Re: How to configure proxy(cas-client 3.1) for HttpClient support ?

Fri, 26 Sep 2008 12:41:11 -0700 

Is 8080 your https or your http port? It seems like its both in the
configuration.

-Scott

-Scott Battaglia
PGP Public Key Id: 0x383733AA
LinkedIn: http://www.linkedin.com/in/scottbattaglia


On Fri, Sep 26, 2008 at 3:25 PM, Leena Borle <[EMAIL PROTECTED]> wrote:

> Hi Scott,
>   As per your email, I configured web.xml and applicationContext.xml for
> proxying. But when I call ..principal.getProxyTicketFor(), I am getting
> error "No ProxyGrantingTicket was supplied, so no Proxy Ticket can be
> retrieved".
>
>
> Thanks,
> Leena
>
> Here is snippet from my applicationContext.xml which is similar to the one
> provided in cas-sample of spring-security.
>    <sec:http entry-point-ref="casProcessingFilterEntryPoint" >
>         <sec:intercept-url pattern="/user/*.action" access="ROLE_USER" />
>         <sec:logout logout-success-url="/cas-logout.jsp"/>
>     </sec:http>
>
>     <sec:authentication-manager alias="authenticationManager"/>
>
>     <bean id="casProcessingFilter"
> class="org.springframework.security.ui.cas.CasProcessingFilter">
>         <sec:custom-filter after="CAS_PROCESSING_FILTER"/>
>         <property name="authenticationManager"
> ref="authenticationManager"/>
>         <property name="authenticationFailureUrl" value="
> http://localhost:8080/cas/authorizationFailure.jsp"/>
>         <property name="defaultTargetUrl" value="/"/>
>         <property name="proxyGrantingTicketStorage"
> ref="proxyGrantingTicketStorage" />
>         <property name="proxyReceptorUrl" value="
> https://localhost:8080/webappA/proxy/receptor"; />
>     </bean>
>
>     <bean id="casProcessingFilterEntryPoint"
> class="org.springframework.security.ui.cas.CasProcessingFilterEntryPoint">
>         <property name="loginUrl" value="https://localhost:8443/cas/login
> "/>
>         <property name="serviceProperties" ref="serviceProperties"/>
>     </bean>
>
>     <bean id="casAuthenticationProvider"
> class="org.springframework.security.providers.cas.CasAuthenticationProvider">
>         <sec:custom-authentication-provider />
>         <property name="userDetailsService" ref="userCasService"/>
>         <property name="serviceProperties" ref="serviceProperties" />
>         <property name="ticketValidator">
>             <bean
> class="org.jasig.cas.client.validation.Cas20ServiceTicketValidator"> <!--
> tried ProxyTicketValidator too -->
>                 <constructor-arg index="0" value="
> https://localhost:8443/cas"; />
>                 <property name="proxyGrantingTicketStorage"
> ref="proxyGrantingTicketStorage" />
>                 <property name="proxyCallbackUrl" value="
> https://localhost:8080/webappA/proxy/receptor"; />
>                 <!--  property name="acceptAnyProxy" value="true"  -->
>
>             </bean>
>         </property>
>         <property name="key" value="an_id_for_this_auth_provider_only"/>
>     </bean>
>
>     <bean id="proxyGrantingTicketStorage"
> class="org.jasig.cas.client.proxy.ProxyGrantingTicketStorageImpl" />
>
>     <bean id="serviceProperties"
> class="org.springframework.security.ui.cas.ServiceProperties">
>         <property name="service" value="
> https://localhost:8443/webappA/j_spring_cas_security_check"/>
>         <property name="sendRenew" value="false"/>
>     </bean>
>
>     <bean id="userCasService" class="">
>         <property name="dataSource" ref="dataSource" />
>     </bean>
>
> ................ Web.xml of application A ---------
>    <filter>
>         <filter-name>springSecurityFilterChain</filter-name>
>
> <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
>     </filter>
>     <filter-mapping>
>       <filter-name>springSecurityFilterChain</filter-name>
>       <url-pattern>/*</url-pattern>
>     </filter-mapping>
>
>     <filter>
>       <filter-name>CAS Assertion Thread Local Filter</filter-name>
>
> <filter-class>org.jasig.cas.client.util.AssertionThreadLocalFilter</filter-class>
>     </filter>
>     <filter-mapping>
>       <filter-name>CAS Assertion Thread Local Filter</filter-name>
>       <url-pattern>/*</url-pattern>
>     </filter-mapping>
>
>
>
>
>
> On Thu, Sep 25, 2008 at 10:28 PM, Leena Borle <[EMAIL PROTECTED]> wrote:
>
>> Hello,
>>   I have 2 webapplications, say webappA and webappB. WebappA has Cas-Java
>> client 3.1.3  with spring security-2.0.3 setup. WebappB has Cas-java client
>> 3.1.3 configured in web.xml setup. Cas server is Cas3.3. All these
>> applications work fine when I call them from the browser.
>>   But actually what I want to do is,  in webappA, I have HttpClient, that
>> needs to access some data from webappB.  This is where I am stuck. I added
>> proxy-support in web.xml of webappB according to the instruction. How do I
>> obtain proxy-ticket to pass it to url(
>> http://localhost:8080/webappB/...?ticket=...)  of webappB? I do have
>> access to spring's CasAuthentication Object whose credentials contain
>> service ticket for webappA. How do I generate proxy-ticket from it? If I
>> pass this same ticket to the url, I get "Invalid Ticket" message from the
>> Cas server.
>>     Is there any proxy example available for Cas-client 3.1.
>>
>> web.xml for WebAppB is as follows.
>>
>>      <filter>
>>         <filter-name>CAS Validation Filter</filter-name>
>>
>> <filter-class>org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter</filter-class>
>>             <init-param>
>>                 <param-name>casServerUrlPrefix</param-name>
>>                 <param-value>https://localhost:8443/cas</param-value>
>>             </init-param>
>>             <init-param>
>>                 <param-name>serverName</param-name>
>>                 <param-value>http://localhost:8080</param-value>
>>               </init-param>
>>             <init-param>
>>                 <param-name>acceptAnyProxy</param-name>
>>                 <param-value>true</param-value>
>>               </init-param>
>>             <init-param>
>>                 <param-name>proxyReceptorUrl</param-name>
>>                 <param-value>/proxy/receptor</param-value>
>>               </init-param>
>>             <init-param>
>>                 <param-name>proxyCallbackUrl</param-name>
>>                 <param-value>
>> https://localhost:8443/WebAppB/proxy/receptor</param-value>
>>               </init-param>
>>             <init-param>
>>                 <param-name>redirectAfterValidation</param-name>
>>                 <param-value>true</param-value>
>>               </init-param>
>>     </filter>
>>
>>     <filter>
>>         <filter-name>CAS Authentication Filter</filter-name>
>>
>> <filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class>
>>             <init-param>
>>                 <param-name>casServerLoginUrl</param-name>
>>                 <param-value>https://localhost:8443/cas/login
>> </param-value>
>>             </init-param>
>>             <init-param>
>>                 <param-name>serverName</param-name>
>>                 <param-value>http://localhost:8080</param-value>
>>               </init-param>
>>             <init-param>
>>                 <param-name>gatewat</param-name>
>>                 <param-value>true</param-value>
>>               </init-param>
>>
>>     </filter>
>>
>> Thanks,
>> Leena
>>
>
>
> _______________________________________________
> Yale CAS mailing list
> [email protected]
> http://tp.its.yale.edu/mailman/listinfo/cas
>
>

_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas

Reply via email to