cas</artifactId> > <version>3.1.0.RELEASE</version> > <scope>compile</scope> > </dependency> > <dependency> > <groupId>org.opensaml</groupId> > <artifactId>opensaml</artifactId> > <version>1.1</version> > <scope>runtime</scope> > </dependency> > <dependency> > <groupId>xml-security</groupId> > <artifactId>xmlsec</artifactId> > <version>1.3.0</version> > <scope>runtime</scope> > </dependency> > <dependency> > <groupId>net.sf.ehcache</groupId> > <artifactId>ehcache</artifactId> > <version>1.6.2</version> > <scope>runtime</scope> > </dependency> > > my error log > > java.lang.StringIndexOutOfBoundsException: String index out of range: > -1 > at java.lang.String.substring(String.java:1911) > at > org.jasig.cas.client.validation.Saml11TicketValidator.parseResponseFromServer(Saml11TicketValidator.java:50) > at > org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:197) > at > org.springframework.security.cas.authentication.CasAuthenticationProvider.authenticateNow(CasAuthenticationProvider.java:140) > at > org.springframework.security.cas.authentication.CasAuthenticationProvider.authenticate(CasAuthenticationProvider.java:126) > at > org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:156) > at > org.springframework.security.cas.web.CasAuthenticationFilter.attemptAuthentication(CasAuthenticationFilter.java:242) > at > org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:194) > at > org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323) > at > org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:105) > at > org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323) > at > org.jasig.cas.client.session.SingleSignOutFilter.doFilter(SingleSignOutFilter.java:65) > at > org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323) > at > org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:87) > at > org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323) > at > org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:173) > at > org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346) > at > org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:259) > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243) > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210) > at > sg.com.innovax.opscentralv5.objects.setEncoding.doFilter(setEncoding.java:100) > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243) > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210) > at > org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:222) > at > org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:123) > at > org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472) > at > org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:171) > at > org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:99) > at > org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:947) > at > org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118) > at > org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:408) > at > org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1009) > at > org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:589) > at > org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:312) > at > java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) > at > java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) > at java.lang.Thread.run(Thread.java:722) > > > Therefore i checked the error code,view and breakpoint the source > code(package org.jasig.cas.client.validation;). in > Saml11TicketValidator.parseResponseFromServer, its because the response > result wasnt in expected therefore substring got problems. this 1 just > exception handling, is not a root cause.**The root cause is in > Saml11TicketValidator retrieveResponseFromServer, why CAS4 Return login > page(in my CAS4, is already login)??? is it a bug?** > > note: my maven dependency is using cas-client-core-3.1.12.jar > > -- > You are currently subscribed to [email protected] as: [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
