Re: CAS 3.21 + application -- very urgent help needed please !!

Fri, 16 May 2008 17:07:47 -0700

Scott's right, of course.  The Thread Local filter is not needed for what you need.  It becomes handy if you don't have access to the HttpServletRequest.

Adam

Scott Battaglia wrote:
On Fri, May 16, 2008 at 7:32 PM, Adam Rybicki <[EMAIL PROTECTED]> wrote:
Edward,

Cross-posting to the wrong list (cas-dev) will not speed up a reply.

One thing you'll need is an additional filter.  Actually, two of them, I think.  To make getRemoteUser() work, you'll need them configured similar to this:

  <filter>
    <filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
    <filter-class>org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filter-class>
  </filter>

  <filter>
    <filter-name>CAS Assertion Thread Local Filter</filter-name>
    <filter-class>org.jasig.cas.client.util.AssertionThreadLocalFilter</filter-class>
  </filter>

  <filter-mapping>
    <filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>

    <url-pattern>/*</url-pattern>
  </filter-mapping>

  <filter-mapping>
    <filter-name>CAS Assertion Thread Local Filter</filter-name>

    <url-pattern>/*</url-pattern>
  </filter-mapping>


What concerns me is that, while you are using the JA-SIG CAS Client, the exception message you included appears to have come from the Yale CAS Filter.  I don't think you need both.

Adam beat me to it.  But you are including the configuration for the JASIG CAS Client but an error message from the Yale CAS client.  That's impossible unless you have both of them configured, which I don't think has ever been tried.  I'd recommend just sticking with one of them.  If you merely wish to read the request.getRemoteUser, you also won't need the ThreadLocal filter either.

-Scott


Adam

Edward Chen wrote: 
I installed CAS 3.2.1 and deployed successfully with LDAP in my Windows 
XP and Tomcat5.25. Now I want to link the simple jsp application in 
Tomcat to CAS. I modified the CAS filter in web.xml as bellow. If I 
comment out "CAS Validation Filter", I got redirected to CAS and passed 
CAS login and went back to the application. However, I got "null" value 
(<%=request.getRemoteUser()%>) in my test.jsp. It should be supposed to 
have the CAS login username.

If I don't comment out "CAS Validation Filter", I got redirected to CAS 
and passed CAS login. But when CAS went back to the application, it 
throws out exception, something like

"*exception*
javax.servlet.ServletException: Unable to validate ProxyTicketValidator 
[[edu.yale.its.tp.cas.client.ProxyTicketValidator proxyList=[null] 
[edu.yale.its.tp.cas.client.ServiceTicketValidator
.....
"

It seems to me that the validation doesn't work. What is wrong with it? 
How to fix it? any recommendation?? any thing wrong with the following 
CAS filter??

Very urgent help needed!!!

........
   <filter>
     <filter-name>CAS Authentication Filter</filter-name>
     
<filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class> 

         <init-param>
           <param-name>casServerLoginUrl</param-name>
           <param-value>https://xxxxxxxxx:8443/CAS/login</param-value>
         </init-param>
         <init-param>
           <param-name>service</param-name>
         
<param-value>http://xxxxxxxxx:8080/Recruiting/test.jsp</param-value>
         </init-param>
         <init-param>
           <param-name>serverName</param-name>
           <param-value>xxxxxxx:8080/</param-value>
         </init-param>
       </filter>

       <filter>
         <filter-name>CAS Validation Filter</filter-name>
         
<filter-class>org.jasig.cas.client.validation.Cas10TicketValidationFilter</filter-class> 

         <init-param>
           <param-name>casUrlServerPrefix</param-name>
           <param-value>https://xxxxxxx:8443/CAS</param-value>
         </init-param>
         <init-param>
           <param-name>serverName</param-name>
           <param-value>xxxxxxxxxxx:8080/</param-value>
         </init-param>
       </filter>

   <filter-mapping>
       <filter-name>CAS Authentication Filter</filter-name>
       <url-pattern>/*</url-pattern>
   </filter-mapping>

   <!--filter-mapping>
       <filter-name>CAS Validation Filter</filter-name>
       <url-pattern>/*</url-pattern>
   </filter-mapping -->
...................

______________________________
_________________ Yale CAS mailing list [email protected]
http://tp.its.yale.edu/mailman/listinfo/cas

_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas




--
-Scott Battaglia
PGP Public Key Id: 0x383733AA
LinkedIn: http://www.linkedin.com/in/scottbattaglia 

_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
  
begin:vcard
fn:Adam Rybicki
n:Rybicki;Adam
org:Unicon, Inc.;Professional Services
adr:Suite 113;;3140 North Arizona Avenue;Chandler;AZ;85225;United States
email;internet:[EMAIL PROTECTED]
tel;work:+1-480-558-2400
tel;home:+1-310-265-8286
tel;cell:+1-310-980-2758
x-mozilla-html:FALSE
url:http://www.unicon.net/
version:2.1
end:vcard

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas

Reply via email to