Announcement Announcement Module
Collapse
No announcement yet.
Spring Security + CAS + GWT Frond End Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Spring Security + CAS + GWT Frond End

    Hi All,
    I am trying implement a GWT Application win SSO using Spring Security. I have a CAS Server running on a different machine. When i run the GWT Application from eclipse, the application is redirected to the CAS Login page, once i authenticate the page gets redirected to my GWT Application Page but it gives a "Redirect Loop Error".

    The Application Context looks like this


    Code:
    <beans xmlns="http://www.springframework.org/schema/beans"
    	xmlns:security="http://www.springframework.org/schema/security"
    	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    	xsi:schemaLocation="http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd
            http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
            http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-3.0.xsd
            http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.0.xsd">
    
    	<security:http entry-point-ref="casEntryPoint"
    		auto-config="true">
    		<!-- <security:intercept-url pattern="/**" access="IS_AUTHENTICATED_ANONYMOUSLY" /> -->
    		<security:intercept-url pattern="/**" access="ROLE_USER" />
    		<security:custom-filter position="CAS_FILTER"
    			ref="casFilter"></security:custom-filter>
    	</security:http>
    
    	<bean id="etf"
    		class="org.springframework.security.web.access.ExceptionTranslationFilter">
    		<property name="authenticationEntryPoint" ref="casEntryPoint" />
    	</bean>
    
    	<security:authentication-manager alias="authenticationManager">
    		<security:authentication-provider
    			ref="casAuthenticationProvider" />
    	</security:authentication-manager>
    
    	<bean id="serviceProperties" class="org.springframework.security.cas.ServiceProperties">
    		<property name="service"
    			value="http://127.0.0.1:8888/panepipeline.html" />
    		<property name="sendRenew" value="false" />
    	</bean>
    
    	<bean id="casFilter"
    		class="org.springframework.security.cas.web.CasAuthenticationFilter">
    		<property name="authenticationManager" ref="authenticationManager" />
    	</bean>
    
    	<bean id="casEntryPoint"
    		class="org.springframework.security.cas.web.CasAuthenticationEntryPoint">
    		<property name="loginUrl" value="https://seqdws1/cas/login" />
    		<property name="serviceProperties" ref="serviceProperties" />
    	</bean>
    
    	<bean id="casAuthenticationProvider"
    		class="org.springframework.security.cas.authentication.CasAuthenticationProvider">
    		<property name="userDetailsService" ref="userService" />
    		<property name="serviceProperties" ref="serviceProperties" />
    		<property name="ticketValidator">
    			<bean class="org.jasig.cas.client.validation.Cas20ServiceTicketValidator">
    				<constructor-arg index="0" value="https://seqdws1/cas" />
    			</bean>
    		</property>
    		<property name="key" value="cas" />
    	</bean>
    
    	<security:user-service id="userService">
    		<security:user name="joe" password="joe" authorities="ROLE_USER" />
    	</security:user-service>
    
    	<!-- <security:authentication-manager> <security:authentication-provider> 
    		<security:user-service> <security:user name="jimi" password="jimispassword" 
    		authorities="ROLE_USER, ROLE_ADMIN" /> <security:user name="bob" password="bobspassword" 
    		authorities="ROLE_USER" /> </security:user-service> </security:authentication-provider> 
    		</security:authentication-manager> -->
    
    </beans>
    If i change the access level to IS_AUTHENTICATED_ANONYMOUSLY, the page loads fine. I am not quite sure where the problem is.

    Attachment
    Attached Files

  • #2
    Hi,

    I saw a service ticket (ticket=ST-) in your url, so I assume the CAS authentication has worked.
    On application side, the service ticket may not have been validated, which generally causes an infinite loop (you may want to define a proper authenticationFailureHandler).
    I recommend you turn on DEBUG logs on org.springframework.security and org.jasig.cas to see what's going on.
    Best regards,
    Jérôme

    Comment

    Working...
    X