Colin,
Perhaps this approach can work (I assume on the login page, user is selecting a
profile):
1. Redirect from /login to CAS, /cas?service=serviceURL?param=...
2. CAS sends ST to serviceURL
3. ST validation happens, authenticated principal is returned
4. how does spring know where to
Colin,
>From your description, the 'desktop' page is protected and accessing it
>requires the user to be authenticated (and this is set in 'SecurityFilter').
>The flow you describe has the user arriving at the 'desktop' page with a ST
>from CAS but not yet authenticated in the host. The host
Cemal,
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.regexMatchers("/desktop/.*","/desktop?.*","/login.*")
.authenticated()
.and()
.authorizeRequests()
.regexMatchers("/")
.permitAll()
Ryan,
How do you configure your CasAuthenticationFilter? Do you configure
AuthenticationManager? Here is an example:
.addFilterBefore( casAuthenticationFilter(), .)
private CasAuthenticationFilter casAuthenticationFilter( )
{
CasAuthenticationFilter authenticationFilter = new
Cemal,
I tried this approach to this but I keep getting a too many re-directs
error. I'm new'ish to Spring Security so maybe I'm missing something.
But basically I see the "DynamicRedirectCasAuthenticationEntryPoint"
being processed in every request the first time through it I'm intercepting