For the archives: I was having trouble granting myself authorization to /services. Here's how to do it, at least for testing purposes. The second step here had me thumping my head soundly against the wall for a couple hours.
1) Modify securityContext.xml. Find bean id="inMemoryDaoImpl", and add
your ID, something of the form "mas02041=notused,ROLE_ADMIN" .
2) Make sure that your server can establish an https callback to the
proxyValidate url, and that *the certificate protecting that url is
trusted by the acegi filter*. To ensure trust, either:
* Add your certificate to the global trust store (generally
$JAVA_HOME//jre/lib/security/cacerts), or
* Modify bean id="casProxyTicketValidator" in securityContext.xml to
include the location of your trusted keystore, containing your
certificate:
<property name="trustStore"><value>/path/to/.keystore</value></property>
Hope that helps somebody,
-Matt
--
Matthew J. Smith <[EMAIL PROTECTED]>
University of Connecticut UITS
signature.asc
Description: This is a digitally signed message part
_______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
