Now I configured my CAS client by following Spring Security documentation . But still getting anomalous behaviour . On hitting the url of my application ,instead of getting home page index.html , browser is redirecting me to cas login page and I can find the following in the address bar : https://testcas:8443/cas/login?service=http%3A%2F%2Ftestcas%3A8080%2Fcaswithacegi%3Bjsessionid%3D5C802D6BC9C05D8033CD54386EFB9605
Once I enter username and password , I am redirected to the home page index.html and can see the following in the address bar : http://testcas:8080/caswithacegi/;jsessionid=5C802D6BC9C05D8033CD54386EFB9605?ticket=ST-1-ZxfHdeeorJ7o4J1tB3Eu-cas Now if I try to access the secured page by clicking a link on home page to go to secured\securepage.jsp , I cant go anywhere I am still on the home page (index.html). http://www.nabble.com/file/p18642288/spring-config.xml spring-config.xml , http://www.nabble.com/file/p18642288/web.xml web.xml , http://www.nabble.com/file/p18642288/log4j.log log4j.log If I add the " validationFilter " in the filter chain I get the following error: javax.servlet.ServletException: ticket 'ST-1-eG0Jp5fuBEjB2rawbbPB-cas' does not match supplied service. The original service was 'http://testcas:8080/caswithacegi' and the supplied service was 'https://testcas:8443/caswithacegi/j_spring_cas_security_check'. I guess - I am committing some mistake in configuring authenticationFilter/validationFilter . I tried all combinations but no luck.. http://www.nabble.com/file/p18642288/log4j.log log4j.log :,( Spring security documentation for cas-client does not say much but to configure the following beans serviceProperties,casProcessingFilter,casProcessingFilterEntryPoint,casAuthenticationProvider,exceptionTranslationFilter . Any comment on my cas-client configuration ?? I looked at your configuration files before and they're a mess of many different configurations. I'm not sure why you have Acegi and the CAS client both directly configured. You should either follow the Spring Security documentation or the CAS client documentation but not both. -Scott -Scott Battaglia PGP Public Key Id: 0x383733AA LinkedIn: http://www.linkedin.com/in/scottbattaglia -- View this message in context: http://www.nabble.com/Authentication-exception-%2B-SSOut-problem-tp18593123p18642288.html Sent from the CAS Users mailing list archive at Nabble.com. _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
