Alex, Is this your entire web.xml? It appears a bit of it is missing, which is needed successfully troubleshoot your issues.
Two knee-jerk observations: 1. No filter/servlet declaration and mapping needed to handle the proxyCallbackUrl requests. 2. No <filter-mapping> entities prevents anyone from determining whether the CAS filters are protecting your application or not. Regardless of whether both applications are on the same server, if the user has authenticated with the CAS server once, then the user would not be required to login again unless the CAS client was configured to force login regardless of SSO or it is misconfigured. Please post your web.xml A- On 8/1/08 1:52 PM, "Alex Johnson" <[EMAIL PROTECTED]> wrote: > > Hi, > > Any comments about below? > > > Alex > > > > > > > From: [EMAIL PROTECTED] > To: [email protected] > Subject: CAS and proxy configuration questions > Date: Thu, 31 Jul 2008 23:00:25 +0000 > > > Hi, > > I have my CAS 2 working. Thank you for all the help from you. I still have > some silly questions. Hope you can continue to give me a hand. > > (1). I download a sample application "mywebapp.war" from > http://www.ja-sig.org/wiki/pages/viewpageattachments.action?pageId=13569483 > and dump it to my Tomcat webapp and copy all the Jars to lib folder > > (2). I copy the CAS filter to my another application "testme" from the web.xml > of "mywebapp.war". Here is the filter > > .... > <filter> > <filter-name>CAS Authentication Filter</filter-name> > > <filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter > -class> > <init-param> > <param-name>casServerLoginUrl</param-name> > <param-value>https://localhost/cas/login</param-value> > </init-param> > <init-param> > <param-name>serverName</param-name> > <param-value>https://localhost:8443</param-value> > </init-param> > <init-param> > <param-name>renew</param-name> > <param-value>false</param-value> > </init-param> > <init-param> > <param-name>gateway</param-name> > <param-value>false</param-value> > </init-param> > </filter> > > <filter> > <filter-name>CAS Validation Filter</filter-name> > > <filter-class>org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidat > ionFilter</filter-class> > <init-param> > <param-name>casServerUrlPrefix</param-name> > <param-value>https://localhost/cas/</param-value> > </init-param> > <init-param> > <param-name>serverName</param-name> > <param-value>https://localhost:8443</param-value> > </init-param> > <init-param> > <param-name>proxyCallbackUrl</param-name> > > <param-value>https://localhost:8443/mywebapp/proxyCallback</param-value> > </init-param> > <init-param> > <param-name>proxyReceptorUrl</param-name> > <param-value>/mywebapp/proxyCallback</param-value> > </init-param> > </filter> > > <filter> > <filter-name>CAS HttpServletRequest Wrapper Filter</filter-name> > > <filter-class>org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filte > r-class> > </filter> > > <filter> > <filter-name>CAS Assertion Thread Local Filter</filter-name> > > <filter-class>org.jasig.cas.client.util.AssertionThreadLocalFilter</filter-cla > ss> > </filter> > > The only difference is below between "testme" and "mywebapp" > <param-value>https://localhost:8443/mywebapp/proxyCallback</param-value> and > <param-value>/mywebapp/proxyCallback</param-value> > > (3). I restart Tomcat and open these two applications > > When I open "testme" application, it's re-directed me to CAS login page, then > I input login and jsp page is open. > When I open "mywebapp" application, it's directly open the jsp page without > CAS login page. > > I got confused about that. > Because I think I am using proxy configuration, application should be open > directly without CAS login page. > > My questions are > 1. When using proxy configuration like above, applications should be open > directly without CAS login page popped up, right? > 2. Why my two applications opened differently with the same proxy > configuration in web.xml > 3. Both application are located in the same Tomcat, pointing to the same CAS. > I should not login into CAS twice, right? But, I need to login again > 4. How to fix the problems if there is an error? > > Thanks, > > Alex > > > > > _______________________________________________ > Yale CAS mailing list > [email protected] > http://tp.its.yale.edu/mailman/listinfo/cas -- Andrew R. Feller, Analyst Information Technology Services 200 Fred Frey Building Louisiana State University Baton Rouge, LA 70803 (225) 578-3737 (Office) (225) 578-6400 (Fax)
_______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
