Ah, I see, there's a URL in FilterSecurityInterceptor that looked all weird and that's probably why I overlooked it. Changed that and CAS came up. Thanks for your help.
Scott Battaglia wrote: > As I stated, take a look at the bean that defines the URLs to protect > and the ROLES required for those URLs. > > -Scott > > On Dec 11, 2007 8:47 AM, Kevin Jordan < [EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]>> wrote: > > As far as I can tell, > <filter> > > <filter-name>Acegi CAS Processing Filter</filter-name> > > <filter-class>org.acegisecurity.util.FilterToBeanProxy</filter-class> > <init-param> > <param-name>targetClass</param-name> > <!-- > <param-value>org.acegisecurity.ui.cas.CasProcessingFilter</param-value>--> > > <param-value>org.acegisecurity.util.FilterChainProxy</param-value> > </init-param> > </filter> > is the filter used by my URL pattern which then > <bean id="filterChainProxy" > class="org.acegisecurity.util.FilterChainProxy"> > <property name="filterInvocationDefinitionSource"> > <value> > CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON > PATTERN_TYPE_APACHE_ANT > > > /**=channelProcessingFilter,httpSessionContextIntegrationFilter,logoutFilter,casProcessingFilter,basicProcessingFilter,exceptionTranslationFilter,filterInvocationInterceptor > </value> > </property> > </bean> > seems to have /** for the URL in there which should protect > everything in my webapp with the chain of beans on the right of > the equal sign, I would think assuming I'm reading that > correctly. Is that not correct? Is there an error in my chain > somewhere? > > That was based off their contacts example. The reference guide > doesn't even have a filter chain, it just has that commented out > CasProcessingFilter which didn't seem to work either. > > Scott Battaglia wrote: >> You need to configure Acegi to protect the URLs you want >> protected with the appropriate roles. Look at your configuration >> file, and you'll see pattern-matching URLs with appropriate roles >> after them. Make sure they match the URLs you want protected. >> >> -Scott >> >> On Dec 11, 2007 8:16 AM, Kevin Jordan <[EMAIL PROTECTED] >> <mailto:[EMAIL PROTECTED]>> wrote: >> >> Do you know what property I need to set then in my config >> files to require authentication? I've been following >> http://acegisecurity.org/guide/springsecurity.html#cas and >> the contacts example, but if that's not the property that >> requires authentication, then I can't seem to see which one >> does since that's the only thing with a url-pattern in it. >> >> Scott Battaglia wrote: >>> No, all that tells you to do is delegate all filtering to >>> Acegi and then you're configuring Acegi to tell it which >>> urls to protect. >>> >>> -Scott >>> >>> On Dec 11, 2007 7:55 AM, Kevin M. Jordan < [EMAIL PROTECTED] >>> <mailto:[EMAIL PROTECTED]>> wrote: >>> >>> >>> Should: >>> <filter-mapping> >>> <filter-name>Acegi CAS Processing Filter</filter-name> >>> <url-pattern>/*</url-pattern> >>> </filter-mapping> >>> not make all the stuff in my webapp be forced under CAS? >>> >>> >>> scott_battaglia wrote: >>> > >>> > Make sure you are attempting to access a URL in your >>> application that has >>> > been configured to require authentication (i.e. >>> something under /secure/*) >>> > >>> > Also, this discussion is best had on the user list as >>> its unrelated to CAS >>> > development. >>> > >>> > -Scott >>> > >>> > On Dec 9, 2007 1:51 AM, Kevin Jordan < >>> [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>> wrote: >>> > >>> >> I'm using the examples in the Acegi documentation as >>> well as the contacts >>> >> example as a guide to set up acegi as a cas client, >>> but I can't seem to >>> >> get >>> >> either to work when I put them into my own >>> application. I can get the >>> >> contacts example to redirect when I put the >>> *security-cas.xml file >>> >> instead >>> >> of just security.xml in the web.xml file and modify >>> the cas locations. >>> >> However, I can't seem to figure out which one bean or >>> property makes it >>> >> redirect. If anyone can share any insight into my >>> config files. I did get >>> >> it >>> >> working prior with the ja-sig client, but I found a >>> hibernate audit >>> >> logging >>> >> example which uses acegi to get the username which is >>> good because the >>> >> only >>> >> way I can get it right now with the ja-sig client is >>> through >>> >> request.getRemoteUser(). >>> >> >>> >> http://kjordan.net/securityConfiguration.xml >>> >> http://kjordan.net/web.xml >>> >> >>> >> The only other things in my web.xml which aren't in >>> the posted one are >>> >> servlet mappings and a hibernate listener to >>> autostart the >>> >> sessionfactory. >>> >> >>> >> _______________________________________________ >>> >> cas-dev mailing list >>> >> [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> >>> >> http://tp.its.yale.edu/mailman/listinfo/cas-dev >>> >> >>> > >>> > >>> > >>> > -- >>> > -Scott Battaglia >>> > >>> > LinkedIn: http://www.linkedin.com/in/scottbattaglia >>> <http://www.linkedin.com/in/scottbattaglia> >>> > >>> > _______________________________________________ >>> > Yale CAS mailing list >>> > [email protected] <mailto:[email protected]> >>> > http://tp.its.yale.edu/mailman/listinfo/cas >>> > >>> > >>> >>> -- >>> View this message in context: >>> >>> http://www.nabble.com/Re%3A--cas-dev--Acegi-not-redirecting-to-CAS-tp14254013p14273398.html >>> Sent from the CAS Users mailing list archive at >>> Nabble.com <http://Nabble.com>. >>> >>> _______________________________________________ >>> Yale CAS mailing list >>> [email protected] <mailto:[email protected]> >>> http://tp.its.yale.edu/mailman/listinfo/cas >>> <http://tp.its.yale.edu/mailman/listinfo/cas> >>> >>> >>> >>> >>> -- >>> -Scott Battaglia >>> >>> LinkedIn: http://www.linkedin.com/in/scottbattaglia >>> >>> ------------------------------------------------------------------------ >>> _______________________________________________ Yale CAS >>> mailing list [email protected] >>> <mailto:[email protected]> >>> http://tp.its.yale.edu/mailman/listinfo/cas >> >> >> _______________________________________________ >> Yale CAS mailing list >> [email protected] <mailto:[email protected]> >> http://tp.its.yale.edu/mailman/listinfo/cas >> <http://tp.its.yale.edu/mailman/listinfo/cas> >> >> >> >> >> -- >> -Scott Battaglia >> >> LinkedIn: http://www.linkedin.com/in/scottbattaglia >> ------------------------------------------------------------------------ >> _______________________________________________ Yale CAS mailing >> list [email protected] <mailto:[email protected]> >> http://tp.its.yale.edu/mailman/listinfo/cas > > > _______________________________________________ > Yale CAS mailing list > [email protected] <mailto:[email protected]> > http://tp.its.yale.edu/mailman/listinfo/cas > <http://tp.its.yale.edu/mailman/listinfo/cas> > > > > > -- > -Scott Battaglia > > LinkedIn: http://www.linkedin.com/in/scottbattaglia > ------------------------------------------------------------------------ > > _______________________________________________ > Yale CAS mailing list > [email protected] > http://tp.its.yale.edu/mailman/listinfo/cas > _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
