We have a development team with about 140 CASIfied java apps running on
Glassfish. They are using CAS client version 3.2.1.
They have noticed that their log files are filled with the above exception and
have asked me to help them resolve this. Our CAS servers are 3.4.12 and uses
ehcache for the ticket registry. We have a 2 server load balanced cluster.
Our CASified Peoplesoft Portal does not exhibit this behavior.
I did a google search on the error and found some posts from 2010 and it seems
this exception is probably a client side configuration issue, but could be
related to a misconfigured ticket registry.
The CASIfied apps don't put the filters directly in a web.xml file. They use a
ServletContextListener to load the filters. I am not really familiar with this
class. I have included it below and was hoping someone could verify its
correctness.
Thanks,
Bryan
package edu.utah.acs.student.common.security;
import edu.utah.acs.student.common.property.AcsPropertyLoader;
import edu.utah.acs.student.common.text.StringUtil;
import edu.utah.acs.tek.filters.CASSingleSignOutRebroadcast;
import edu.utah.acs.tek.filters.UuPersonAddFilter;
import javax.servlet.FilterRegistration.Dynamic;
import javax.servlet.ServletContext;
import javax.servlet.ServletContextEvent;
import javax.servlet.ServletContextListener;
import org.jasig.cas.client.authentication.AuthenticationFilter;
import org.jasig.cas.client.session.SingleSignOutFilter;
import org.jasig.cas.client.session.SingleSignOutHttpSessionListener;
import org.jasig.cas.client.util.HttpServletRequestWrapperFilter;
import
org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
/**
* Programmatically add any needed CAS filters
*/
public class CasContextListener implements ServletContextListener {
private static final Logger logger =
LoggerFactory.getLogger(CasContextListener.class);
private String casServerLogoutUrl =
AcsPropertyLoader.getRequiredProperty("cas.listner.casServerLogoutUrl");
private String casServerLoginUrl =
AcsPropertyLoader.getRequiredProperty("cas.listner.service");
private String casserverurlprefix =
AcsPropertyLoader.getRequiredProperty("cas.listner.casserverurlprefix");
private String docRootLevelDNS =
AcsPropertyLoader.getRequiredProperty("DocRootLevelDNS");
private String serverName = "https://"; + docRootLevelDNS;
@Override
public void contextInitialized(ServletContextEvent sce) {
ServletContext servletContext = sce.getServletContext();
String[] urlPatterns = pullUrlPatterns(servletContext);
servletContext.addListener(new SingleSignOutHttpSessionListener());
Dynamic addFilter;
AuthenticationFilter casAuth = new AuthenticationFilter();
casAuth.setIgnoreInitConfiguration(true);
casAuth.setCasServerLoginUrl(casServerLoginUrl);
casAuth.setServerName(serverName);
casAuth.setArtifactParameterName("ticket");
String gateway;
if ((gateway =
servletContext.getInitParameter("edu.utah.acs.casGateway")) != null)
casAuth.setGateway(Boolean.parseBoolean(gateway));
Cas20ProxyReceivingTicketValidationFilter cproxVal = new
Cas20ProxyReceivingTicketValidationFilter();
addFilter =
servletContext.addFilter("uuPersonAddFilter", new UuPersonAddFilter());
addFilter.addMappingForUrlPatterns(null, false, urlPatterns);
addFilter = servletContext.addFilter("CAS
Wrapper Filter", new HttpServletRequestWrapperFilter());
addFilter.addMappingForUrlPatterns(null, false, urlPatterns);
addFilter = servletContext.addFilter("CAS
Validation Filter", cproxVal);
addFilter.setInitParameter("casServerUrlPrefix", casserverurlprefix);
addFilter.setInitParameter("serverName", serverName);
addFilter.addMappingForUrlPatterns(null, false, urlPatterns);
addFilter = servletContext.addFilter("CAS
Authentication Filter", casAuth);
addFilter.addMappingForUrlPatterns(null, false, urlPatterns);
addFilter =
servletContext.addFilter("CasSingleSignOutFilter", new SingleSignOutFilter());
addFilter.addMappingForUrlPatterns(null, false, "/*");
addFilter =
servletContext.addFilter("CASRebroadcastFilter", new
CASSingleSignOutRebroadcast());
addFilter.addMappingForUrlPatterns(null, false, "/*");
}
private String[] pullUrlPatterns(ServletContext servletContext) {
String urls =
servletContext.getInitParameter("edu.utah.acs.casUrlPatterns");
if (StringUtil.isEmpty(urls)) {
urls = "/*";
}
logger.info("setting CAS Security to the following url patterns: {}",
urls);
return urls.split(",");
}
@Override
public void contextDestroyed(ServletContextEvent sce) {
}
}
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
