Hi Scott,
As per your email, I configured web.xml and applicationContext.xml for
proxying. But when I call ..principal.getProxyTicketFor(), I am getting
error "No ProxyGrantingTicket was supplied, so no Proxy Ticket can be
retrieved".
Thanks,
Leena
Here is snippet from my applicationContext.xml which is similar to the one
provided in cas-sample of spring-security.
<sec:http entry-point-ref="casProcessingFilterEntryPoint" >
<sec:intercept-url pattern="/user/*.action" access="ROLE_USER" />
<sec:logout logout-success-url="/cas-logout.jsp"/>
</sec:http>
<sec:authentication-manager alias="authenticationManager"/>
<bean id="casProcessingFilter"
class="org.springframework.security.ui.cas.CasProcessingFilter">
<sec:custom-filter after="CAS_PROCESSING_FILTER"/>
<property name="authenticationManager" ref="authenticationManager"/>
<property name="authenticationFailureUrl" value="
http://localhost:8080/cas/authorizationFailure.jsp"/>
<property name="defaultTargetUrl" value="/"/>
<property name="proxyGrantingTicketStorage"
ref="proxyGrantingTicketStorage" />
<property name="proxyReceptorUrl" value="
https://localhost:8080/webappA/proxy/receptor"; />
</bean>
<bean id="casProcessingFilterEntryPoint"
class="org.springframework.security.ui.cas.CasProcessingFilterEntryPoint">
<property name="loginUrl" value="https://localhost:8443/cas/login"/>
<property name="serviceProperties" ref="serviceProperties"/>
</bean>
<bean id="casAuthenticationProvider"
class="org.springframework.security.providers.cas.CasAuthenticationProvider">
<sec:custom-authentication-provider />
<property name="userDetailsService" ref="userCasService"/>
<property name="serviceProperties" ref="serviceProperties" />
<property name="ticketValidator">
<bean
class="org.jasig.cas.client.validation.Cas20ServiceTicketValidator"> <!--
tried ProxyTicketValidator too -->
<constructor-arg index="0" value="https://localhost:8443/cas";
/>
<property name="proxyGrantingTicketStorage"
ref="proxyGrantingTicketStorage" />
<property name="proxyCallbackUrl" value="
https://localhost:8080/webappA/proxy/receptor"; />
<!-- property name="acceptAnyProxy" value="true" -->
</bean>
</property>
<property name="key" value="an_id_for_this_auth_provider_only"/>
</bean>
<bean id="proxyGrantingTicketStorage"
class="org.jasig.cas.client.proxy.ProxyGrantingTicketStorageImpl" />
<bean id="serviceProperties"
class="org.springframework.security.ui.cas.ServiceProperties">
<property name="service" value="
https://localhost:8443/webappA/j_spring_cas_security_check"/>
<property name="sendRenew" value="false"/>
</bean>
<bean id="userCasService" class="">
<property name="dataSource" ref="dataSource" />
</bean>
................ Web.xml of application A ---------
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter>
<filter-name>CAS Assertion Thread Local Filter</filter-name>
<filter-class>org.jasig.cas.client.util.AssertionThreadLocalFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>CAS Assertion Thread Local Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
On Thu, Sep 25, 2008 at 10:28 PM, Leena Borle <[EMAIL PROTECTED]> wrote:
> Hello,
> I have 2 webapplications, say webappA and webappB. WebappA has Cas-Java
> client 3.1.3 with spring security-2.0.3 setup. WebappB has Cas-java client
> 3.1.3 configured in web.xml setup. Cas server is Cas3.3. All these
> applications work fine when I call them from the browser.
> But actually what I want to do is, in webappA, I have HttpClient, that
> needs to access some data from webappB. This is where I am stuck. I added
> proxy-support in web.xml of webappB according to the instruction. How do I
> obtain proxy-ticket to pass it to url(
> http://localhost:8080/webappB/...?ticket=...) of webappB? I do have
> access to spring's CasAuthentication Object whose credentials contain
> service ticket for webappA. How do I generate proxy-ticket from it? If I
> pass this same ticket to the url, I get "Invalid Ticket" message from the
> Cas server.
> Is there any proxy example available for Cas-client 3.1.
>
> web.xml for WebAppB is as follows.
>
> <filter>
> <filter-name>CAS Validation Filter</filter-name>
>
> <filter-class>org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter</filter-class>
> <init-param>
> <param-name>casServerUrlPrefix</param-name>
> <param-value>https://localhost:8443/cas</param-value>
> </init-param>
> <init-param>
> <param-name>serverName</param-name>
> <param-value>http://localhost:8080</param-value>
> </init-param>
> <init-param>
> <param-name>acceptAnyProxy</param-name>
> <param-value>true</param-value>
> </init-param>
> <init-param>
> <param-name>proxyReceptorUrl</param-name>
> <param-value>/proxy/receptor</param-value>
> </init-param>
> <init-param>
> <param-name>proxyCallbackUrl</param-name>
> <param-value>https://localhost:8443/WebAppB/proxy/receptor
> </param-value>
> </init-param>
> <init-param>
> <param-name>redirectAfterValidation</param-name>
> <param-value>true</param-value>
> </init-param>
> </filter>
>
> <filter>
> <filter-name>CAS Authentication Filter</filter-name>
>
> <filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class>
> <init-param>
> <param-name>casServerLoginUrl</param-name>
> <param-value>https://localhost:8443/cas/login
> </param-value>
> </init-param>
> <init-param>
> <param-name>serverName</param-name>
> <param-value>http://localhost:8080</param-value>
> </init-param>
> <init-param>
> <param-name>gatewat</param-name>
> <param-value>true</param-value>
> </init-param>
>
> </filter>
>
> Thanks,
> Leena
>
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
