CAS without SSL

Thu, 24 Jul 2008 19:22:06 -0700 

I finally managed to get CAS working without SSL.

Although a prototype application, it seems to work well locally in my
dev environment (hostname cas=127.0.0.1).

I have the CAS server listening on http://cas:8080/sso and a sample
"service" web app listing on http://cas:8080/simple_web_1 which has a
public and private area.

When I click on private area, I get redirected to
http://cas:8080/sso/login?service=http....
I login and and it redirects back to private area.
Great! it seems to work beautifully,

BUT

I am getting an ERROR in the log files:

org.jasig.cas.ticket.TicketCreationException:
error.authentication.credentials.bad

I turned on DEBUG, and have pasted the logs below.

Any ideas?  Is there a configuration that I need to set? Has anyone
ever setup CAS without SSL?

Cheers
Andrew


2008-07-25 12:13:10,293 DEBUG
[org.jasig.cas.web.support.CasArgumentExtractor] - <Extractor
generated service for: http://cas:8080/simple_web_1/protected/>
2008-07-25 12:13:10,293 DEBUG
[org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler]
- <Authentication failed because url was not secure.>
2008-07-25 12:13:10,293 INFO
[org.jasig.cas.authentication.AuthenticationManagerImpl] -
<AuthenticationHandler:
org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler
failed to authenticate the user which provided the following
credentials: [callbackUrl:
http://cas:8080/simple_web_1/proxyCallback]>
2008-07-25 12:13:10,309 ERROR
[org.jasig.cas.web.ServiceValidateController] - <TicketException
generating ticket for: [callbackUrl:
http://cas:8080/simple_web_1/proxyCallback]>
org.jasig.cas.ticket.TicketCreationException:
error.authentication.credentials.bad
        at 
org.jasig.cas.CentralAuthenticationServiceImpl.delegateTicketGrantingTicket(CentralAuthenticationServiceImpl.java:291)
        at 
org.jasig.cas.web.ServiceValidateController.handleRequestInternal(ServiceValidateController.java:126)
        at 
org.springframework.web.servlet.mvc.AbstractController.handleRequest(AbstractController.java:153)
        at 
org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter.handle(SimpleControllerHandlerAdapter.java:48)
        at 
org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:875)
        at 
org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:809)
        at 
org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:571)
        at 
org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:501)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:690)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
        at 
org.jasig.cas.web.init.SafeDispatcherServlet.service(SafeDispatcherServlet.java:115)
        at 
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
        at 
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
        at 
org.inspektr.common.web.ClientInfoThreadLocalFilter.doFilterInternal(ClientInfoThreadLocalFilter.java:48)
        at 
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76)
        at 
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
        at 
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
        at 
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
        at 
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
        at 
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
        at 
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
        at 
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
        at 
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:286)
        at 
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
        at 
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
        at 
org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
        at java.lang.Thread.run(Thread.java:619)
Caused by: error.authentication.credentials.bad
        at 
org.jasig.cas.authentication.handler.BadCredentialsAuthenticationException.<clinit>(BadCredentialsAuthenticationException.java:25)
        at 
org.jasig.cas.authentication.AuthenticationManagerImpl.authenticate(AuthenticationManagerImpl.java:113)
        at 
org.jasig.cas.CentralAuthenticationServiceImpl.delegateTicketGrantingTicket(CentralAuthenticationServiceImpl.java:262)
        ... 26 more
2008-07-25 12:13:10,309 DEBUG
[org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Attempting to
retrieve ticket [ST-1-YrcOjk6g3vkN07eK4U5q-cas]>
2008-07-25 12:13:10,309 DEBUG
[org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Ticket
[ST-1-YrcOjk6g3vkN07eK4U5q-cas] found in registry.>
2008-07-25 12:13:10,309 DEBUG
[org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Removing
ticket [ST-1-YrcOjk6g3vkN07eK4U5q-cas] from registry>
2008-07-25 12:13:10,324 DEBUG
[org.springframework.validation.DataBinder] - <DataBinder requires
binding of required fields [renew]>
2008-07-25 12:13:10,340 DEBUG
[org.springframework.beans.factory.support.DefaultListableBeanFactory]
- <Returning cached instance of singleton bean
'casServiceSuccessView'>
2008-07-25 12:13:10,340 DEBUG
[org.springframework.web.servlet.view.ResourceBundleViewResolver] -
<Cached view [casServiceSuccessView_en_AU]>
2008-07-25 12:13:10,340 DEBUG
[org.springframework.web.servlet.DispatcherServlet] - <Rendering view
[org.springframework.web.servlet.view.JstlView: name
'casServiceSuccessView'; URL
[/WEB-INF/view/jsp/protocol/2.0/casServiceValidationSuccess.jsp]] in
DispatcherServlet with name 'cas'>
2008-07-25 12:13:10,340 DEBUG
[org.springframework.web.servlet.view.JstlView] - <Rendering view with
name 'casServiceSuccessView' with model
{assertion=[principals={[[Principal=us_web_2,
attributes={authenticationMethod=com.lonelyplanet.sso.handler.UserServiceAuthenticationHandler}]]}
for service=http://cas:8080/simple_web_1/protected/]} and static
attributes {}>
2008-07-25 12:13:10,340 DEBUG
[org.springframework.web.servlet.view.JstlView] - <Added model object
'assertion' of type [org.jasig.cas.validation.ImmutableAssertionImpl]
to request in view with name 'casServiceSuccessView'>
2008-07-25 12:13:10,340 DEBUG
[org.springframework.web.servlet.view.JstlView] - <Forwarding to
resource [/WEB-INF/view/jsp/protocol/2.0/casServiceValidationSuccess.jsp]
in InternalResourceView 'casServiceSuccessView'>
2008-07-25 12:13:10,636 DEBUG
[org.springframework.web.servlet.DispatcherServlet] - <Cleared
thread-bound request context:
[EMAIL PROTECTED]>
2008-07-25 12:13:10,636 DEBUG
[org.springframework.web.servlet.DispatcherServlet] - <Successfully
completed request>
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas

Reply via email to