Alex,

Is this your entire web.xml?  It appears a bit of it is missing, which is
needed successfully troubleshoot your issues.

Two knee-jerk observations:

1. No filter/servlet declaration and mapping needed to handle the
proxyCallbackUrl requests.
2. No <filter-mapping> entities prevents anyone from determining whether the
CAS filters are protecting your application or not.

 Regardless of whether both applications are on the same server, if the user
has authenticated with the CAS server once, then the user would not be
required to login again unless the CAS client was configured to force login
regardless of SSO or it is misconfigured.

Please post your web.xml
A-

On 8/1/08 1:52 PM, "Alex Johnson" <[EMAIL PROTECTED]> wrote:

> 
> Hi,
>  
> Any comments about below?
>  
>  
> Alex
> 
> 
> 
> 
> 
> 
> From: [EMAIL PROTECTED]
> To: [email protected]
> Subject: CAS and proxy configuration questions
> Date: Thu, 31 Jul 2008 23:00:25 +0000
> 
> 
> Hi,
> 
> I have my CAS 2 working. Thank you for all the help from you. I still have
> some silly questions. Hope you can continue to give me a hand.
> 
> (1). I download a sample application "mywebapp.war" from
> http://www.ja-sig.org/wiki/pages/viewpageattachments.action?pageId=13569483
> and dump it to my Tomcat webapp and copy all the Jars to lib folder
> 
> (2). I copy the CAS filter to my another application "testme" from the web.xml
> of "mywebapp.war". Here is the filter
> 
> ....
>     <filter>
>         <filter-name>CAS Authentication Filter</filter-name>
>         
> <filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter
> -class>
>         <init-param>
>             <param-name>casServerLoginUrl</param-name>
>             <param-value>https://localhost/cas/login</param-value>
>         </init-param>
>         <init-param>
>             <param-name>serverName</param-name>
>             <param-value>https://localhost:8443</param-value>
>         </init-param>
>         <init-param>
>             <param-name>renew</param-name>
>             <param-value>false</param-value>
>         </init-param>
>         <init-param>
>             <param-name>gateway</param-name>
>             <param-value>false</param-value>
>         </init-param>
>     </filter>
>     
>     <filter>
>         <filter-name>CAS Validation Filter</filter-name>
>         
> <filter-class>org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidat
> ionFilter</filter-class>
>         <init-param>
>             <param-name>casServerUrlPrefix</param-name>
>             <param-value>https://localhost/cas/</param-value>
>         </init-param>
>         <init-param>
>             <param-name>serverName</param-name>
>             <param-value>https://localhost:8443</param-value>
>         </init-param>
>         <init-param>
>             <param-name>proxyCallbackUrl</param-name>
>             
> <param-value>https://localhost:8443/mywebapp/proxyCallback</param-value>
>         </init-param>
>         <init-param>
>             <param-name>proxyReceptorUrl</param-name>
>             <param-value>/mywebapp/proxyCallback</param-value>
>         </init-param>
>     </filter>
>     
>     <filter>
>         <filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
>         
> <filter-class>org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filte
> r-class>
>     </filter>
>     
>     <filter>
>         <filter-name>CAS Assertion Thread Local Filter</filter-name>
>         
> <filter-class>org.jasig.cas.client.util.AssertionThreadLocalFilter</filter-cla
> ss>
>     </filter>
> 
> The only difference is below between "testme" and "mywebapp"
>   <param-value>https://localhost:8443/mywebapp/proxyCallback</param-value> and
> <param-value>/mywebapp/proxyCallback</param-value>
> 
> (3). I restart Tomcat and open these two applications
> 
> When I open "testme" application, it's re-directed me to CAS login page, then
> I input login and jsp page is open.
> When I open "mywebapp" application, it's directly open the jsp page without
> CAS login page.
> 
> I got confused about that.
> Because I think I am using proxy configuration, application should be open
> directly without CAS login page.
> 
> My questions are
> 1. When using proxy configuration like above, applications should be open
> directly without CAS login page popped up, right?
> 2. Why my two applications opened differently with the same proxy
> configuration in web.xml
> 3. Both application are located in the same Tomcat, pointing to the same CAS.
> I should not login into CAS twice, right? But, I need to login again
> 4. How to fix the problems if there is an error?
> 
> Thanks,
> 
> Alex
> 
> 
> 
> 
> _______________________________________________
> Yale CAS mailing list
> [email protected]
> http://tp.its.yale.edu/mailman/listinfo/cas

-- 
Andrew R. Feller, Analyst
Information Technology Services
200 Fred Frey Building
Louisiana State University
Baton Rouge, LA 70803
(225) 578-3737 (Office)
(225) 578-6400 (Fax)

_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas

Reply via email to