Hi, I've successfully installed CAS server (Jasig) running on tomcat 7 on port 8443 (ssl support, context name: cas-server-webapp-3.5.2) and I've an application running on the same server on a glassfish application server on port 8080 (context:name LDAPClient1 notice that LDAP is only a typo and I don't want to access an LDAP...).
I've configured shiro.ini with the following parameters: [main] casFilter = org.apache.shiro.cas.CasFilter casFilter.failureUrl = /error.xhtml casRealm = org.apache.shiro.cas.CasRealm casRealm.defaultRoles = ROLE_USER casRealm.casServerUrlPrefix = https://192.168.0.200:8443/cas-server-webapp-3.5.2 casRealm.casService = http://192.168.0.200:8080/LDAPClient1/shiro-cas casRealm.validationProtocol = SAML casSubjectFactory = org.apache.shiro.cas.CasSubjectFactory securityManager.subjectFactory = $casSubjectFactory roles.loginUrl = https://192.168.0.200:8443/cas-server-webapp-3.5.2/login?service=http://192.168.0.200:8080/LDAPClient1/shiro-cas [urls] /shiro-cas = casFilter /protected/** = roles[ROLE_USER] /logout = logout /** = anon Cas server (jasig) is configured with default installation parameters so it's using SimpleTestUsernamePasswordAuthenticationHandler. When I run my app and try to access a protected resource shiro-cas successfully redirects me on cas login page, I enter username and password (the same as username) and cas redirects me always on the error page (I don't understand why...). I've tried to enable debug on log4j.properties and what I see is this: Informazioni: CAS SHIRO DEMO APP 2014/01/26 19:07:00,704 DEBUG [http-thread-pool-8080(2)] org.jasig.cas.client.validation.Saml11TicketValidator - Placing URL parameters in map. Informazioni: CAS SHIRO DEMO APP 2014/01/26 19:07:00,705 DEBUG [http-thread-pool-8080(2)] org.jasig.cas.client.validation.Saml11TicketValidator - Calling template URL attribute map. Informazioni: CAS SHIRO DEMO APP 2014/01/26 19:07:00,705 DEBUG [http-thread-pool-8080(2)] org.jasig.cas.client.validation.Saml11TicketValidator - Loading custom parameters from configuration. Informazioni: CAS SHIRO DEMO APP 2014/01/26 19:07:00,705 DEBUG [http-thread-pool-8080(2)] org.jasig.cas.client.validation.Saml11TicketValidator - Constructing validation url: https://192.168.0.200:8443/cas-server-webapp-3.5.2/samlValidate?TARGET=http%3A%2F%2F192.168.0.200%3A8080%2FLDAPClient1%2Fshiro-cas Informazioni: CAS SHIRO DEMO APP 2014/01/26 19:07:00,705 DEBUG [http-thread-pool-8080(2)] org.jasig.cas.client.validation.Saml11TicketValidator - Retrieving response from server. Informazioni: CAS SHIRO DEMO APP 2014/01/26 19:07:00,744 DEBUG [http-thread-pool-8080(2)] org.apache.shiro.web.servlet.SimpleCookie - Added HttpServletResponse Cookie [rememberMe=deleteMe; Path=/LDAPClient1; Max-Age=0; Expires=Sat, 25-Jan-2014 18:07:00 GMT] Strangely it puts a cooky that is already expired, the test was done on 26-Jan-2014 not 25-Jan-2014 ! I can't understand what is the problem, can you help me ? Many thanks in advance... -- View this message in context: http://shiro-user.582556.n2.nabble.com/shiro-cas-always-redirect-to-error-page-tp7579563.html Sent from the Shiro User mailing list archive at Nabble.com.
