Robert, I think the problem is that our documentation says to put the AuthenticationFilter first which works in the majority of the cases. In your case you would need to put the ValidationFilter first. I think there was a similar discussion on-list a while back but the documentation in the wiki was never updated to reflect that you can configure the Validation Filter first.
There doesn't appear to be a reason that you can't configure the validation filter first. -Scott -Scott Battaglia PGP Public Key Id: 0x383733AA LinkedIn: http://www.linkedin.com/in/scottbattaglia On Mon, Jul 21, 2008 at 10:29 AM, Robert R <[EMAIL PROTECTED]> wrote: > I am trying to implement Proxy Login using the Java CAS Client 3.1. Below > you'll find my filters for authentication and validation. The regular > authentication is happening fine. The service URL is: " > http://sp.dev.synapse.com/petclinic/";, the user logs on, a service ticket > is returned an everything is happy. > > However, the proxy is not working, and I'm not sure exactly what I am doing > wrong. While debugging, I see that the callback is getting called with the > PGTIOU and the PGT from CAS. However, the Authentication Filter is the > first to grab this incoming service URL: " > http://sp.dev.pearsonsynapse.com/petclinic/proxyCallback,"; it is not > finding a service ticket, and tries presenting the CAS login screen. This > CAS login screen is ultimately return to CAS's own proxy call (which of > course is never looked at) - and the whole process never makes it to the > proxy validation. > > The trouble is - now that I have this set up - what is happening makes > sense to me. Of course - it is not letting the actualy proxy granting > ticket to come through - which is a problem. So - what am I doing wrong - > and how can I correct this? > > Thanks so much for any thoughts. > > - Robert > > <filter> > <filter-name>CAS Authentication Filter</filter-name> > > <filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class> > <init-param> > <param-name>casServerLoginUrl</param-name> > <param-value>https://sso.dev.synapse.net/cas/login > </param-value> > </init-param> > <init-param> > <param-name>serverName</param-name> > <param-value>http://sp.dev.synapse.com</param-value> > </init-param> > <init-param> > <param-name>renew</param-name> > <param-value>false</param-value> > </init-param> > <init-param> > <param-name>gateway</param-name> > <param-value>false</param-value> > </init-param> > </filter> > > <filter> > <filter-name>CAS Validation Filter</filter-name> > > <filter-class>org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter</filter-class> > <init-param> > <param-name>casServerUrlPrefix</param-name> > <param-value>https://sso.dev.synapse.net/cas/</param-value> > </init-param> > <init-param> > <param-name>serverName</param-name> > <param-value>http://sp.dev.synapse.com</param-value> > </init-param> > <init-param> > <param-name>allowAnyProxy</param-name> > <param-value>true</param-value> > </init-param> > <init-param> > <param-name>proxyCallbackUrl</param-name> > <param-value> > https://sp.dev.synapse.com/petclinic/proxyCallback</param-value> > </init-param> > <init-param> > <param-name>proxyReceptorUrl</param-name> > <param-value>/petclinic/proxyCallback</param-value> > </init-param> > </filter> > > > _______________________________________________ > Yale CAS mailing list > [email protected] > http://tp.its.yale.edu/mailman/listinfo/cas > >
_______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
