Stop adding the CAS filters if you're using Spring Security. If you look at the Spring Security documentation they don't say anything about adding the CAS filters (other than possibly the Single Signout Filter) If you've configured Spring Security and it seems to be acting weird, clean out your logs, turn on DEBUG or TRACE for org.springframework.security in your log4j.properties and see what its saying.
Also look in the Spring Security SVN. There is a sample CASified application which you can probably use. -Scott -Scott Battaglia PGP Public Key Id: 0x383733AA LinkedIn: http://www.linkedin.com/in/scottbattaglia On Thu, Jul 24, 2008 at 7:07 PM, SMallik <[EMAIL PROTECTED]> wrote: > > > Now I configured my CAS client by following Spring Security documentation . > But still getting anomalous behaviour . > On hitting the url of my application ,instead of getting home page > index.html , browser is redirecting me to cas login page and I can find the > following in the address bar : > > https://testcas:8443/cas/login?service=http%3A%2F%2Ftestcas%3A8080%2Fcaswithacegi%3Bjsessionid%3D5C802D6BC9C05D8033CD54386EFB9605 > > Once I enter username and password , I am redirected to the home page > index.html and can see the following in the address bar : > > http://testcas:8080/caswithacegi/;jsessionid=5C802D6BC9C05D8033CD54386EFB9605?ticket=ST-1-ZxfHdeeorJ7o4J1tB3Eu-cas > > Now if I try to access the secured page by clicking a link on home page to > go to secured\securepage.jsp , I cant go anywhere I am still on the home > page (index.html). > > http://www.nabble.com/file/p18642288/spring-config.xml spring-config.xml , > http://www.nabble.com/file/p18642288/web.xml web.xml , > http://www.nabble.com/file/p18642288/log4j.log log4j.log > > If I add the " validationFilter " in the filter chain I get the following > error: > javax.servlet.ServletException: > ticket 'ST-1-eG0Jp5fuBEjB2rawbbPB-cas' does not match > supplied service. > The original service was 'http://testcas:8080/caswithacegi' and the > supplied > service was 'https://testcas:8443/caswithacegi/j_spring_cas_security_check > '. > > I guess - I am committing some mistake in configuring > authenticationFilter/validationFilter . I tried all combinations but no > luck.. http://www.nabble.com/file/p18642288/log4j.log log4j.log :,( > > Spring security documentation for cas-client does not say much but to > configure the following beans > > serviceProperties,casProcessingFilter,casProcessingFilterEntryPoint,casAuthenticationProvider,exceptionTranslationFilter > . > > Any comment on my cas-client configuration ?? > > > > > > > > > I looked at your configuration files before and they're a mess of many > different configurations. I'm not sure why you have Acegi and the CAS > client both directly configured. > You should either follow the Spring Security documentation or the CAS > client > documentation but not both. > > -Scott > > -Scott Battaglia > PGP Public Key Id: 0x383733AA > LinkedIn: http://www.linkedin.com/in/scottbattaglia > > > -- > View this message in context: > http://www.nabble.com/Authentication-exception-%2B-SSOut-problem-tp18593123p18642288.html > Sent from the CAS Users mailing list archive at Nabble.com. > > _______________________________________________ > Yale CAS mailing list > [email protected] > http://tp.its.yale.edu/mailman/listinfo/cas >
_______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
