Wel, after all my bellyaching over LDAP Authentication, I have come to learn
our institution indeed has a CAS authentication server.
So I read all the HOW-Tos and edited mh_default_org.xml only to get
17:20:05 ERROR (SpringSecurityConfigurationArtifactInstaller:121) - Unable to
refresh spring security configuration file
/opt/matterhorn/trunk/etc/security/mh_default_org.xml:
org.springframework.beans.factory.parsing.BeanDefinitionParsingException:
Configuration problem: Filter beans '<casFilter>' and
'<org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter#0>'
have the same 'order' value. When using custom filters, please make sure the
positions do not conflict with default filters. Alternatively you can disable
the default filters by removing the corresponding child elements from <http>
and avoiding the use of <http auto-config='true'>.
Offending resource: OSGi
resource[file:/opt/matterhorn/trunk/etc/security/mh_default_org.xml|bnd.id=142|bnd.sym=matterhorn-kernel]
here's the partial http stanza from mh_default_org.xml
<!-- ############################# -->
<!-- # LOGIN / LOGOUT MECHANISMS # -->
<!-- ############################# -->
<!-- Uncomment to enable x509 client certificates for identifying clients
-->
<!-- sec:x509 subject-principal-regex="CN=(.*?),"
user-service-ref="userDetailsService" / -->
<!-- Enable and configure the failure URL for form-based logins -->
<sec:form-login authentication-failure-url="/login.html?error"
authentication-success-handler-ref="authSuccessHandler" />
<!-- Digest auth is used by capture agents and is used to enable
transparent clustering of services -->
<sec:custom-filter position="BASIC_AUTH_FILTER" ref="digestFilter" />
<!-- CAS auth is used for authentication via browsers -->
<sec:custom-filter position="FORM_LOGIN_FILTER" ref="casFilter" />
<!--
2-legged oauth is used by trusted 3rd party applications, including LTI
producers.
If you do not plan to use OAuth, comment this out.
-->
<sec:custom-filter after="BASIC_AUTH_FILTER"
ref="oauthProtectedResourceFilter" />
<!-- Enables "remember me" functionality -->
<sec:remember-me key="matterhorn" user-service-ref="userDetailsService" />
<!-- Set the request cache -->
<sec:request-cache ref="requestCache" />
<!-- If any URLs are to be exposed to anonymous users, the "sec:anonymous"
filter must be present -->
<sec:anonymous />
<!-- Enables log out -->
<sec:logout />
<!-- Enables Single Sign Out -->
<sec:logout logout-success-url="/cas-logout.jsp"/>
<sec:custom-filter ref="requestSingleLogoutFilter"
before="LOGOUT_FILTER"/>
<sec:custom-filter ref="singleLogoutFilter" before="FORM_LOGIN_FILTER"/>
-----------------------------------------------------------------------
| Wesley Alan Wright <mailto:[email protected]> |
| Center for Teaching and Learning __0__ |
| Room 407 Lafayette Building / \ | \ |
| University of Vermont \77 |
| Burlington, Vermont 05405-0160 USA. \\ http://www.uvm.edu/skivt-l |
| Voice: 802-656-1254 vv |
| aim:goim?screenname=maddogskideath http://www.uvm.edu/~waw/ |
-----------------------------------------------------------------------
_______________________________________________
Matterhorn-users mailing list
[email protected]
http://lists.opencastproject.org/mailman/listinfo/matterhorn-users
