Announcement Announcement Module
Collapse
No announcement yet.
Sping Security CAS client does not redirect upon successful authentication Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Sping Security CAS client does not redirect upon successful authentication

    Hello,

    I am implementing a Spring MVC client to authenticate against a CAS server using Spring Security. I created a Spring Template Project in Eclipse (using the Spring Tool Suite), and I added the additional POM dependencies needed to work off of an existing project sample: https://fisheye.springsource.org/bro...ty.xml?hb=true

    Right now, I am at the point where I can authenticate successfully, at which point the default CAS "Log In Successful" banner is shown (see attached screenshot) and the browser URL is https://localhost:8443/cas/login?tic...JbdIdqAMDs-cas.

    For the life of me, I cannot figure out how to redirect back to my application. Before the user has to authenticate, the click on a link:

    Code:
    <a href="secure/index.jsp">Secure page</a>
    At which point they authenticate against CAS. However, the user is not redirected to the original destination ("secure/index.jsp"). I do have code in place that should supposedly handle this, however:

    Code:
    <bean id="casFilter"
    		class="org.springframework.security.cas.web.CasAuthenticationFilter">
    		<property name="authenticationManager" ref="authenticationManager" />
    		<property name="authenticationFailureHandler">
    			<bean
    				class="org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler">
    				<property name="defaultFailureUrl" value="/casfailed.jsp" />
    			</bean>
    		</property>
    		<property name="authenticationSuccessHandler">
    			<bean
    				class="org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler">
    				<property name="defaultTargetUrl" value="/secure/index.jsp" />
    			</bean>
    		</property>
    	</bean>
    ...But it doesn't. I'm wondering if anyone can figure out why not? The rest of applicationContext-security.xml and web.xml can be viewed in the referenced link above. I would really appreciate the help.

    Thanks!

  • #2
    The service parameter was set incorrectly. It was initially set as "https://localhost:8443/cas/j_spring_cas_security_check". Instead, I changed "cas" to my application name: "https://localhost:8443/SpringMVC_CAS/j_spring_cas_security_check". My application now redirects correctly.

    Comment

    Working...
    X