You should look in your CAS server log. -Scott
-Scott Battaglia PGP Public Key Id: 0x383733AA LinkedIn: http://www.linkedin.com/in/scottbattaglia On Mon, Sep 29, 2008 at 2:28 PM, Leena Borle <[EMAIL PROTECTED]> wrote: > Hi, > Only thing I see in the Cas client log is that, after I log in as the > user, I get following messages, > 2008-09-29 11:15:54,158 DEBUG > [org.jasig.cas.client.validation.Cas20ServiceTicketValidator] Server > response: <cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'> > <cas:authenticationSuccess> > <cas:user>leena</cas:user> > > > </cas:authenticationSuccess> > </cas:serviceResponse> > > *2008-09-29 11:15:54,171 INFO > [org.jasig.cas.client.proxy.ProxyGrantingTicketStorageImpl] No Proxy Ticket > found for * > It does not display any user name for the message -"*No Proxy Ticket > found for". > *Then when I try to access* *url using HttpClient, > > *2008-09-29 11:16:03,322 DEBUG > [org.jasig.cas.client.authentication.AttributePrincipalImpl] No > ProxyGrantingTicket was supplied, so no Proxy Ticket can be retrieved. > * > Leena > > > On Sat, Sep 27, 2008 at 7:33 AM, Scott Battaglia < > [EMAIL PROTECTED]> wrote: > >> Have you looked at your CAS log at all in DEBUG level logging to see if it >> has any error messages? >> -Scott Battaglia >> PGP Public Key Id: 0x383733AA >> LinkedIn: http://www.linkedin.com/in/scottbattaglia >> >> >> On Fri, Sep 26, 2008 at 4:21 PM, Leena Borle <[EMAIL PROTECTED]> wrote: >> >>> >>> Hi, >>> Sorry, my mistake. As url- /proxy/receptor did not work, I tried giving >>> complete url path which should have been https://localhost:8443/... >>> Even after changing the port, I still get the same message.. >>> Leena >>> >>> On Fri, Sep 26, 2008 at 12:33 PM, Scott Battaglia < >>> [EMAIL PROTECTED]> wrote: >>> >>>> Is 8080 your https or your http port? It seems like its both in the >>>> configuration. >>>> >>>> -Scott >>>> >>>> -Scott Battaglia >>>> PGP Public Key Id: 0x383733AA >>>> LinkedIn: http://www.linkedin.com/in/scottbattaglia >>>> >>>> >>>> On Fri, Sep 26, 2008 at 3:25 PM, Leena Borle <[EMAIL PROTECTED]> wrote: >>>> >>>>> Hi Scott, >>>>> As per your email, I configured web.xml and applicationContext.xml >>>>> for proxying. But when I call ..principal.getProxyTicketFor(), I am >>>>> getting >>>>> error "No ProxyGrantingTicket was supplied, so no Proxy Ticket can be >>>>> retrieved". >>>>> >>>>> >>>>> Thanks, >>>>> Leena >>>>> >>>>> Here is snippet from my applicationContext.xml which is similar to the >>>>> one provided in cas-sample of spring-security. >>>>> <sec:http entry-point-ref="casProcessingFilterEntryPoint" > >>>>> <sec:intercept-url pattern="/user/*.action" access="ROLE_USER" >>>>> /> >>>>> <sec:logout logout-success-url="/cas-logout.jsp"/> >>>>> </sec:http> >>>>> >>>>> <sec:authentication-manager alias="authenticationManager"/> >>>>> >>>>> <bean id="casProcessingFilter" >>>>> class="org.springframework.security.ui.cas.CasProcessingFilter"> >>>>> <sec:custom-filter after="CAS_PROCESSING_FILTER"/> >>>>> <property name="authenticationManager" >>>>> ref="authenticationManager"/> >>>>> <property name="authenticationFailureUrl" value=" >>>>> http://localhost:8080/cas/authorizationFailure.jsp"/> >>>>> <property name="defaultTargetUrl" value="/"/> >>>>> <property name="proxyGrantingTicketStorage" >>>>> ref="proxyGrantingTicketStorage" /> >>>>> <property name="proxyReceptorUrl" value=" >>>>> https://localhost:8080/webappA/proxy/receptor"; /> >>>>> </bean> >>>>> >>>>> <bean id="casProcessingFilterEntryPoint" >>>>> class="org.springframework.security.ui.cas.CasProcessingFilterEntryPoint"> >>>>> <property name="loginUrl" value=" >>>>> https://localhost:8443/cas/login"/> >>>>> <property name="serviceProperties" ref="serviceProperties"/> >>>>> </bean> >>>>> >>>>> <bean id="casAuthenticationProvider" >>>>> class="org.springframework.security.providers.cas.CasAuthenticationProvider"> >>>>> <sec:custom-authentication-provider /> >>>>> <property name="userDetailsService" ref="userCasService"/> >>>>> <property name="serviceProperties" ref="serviceProperties" /> >>>>> <property name="ticketValidator"> >>>>> <bean >>>>> class="org.jasig.cas.client.validation.Cas20ServiceTicketValidator"> <!-- >>>>> tried ProxyTicketValidator too --> >>>>> <constructor-arg index="0" value=" >>>>> https://localhost:8443/cas"; /> >>>>> <property name="proxyGrantingTicketStorage" >>>>> ref="proxyGrantingTicketStorage" /> >>>>> <property name="proxyCallbackUrl" value=" >>>>> https://localhost:8080/webappA/proxy/receptor"; /> >>>>> <!-- property name="acceptAnyProxy" value="true" --> >>>>> >>>>> </bean> >>>>> </property> >>>>> <property name="key" >>>>> value="an_id_for_this_auth_provider_only"/> >>>>> </bean> >>>>> >>>>> <bean id="proxyGrantingTicketStorage" >>>>> class="org.jasig.cas.client.proxy.ProxyGrantingTicketStorageImpl" /> >>>>> >>>>> <bean id="serviceProperties" >>>>> class="org.springframework.security.ui.cas.ServiceProperties"> >>>>> <property name="service" value=" >>>>> https://localhost:8443/webappA/j_spring_cas_security_check"/> >>>>> <property name="sendRenew" value="false"/> >>>>> </bean> >>>>> >>>>> <bean id="userCasService" class=""> >>>>> <property name="dataSource" ref="dataSource" /> >>>>> </bean> >>>>> >>>>> ................ Web.xml of application A --------- >>>>> <filter> >>>>> <filter-name>springSecurityFilterChain</filter-name> >>>>> >>>>> <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class> >>>>> </filter> >>>>> <filter-mapping> >>>>> <filter-name>springSecurityFilterChain</filter-name> >>>>> <url-pattern>/*</url-pattern> >>>>> </filter-mapping> >>>>> >>>>> <filter> >>>>> <filter-name>CAS Assertion Thread Local Filter</filter-name> >>>>> >>>>> <filter-class>org.jasig.cas.client.util.AssertionThreadLocalFilter</filter-class> >>>>> </filter> >>>>> <filter-mapping> >>>>> <filter-name>CAS Assertion Thread Local Filter</filter-name> >>>>> <url-pattern>/*</url-pattern> >>>>> </filter-mapping> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> On Thu, Sep 25, 2008 at 10:28 PM, Leena Borle <[EMAIL PROTECTED]>wrote: >>>>> >>>>>> Hello, >>>>>> I have 2 webapplications, say webappA and webappB. WebappA has >>>>>> Cas-Java client 3.1.3 with spring security-2.0.3 setup. WebappB has >>>>>> Cas-java client 3.1.3 configured in web.xml setup. Cas server is Cas3.3. >>>>>> All >>>>>> these applications work fine when I call them from the browser. >>>>>> But actually what I want to do is, in webappA, I have HttpClient, >>>>>> that needs to access some data from webappB. This is where I am stuck. I >>>>>> added proxy-support in web.xml of webappB according to the instruction. >>>>>> How >>>>>> do I obtain proxy-ticket to pass it to url( >>>>>> http://localhost:8080/webappB/...?ticket=...) of webappB? I do have >>>>>> access to spring's CasAuthentication Object whose credentials contain >>>>>> service ticket for webappA. How do I generate proxy-ticket from it? If I >>>>>> pass this same ticket to the url, I get "Invalid Ticket" message from the >>>>>> Cas server. >>>>>> Is there any proxy example available for Cas-client 3.1. >>>>>> >>>>>> web.xml for WebAppB is as follows. >>>>>> >>>>>> <filter> >>>>>> <filter-name>CAS Validation Filter</filter-name> >>>>>> >>>>>> <filter-class>org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter</filter-class> >>>>>> <init-param> >>>>>> <param-name>casServerUrlPrefix</param-name> >>>>>> <param-value>https://localhost:8443/cas</param-value> >>>>>> </init-param> >>>>>> <init-param> >>>>>> <param-name>serverName</param-name> >>>>>> <param-value>http://localhost:8080</param-value> >>>>>> </init-param> >>>>>> <init-param> >>>>>> <param-name>acceptAnyProxy</param-name> >>>>>> <param-value>true</param-value> >>>>>> </init-param> >>>>>> <init-param> >>>>>> <param-name>proxyReceptorUrl</param-name> >>>>>> <param-value>/proxy/receptor</param-value> >>>>>> </init-param> >>>>>> <init-param> >>>>>> <param-name>proxyCallbackUrl</param-name> >>>>>> <param-value> >>>>>> https://localhost:8443/WebAppB/proxy/receptor</param-value> >>>>>> </init-param> >>>>>> <init-param> >>>>>> <param-name>redirectAfterValidation</param-name> >>>>>> <param-value>true</param-value> >>>>>> </init-param> >>>>>> </filter> >>>>>> >>>>>> <filter> >>>>>> <filter-name>CAS Authentication Filter</filter-name> >>>>>> >>>>>> <filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class> >>>>>> <init-param> >>>>>> <param-name>casServerLoginUrl</param-name> >>>>>> <param-value>https://localhost:8443/cas/login >>>>>> </param-value> >>>>>> </init-param> >>>>>> <init-param> >>>>>> <param-name>serverName</param-name> >>>>>> <param-value>http://localhost:8080</param-value> >>>>>> </init-param> >>>>>> <init-param> >>>>>> <param-name>gatewat</param-name> >>>>>> <param-value>true</param-value> >>>>>> </init-param> >>>>>> >>>>>> </filter> >>>>>> >>>>>> Thanks, >>>>>> Leena >>>>>> >>>>> >>>>> >>>>> _______________________________________________ >>>>> Yale CAS mailing list >>>>> [email protected] >>>>> http://tp.its.yale.edu/mailman/listinfo/cas >>>>> >>>>> >>>> >>>> _______________________________________________ >>>> Yale CAS mailing list >>>> [email protected] >>>> http://tp.its.yale.edu/mailman/listinfo/cas >>>> >>>> >>> >>> _______________________________________________ >>> Yale CAS mailing list >>> [email protected] >>> http://tp.its.yale.edu/mailman/listinfo/cas >>> >>> >> >> _______________________________________________ >> Yale CAS mailing list >> [email protected] >> http://tp.its.yale.edu/mailman/listinfo/cas >> >> > > _______________________________________________ > Yale CAS mailing list > [email protected] > http://tp.its.yale.edu/mailman/listinfo/cas > >
_______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
