Hi, I have put in place a simple "CAS SSO" for the "Liferay" portal and it works very well. now I'm trying to extend this solution to put in place a proxy cas sso that accesses to a portlet that, itself, accesses to "Alfresco" via web services.
What are the configurations to add in the class " com.liferay.portal.servlet.filters.sso.cas.CASFilter" to use the proxies and get the pgtiou I'd use to ask for proxy tickets??? otherwise, I've tried to illustrate the mecanisme directly in a browser like this: - my server cas accessible on the port :8483 - my server tomcat for liferay on : 8090 - I also have the liferay's ssl port: 8445 So - I put in the url "https://localhost:8443/cas/login"; for the authentication on the "CAS" - then the url " https://localhost:8443/cas/login?service=localhost:8090/c/portal"; to get the st for liferay - validation of the service, ticket recovered on https://localhost:8443/cas/serviceValidateticket=XXX&service=localhost:8090/c/portal&pgtUrl=https://localhost:8445 /c/cas/proxyCallBack this is where I get the login but I have this exception: INFO: Server startup in 4596 ms 2007-09-13 14:23:12,026 INFO [ org.jasig.cas.ticket.registry.support.DefaultTicke tRegistryCleaner] - <Starting cleaning of expired tickets from ticket registry a t [Thu Sep 13 14:23:12 CEST 2007]> 2007-09-13 14:23:12,036 INFO [ org.jasig.cas.ticket.registry.support.DefaultTicke tRegistryCleaner] - <0 found to be removed. Removing now.> 2007-09-13 14:23:12,046 INFO [ org.jasig.cas.ticket.registry.support.DefaultTicke tRegistryCleaner] - <Finished cleaning of expired tickets from ticket registry a t [Thu Sep 13 14:23:12 CEST 2007]> 2007-09-13 14:38:32,650 INFO [org.jasig.cas.web.flow.InitialFlowSetupAction] - < Setting ContextPath for cookies to: /cas> 2007-09-13 14:39:14,991 INFO [ org.jasig.cas.authentication.AuthenticationManager Impl] - <AuthenticationHandler: org.jasig.cas.authentication.handler.support.Sim pleTestUsernamePasswordAuthenticationHandler successfully authenticated the user which provided the following credentials: joebloggs> 2007-09-13 14:39:15,011 INFO [org.jasig.cas.CentralAuthenticationServiceImpl] - <Granted service ticket [ST-1-o33NgonIFq7uJTQCTfy5f66I4OJJLJftVaQ-20] for servic e [http://localhost:9000/liferay] for user [joebloggs]> 2007-09-13 14:40:07,106 INFO [ org.jasig.cas.authentication.AuthenticationManager Impl] - <AuthenticationHandler: org.jasig.cas.authentication.handler.support.Htt pBasedServiceCredentialsAuthenticationHandler failed to authenticate the user wh ich provided the following credentials: https://localhost:8443/cas/proxyCallBack > 2007-09-13 14:40:07,106 ERROR [org.jasig.cas.web.ServiceValidateController] - <T icketException generating ticket for: https://localhost:8443/cas/proxyCallBack> org.jasig.cas.ticket.TicketCreationException: error.authentication.credentials.b ad at org.jasig.cas.CentralAuthenticationServiceImpl.delegateTicketGranting Ticket(CentralAuthenticationServiceImpl.java:271) at org.jasig.cas.web.ServiceValidateController.handleRequestInternal (Ser viceValidateController.java:124) at org.springframework.web.servlet.mvc.AbstractController.handleRequest( AbstractController.java:153) at org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter.ha ndle(SimpleControllerHandlerAdapter.java:48) at org.springframework.web.servlet.DispatcherServlet.doDispatch (Dispatch erServlet.java:857) at org.springframework.web.servlet.DispatcherServlet.doService (Dispatche rServlet.java:792) at org.springframework.web.servlet.FrameworkServlet.processRequest (Frame workServlet.java:475) at org.springframework.web.servlet.FrameworkServlet.doGet (FrameworkServl et.java:430) at javax.servlet.http.HttpServlet.service(HttpServlet.java:690) at javax.servlet.http.HttpServlet.service(HttpServlet.java:803) at org.jasig.cas.web.init.SafeDispatcherServlet.service (SafeDispatcherSe rvlet.java:115) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter (Appl icationFilterChain.java:269) at org.apache.catalina.core.ApplicationFilterChain.doFilter (ApplicationF ilterChain.java:188) at org.apache.catalina.core.StandardWrapperValve.invoke (StandardWrapperV alve.java:210) at org.apache.catalina.core.StandardContextValve.invoke (StandardContextV alve.java:174) at org.apache.catalina.core.StandardHostValve.invoke( StandardHostValve.j ava:127) at org.apache.catalina.valves.ErrorReportValve.invoke( ErrorReportValve.j ava:117) at org.apache.catalina.core.StandardEngineValve.invoke (StandardEngineVal ve.java:108) at org.apache.catalina.connector.CoyoteAdapter.service( CoyoteAdapter.jav a:151) at org.apache.coyote.http11.Http11Processor.process( Http11Processor.java :870) at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.p rocessConnection(Http11BaseProtocol.java:665) at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket (PoolTcpEndpo int.java:528) at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt (LeaderFol lowerWorkerThread.java:81) at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run (ThreadP ool.java:685) at java.lang.Thread.run(Unknown Source) Caused by: error.authentication.credentials.bad at org.jasig.cas.authentication.handler.BadCredentialsAuthenticationExce ption.<clinit>(BadCredentialsAuthenticationException.java:25) at org.jasig.cas.authentication.AuthenticationManagerImpl.authenticate(A uthenticationManagerImpl.java:108) at org.jasig.cas.CentralAuthenticationServiceImpl.delegateTicketGranting Ticket(CentralAuthenticationServiceImpl.java:242) ... 24 more for information, I've generated the certificate with the following commands: ------keytool -genkey -alias tomcat -keypass changeit -keyalg RSA ------keytool -export -alias tomcat -keypass changeit -file server.cert ------keytool -import -alias tomcat -file server.cert -keypass changeit -keystore %JAVA_HOME%/jre/lib/security/cacerts Thanks for your help --
_______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
