Thks for your response,
The authentificatin is based on AD ,
we use
org.jasig.cas.adaptors.trusted.authentication.handler.support.PrincipalBearingCredentialsAuthenticationHandler
and
org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandle
<bean id="authenticationManager"
class="org.jasig.cas.authentication.AuthenticationManagerImpl">
<property name="credentialsToPrincipalResolvers">
<list>
<bean
class="org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver"
/>
<!--<bean
class="org.jasig.cas.authentication.principal.HttpBasedServiceCredentialsToPrincipalResolver"
/ -->
<bean
class="org.jasig.cas.adaptors.trusted.authentication.principal.PrincipalBearingCredentialsToPrincipalResolver"
/>
</list>
</property>
<property name="authenticationHandlers">
<list>
<bean
class="org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler"
p:httpClient-ref="httpClient" />
<bean
class="org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler">
<property name="filter" value="sAMAccountName=%u" />
<property name="searchBase" value="DC=useit,DC=fr" />
<property name="contextSource" ref="contextSource" />
<property name="ignorePartialResultException"
value="yes"/>
</bean>
<bean
class="org.jasig.cas.adaptors.trusted.authentication.handler.support.PrincipalBearingCredentialsAuthenticationHandler"
/>
</list>
</property>
<property name="authenticationMetaDataPopulators">
<list>
<bean
class="org.jasig.cas.authentication.principal.RememberMeAuthenticationMetaDataPopulator"
/>
</list>
</property>
</bean>
Regards
Jérémie
On Mon, Jan 12, 2015 at 5:28 PM, John Gasper <[email protected]> wrote:
> I can't say that I've seen anything like this before... What
> authenticate handlers are you using?
>
> ---
> *John Gasper*
> IAM Consultant
> Unicon, Inc.
> PGP/GPG Key: 0xbafee3ef
>
> On 1/12/15 5:47 AM, jnataf wrote:
>
> Hi everybody,
>
> Two webapp applications (webapp1 on tomcat 1 and webapp2 on tomcat 2) are
> deployed on two tomcats server.
>
> My problem :
> I can connect on each application with sso, but i can't share connection
> betwen the two applications, i have to reconnect each time on the second
> application.
>
> the cas server generated alway a new ticket
>
> My use case :
> - i connect to the webapp1 with sso
> - i browse to the webapp2 and i automated redirect to the cas login page, i
> have to logon a second time on sso server
>
> thanks for your help
> 2015-01-12 15:12:37,565 DEBUG [org.jasig.cas.web.flow.InitialFlowSetupAction]
> - Action 'InitialFlowSetupAction' completed execution; result is 'success'
> 2015-01-12 15:12:37,565 DEBUG
> [org.jasig.cas.adaptors.trusted.web.flow.PrincipalFromRequestRemoteUserNonInteractiveCredentialsAction]
> - Action 'PrincipalFromRequestRemoteUserNonInteractiveCredentialsAction'
> beginning execution
> 2015-01-12 15:12:37,566 DEBUG
> [org.jasig.cas.adaptors.trusted.web.flow.PrincipalFromRequestRemoteUserNonInteractiveCredentialsAction]
> - Remote User not found in HttpServletRequest.
> 2015-01-12 15:12:37,566 DEBUG
> [org.jasig.cas.adaptors.trusted.web.flow.PrincipalFromRequestRemoteUserNonInteractiveCredentialsAction]
> - Action 'PrincipalFromRequestRemoteUserNonInteractiveCredentialsAction'
> completed execution; result is 'error'
> 2015-01-12 15:12:37,566 DEBUG
> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Action
> 'AuthenticationViaFormAction' beginning execution
> 2015-01-12 15:12:37,566 DEBUG
> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Executing setupForm
> 2015-01-12 15:12:37,566 DEBUG
> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Creating new form
> object with name 'credentials'
> 2015-01-12 15:12:37,566 DEBUG
> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Creating new instance
> of form object class [class
> org.jasig.cas.authentication.principal.UsernamePasswordCredentials]
> 2015-01-12 15:12:37,566 DEBUG
> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Putting form object of
> type [class
> org.jasig.cas.authentication.principal.UsernamePasswordCredentials] in scope
> Flow with name 'credentials'
> 2015-01-12 15:12:37,566 DEBUG
> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Creating new form
> errors for object with name 'credentials'
> 2015-01-12 15:12:37,566 DEBUG
> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - No property editor
> registrar set, no custom editors to register
> 2015-01-12 15:12:37,567 DEBUG
> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Putting form errors
> instance in scope Flash
> 2015-01-12 15:12:37,567 DEBUG
> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Action
> 'AuthenticationViaFormAction' completed execution; result is 'success'
> 2015-01-12 15:12:37,567 DEBUG
> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Action
> 'AuthenticationViaFormAction' beginning execution
> 2015-01-12 15:12:37,567 DEBUG
> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Action
> 'AuthenticationViaFormAction' completed execution; result is 'success'
> 2015-01-12 15:12:42,460 DEBUG
> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Action
> 'AuthenticationViaFormAction' beginning execution
> 2015-01-12 15:12:42,460 DEBUG
> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Executing bind
> 2015-01-12 15:12:42,460 DEBUG
> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Found existing form
> object with name 'credentials' of type [class
> org.jasig.cas.authentication.principal.UsernamePasswordCredentials] in scope
> Flow
> 2015-01-12 15:12:42,460 DEBUG
> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - No property editor
> registrar set, no custom editors to register
> 2015-01-12 15:12:42,461 DEBUG
> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Binding allowed
> request parameters in map['username' -> 'nataf1', 'submit' -> 'SE CONNECTER',
> '_eventId' -> 'submit', 'service' ->
> 'http://portail.intranet.citepro.cite-sciences.fr/c/portal/login?p_l_id=12980',
> 'lt' ->
> '_c7E1350E9-537B-F296-195A-D28DDFA8017E_k0595A0EE-EC71-239E-AE03-AB417C17634F',
> 'password' -> 'secret'] to form object with name 'credentials', pre-bind
> formObject toString = [username: null]
> 2015-01-12 15:12:42,461 DEBUG
> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - (Any field is allowed)
> 2015-01-12 15:12:42,461 DEBUG
> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Binding completed for
> form object with name 'credentials', post-bind formObject toString =
> [username: nataf1]
> 2015-01-12 15:12:42,462 DEBUG
> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - There are [0] errors,
> details: []
> 2015-01-12 15:12:42,462 DEBUG
> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Executing validation
> 2015-01-12 15:12:42,462 DEBUG
> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Invoking validator
> org.jasig.cas.validation.UsernamePasswordCredentialsValidator@3b69278
> 2015-01-12 15:12:42,462 DEBUG
> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Validation completed
> for form object
> 2015-01-12 15:12:42,462 DEBUG
> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - There are [0] errors,
> details: []
> 2015-01-12 15:12:42,462 DEBUG
> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Putting form errors
> instance in scope Flash
> 2015-01-12 15:12:42,462 DEBUG
> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Action
> 'AuthenticationViaFormAction' completed execution; result is 'success'
> 2015-01-12 15:12:42,462 DEBUG
> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Action
> 'AuthenticationViaFormAction' beginning execution
> 2015-01-12 15:12:42,463 DEBUG
> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Found existing form
> object with name 'credentials' of type [class
> org.jasig.cas.authentication.principal.UsernamePasswordCredentials] in scope
> Flow
> 2015-01-12 15:12:42,463 DEBUG
> [org.jasig.cas.CentralAuthenticationServiceImpl] - Attempting to create
> TicketGrantingTicket for [username: nataf1]
> 2015-01-12 15:12:42,463 DEBUG
> [org.jasig.cas.CentralAuthenticationServiceImpl] - Attempting to create
> TicketGrantingTicket for [username: nataf1]
> 2015-01-12 15:12:42,480 INFO
> [org.jasig.cas.authentication.AuthenticationManagerImpl] -
> AuthenticationHandler:
> org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler successfully
> authenticated the user which provided the following credentials: [username:
> nataf1]
> 2015-01-12 15:12:42,480 DEBUG
> [org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver]
> - Attempting to resolve a principal...
> 2015-01-12 15:12:42,480 DEBUG
> [org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver]
> - Creating SimplePrincipal for [nataf1]
> 2015-01-12 15:12:42,481 DEBUG
> [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - Added ticket
> [TGT-16-cT3RrXO3rcFFM0kUuADGdp2NCPA9hhGnmGgjRmNOK3FsOWHrb4-cas] to registry.
> 2015-01-12 15:12:42,481 DEBUG
> [org.jasig.cas.web.support.CookieRetrievingCookieGenerator] - Removed cookie
> with name [CASPRIVACY]
> 2015-01-12 15:12:42,481 DEBUG
> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Action
> 'AuthenticationViaFormAction' completed execution; result is 'success'
> 2015-01-12 15:12:42,481 DEBUG
> [org.jasig.cas.web.flow.SendTicketGrantingTicketAction] - Action
> 'SendTicketGrantingTicketAction' beginning execution
> 2015-01-12 15:12:42,481 DEBUG
> [org.jasig.cas.web.support.CookieRetrievingCookieGenerator] - Added cookie
> with name [CASTGC] and value
> [TGT-16-cT3RrXO3rcFFM0kUuADGdp2NCPA9hhGnmGgjRmNOK3FsOWHrb4-cas]
> 2015-01-12 15:12:42,482 DEBUG
> [org.jasig.cas.web.flow.SendTicketGrantingTicketAction] - Action
> 'SendTicketGrantingTicketAction' completed execution; result is 'success'
> 2015-01-12 15:12:42,482 DEBUG
> [org.jasig.cas.web.flow.GenerateServiceTicketAction] - Action
> 'GenerateServiceTicketAction' beginning execution
> 2015-01-12 15:12:42,482 DEBUG
> [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - Attempting to
> retrieve ticket
> [TGT-16-cT3RrXO3rcFFM0kUuADGdp2NCPA9hhGnmGgjRmNOK3FsOWHrb4-cas]
> 2015-01-12 15:12:42,482 DEBUG
> [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - Ticket
> [TGT-16-cT3RrXO3rcFFM0kUuADGdp2NCPA9hhGnmGgjRmNOK3FsOWHrb4-cas] found in
> registry.
> 2015-01-12 15:12:42,482 DEBUG
> [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - Added ticket
> [ST-14-ogdO1bt3aGv9rZ5JIRAs-cas] to registry.
> 2015-01-12 15:12:42,482 INFO [org.jasig.cas.CentralAuthenticationServiceImpl]
> - Granted service ticket [ST-14-ogdO1bt3aGv9rZ5JIRAs-cas] for service
> [http://portail.intranet.citepro.cite-sciences.fr/c/portal/login?p_l_id=12980]
> for user [nataf1]
> 2015-01-12 15:12:42,483 DEBUG
> [org.jasig.cas.web.flow.GenerateServiceTicketAction] - Action
> 'GenerateServiceTicketAction' completed execution; result is 'success'
> 2015-01-12 15:12:42,518 DEBUG
> [org.jasig.cas.web.support.CasArgumentExtractor] - Extractor generated
> service for:
> http://portail.intranet.citepro.cite-sciences.fr/c/portal/login?p_l_id=12980
> 2015-01-12 15:12:42,518 DEBUG
> [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - Attempting to
> retrieve ticket [ST-14-ogdO1bt3aGv9rZ5JIRAs-cas]
> 2015-01-12 15:12:42,518 DEBUG
> [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - Ticket
> [ST-14-ogdO1bt3aGv9rZ5JIRAs-cas] found in registry.
> 2015-01-12 15:12:42,519 DEBUG
> [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - Removing ticket
> [ST-14-ogdO1bt3aGv9rZ5JIRAs-cas] from registry
> 2015-01-12 15:12:51,531 DEBUG [org.jasig.cas.web.flow.InitialFlowSetupAction]
> - Action 'InitialFlowSetupAction' beginning execution
> 2015-01-12 15:12:51,532 DEBUG
> [org.jasig.cas.web.support.CasArgumentExtractor] - Extractor generated
> service for:
> http://portail.intranet.citepro.cite-sciences.fr/bonita/portal/homepage
> 2015-01-12 15:12:51,532 DEBUG [org.jasig.cas.web.flow.InitialFlowSetupAction]
> - Placing service in FlowScope:
> http://portail.intranet.citepro.cite-sciences.fr/bonita/portal/homepage
> 2015-01-12 15:12:51,532 DEBUG [org.jasig.cas.web.flow.InitialFlowSetupAction]
> - Action 'InitialFlowSetupAction' completed execution; result is 'success'
> 2015-01-12 15:12:51,533 DEBUG
> [org.jasig.cas.adaptors.trusted.web.flow.PrincipalFromRequestRemoteUserNonInteractiveCredentialsAction]
> - Action 'PrincipalFromRequestRemoteUserNonInteractiveCredentialsAction'
> beginning execution
> 2015-01-12 15:12:51,533 DEBUG
> [org.jasig.cas.adaptors.trusted.web.flow.PrincipalFromRequestRemoteUserNonInteractiveCredentialsAction]
> - Remote User not found in HttpServletRequest.
> 2015-01-12 15:12:51,533 DEBUG
> [org.jasig.cas.adaptors.trusted.web.flow.PrincipalFromRequestRemoteUserNonInteractiveCredentialsAction]
> - Action 'PrincipalFromRequestRemoteUserNonInteractiveCredentialsAction'
> completed execution; result is 'error'
> 2015-01-12 15:12:51,533 DEBUG
> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Action
> 'AuthenticationViaFormAction' beginning execution
> 2015-01-12 15:12:51,533 DEBUG
> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Executing setupForm
> 2015-01-12 15:12:51,533 DEBUG
> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Creating new form
> object with name 'credentials'
> 2015-01-12 15:12:51,533 DEBUG
> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Creating new instance
> of form object class [class
> org.jasig.cas.authentication.principal.UsernamePasswordCredentials]
> 2015-01-12 15:12:51,533 DEBUG
> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Putting form object of
> type [class
> org.jasig.cas.authentication.principal.UsernamePasswordCredentials] in scope
> Flow with name 'credentials'
> 2015-01-12 15:12:51,533 DEBUG
> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Creating new form
> errors for object with name 'credentials'
> 2015-01-12 15:12:51,533 DEBUG
> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - No property editor
> registrar set, no custom editors to register
> 2015-01-12 15:12:51,534 DEBUG
> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Putting form errors
> instance in scope Flash
> 2015-01-12 15:12:51,534 DEBUG
> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Action
> 'AuthenticationViaFormAction' completed execution; result is 'success'
> 2015-01-12 15:12:51,534 DEBUG
> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Action
> 'AuthenticationViaFormAction' beginning execution
> 2015-01-12 15:12:51,534 DEBUG
> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Action
> 'AuthenticationViaFormAction' completed execution; result is 'success'
> ~
>
>
> URL
> for the webapp1
> http://portail.intranet.citepro.cite-sciences.fr/c/portal/login?p_l_id=12980
>
> and webapp2
> http://portail.intranet.citepro.cite-sciences.fr/bonita/portal/homepage
>
> we caan see on log when i navigate to the webapp2
>
> the log Remote User not found
>
> 2015-01-12 15:12:51,533 DEBUG
> [org.jasig.cas.adaptors.trusted.web.flow.PrincipalFromRequestRemoteUserNonInteractiveCredentialsAction]
> - Remote User not found in HttpServletRequest.
>
>
> this log can explain the problem ?
>
>
> Thks
> Jeremie
>
>
>
> --
> You are currently subscribed to [email protected] as:
> [email protected]
> To unsubscribe, change settings or access archives, see
> http://www.ja-sig.org/wiki/display/JSG/cas-user
>
>
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
