Sory wrong project
Terv. Antoni ________________________________ From: Alatalo, Antoni [mailto:[EMAIL PROTECTED] Sent: 29. toukokuuta 2008 13:30 To: [email protected] Subject: [castor-user] How to SPNEGO + username/password authentication Hi, Is it possible to create authentication via kerberos and if not authenticated then username/password authentication? Kerberos works fine separately and also username/password authentication works fine along. I did try the next: <?xml version="1.0" encoding="UTF-8"?> <!-- | deployerConfigContext.xml centralizes into one file some of the declarative configuration that | all CAS deployers will need to modify. | | This file declares some of the Spring-managed JavaBeans that make up a CAS deployment. | The beans declared in this file are instantiated at context initialization time by the Spring | ContextLoaderListener declared in web.xml. It finds this file because this | file is among those declared in the context parameter "contextConfigLocation". | | By far the most common change you will need to make in this file is to change the last bean | declaration to replace the default SimpleTestUsernamePasswordAuthenticationHandler with | one implementing your approach for authenticating usernames and passwords. +--> <beans xmlns="http://www.springframework.org/schema/beans"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xmlns:p="http://www.springframework.org/schema/p"; xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd";> <!-- | This bean declares our AuthenticationManager. The CentralAuthenticationService service bean | declared in applicationContext.xml picks up this AuthenticationManager by reference to its id, | "authenticationManager". Most deployers will be able to use the default AuthenticationManager | implementation and so do not need to change the class of this bean. We include the whole | AuthenticationManager here in the userConfigContext.xml so that you can see the things you will | need to change in context. +--> <bean id="authenticationManager" class="org.jasig.cas.authentication.AuthenticationManagerImpl"> <property name="credentialsToPrincipalResolvers"> <list> <!-- ... the others credentialsToPrincipalResolvers ... --> <bean class="org.jasig.cas.support.spnego.authentication.principal.SpnegoCredentialsToPrincipalResolver" /> <bean class="org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver" /> </list> </property> <property name="authenticationHandlers"> <list> <bean class="org.jasig.cas.support.spnego.authentication.handler.support.JCIFSSpnegoAuthenticationHandler"> <property name="authentication"> <bean class="jcifs.spnego.Authentication" /> </property> <property name="principalWithDomainName" value="false" /> <property name="NTLMallowed" value="true" /> </bean> <!-- ... the others authenticationHandlers... --> <bean class="org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler"> <property name="filter" value="uid=%u" /> <property name="searchBase" value="CN=Roles,CN=xxx,DC=foo,DC=bar,DC=fi" /> <property name="contextSource" ref="contextSource" /> </bean> </list> </property> </bean> <bean name="jcifsConfig" class="org.jasig.cas.support.spnego.authentication.handler.support.JCIFSConfig"> <property name="jcifsServicePrincipal" value="HTTP/[EMAIL PROTECTED]" /> <property name="jcifsServicePassword" value="adfgsfg" /> <property name="kerberosDebug" value="true" /> <property name="kerberosRealm" value="FOO.BAR.FI" /> <property name="kerberosKdc" value="15.15.15.15" /> <property name="loginConf" value="/WEB-INF/login.conf" /> </bean> <bean id="contextSource" class="org.jasig.cas.adaptors.ldap.util.AuthenticatedLdapContextSource"> <property name="pooled" value="true" /> <property name="urls"> <list> <value>ldap://foo.bar.fi/</value> </list> </property> <property name="userName" value="CN=antoni,CN=xxx,DC=foo,DC=bar,DC=fi" /> <property name="password" value="xxx" /> <property name="baseEnvironmentProperties"> <map> <entry> <key> <value> java.naming.security.authentication </value> </key> <value>simple</value> </entry> </map> </property> </bean> </beans> This configuration doesn't work for username/password authentication. What I did wrong? Thanks Antoni Alatalo Ohjelmistoasiantuntija Kuntatoimiala, sosiaalitoimi _________________________________________ Logica - Releasing your potential Karvaamokuja 2 PL 38 00381 Helsinki Vaihde: 010 302 010 Suora: 040 583 1097 [EMAIL PROTECTED] www.logica.fi<http://www.logicacmg.fi> WM-datan nimi on nyt Logica.
