Announcement Announcement Module
Collapse
No announcement yet.
HTTP Status 401 - Authentication Failed: for SSO using CAS 3.5.2 and spring security Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • HTTP Status 401 - Authentication Failed: for SSO using CAS 3.5.2 and spring security

    HI FELLAS,

    i am trying to achieve SSO using CAS in my simple application. i have configured spring authentication manager to authenticate with CAS. when i try to acces any secured URL, the redirect to CAS login page is happening properly. once i enter valid credentials CAS is redirecting me to my application. but in my application i am getting 401 error.

    here is my configuration: -


    applicationSecurityContext.xml
    Code:
    <?xml version="1.0" encoding="UTF-8"?>
    <beans xmlns="http://www.springframework.org/schema/beans"
    	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    	xmlns:p="http://www.springframework.org/schema/p"
    	xmlns:util="http://www.springframework.org/schema/util"
    	xmlns:security="http://www.springframework.org/schema/security"
    	xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
    		http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-3.1.xsd
    		http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd">
    
    	<security:http entry-point-ref="casEntryPoint" use-expressions="true" authentication-manager-ref="authenticationManager">
    		<security:custom-filter position="CAS_FILTER" ref="casFilter" />
    		<security:intercept-url pattern="/**" access="isAuthenticated()"/>
    	</security:http>
    
    	<bean id="casFilter" class="org.springframework.security.cas.web.CasAuthenticationFilter">
        	<property name="authenticationManager" ref="authenticationManager"/>
      	</bean>
      	
      	 <security:authentication-manager alias="authenticationManager">
        	<security:authentication-provider ref="casAuthenticationProvider" />
      	</security:authentication-manager>
      	
    	<bean id="casAuthenticationProvider" class="org.springframework.security.cas.authentication.CasAuthenticationProvider">
        	<property name="authenticationUserDetailsService">
          	<bean class="org.springframework.security.core.userdetails.UserDetailsByNameServiceWrapper">
            	<constructor-arg ref="userService" />
          	</bean>
        	</property>
        	<property name="serviceProperties" ref="serviceProperties" />
        	<property name="ticketValidator">
          		<bean class="org.jasig.cas.client.validation.Cas20ServiceTicketValidator">
            			<constructor-arg index="0" value="https://localhost:8443/cas-server-webapp-3.5.2" />
          		</bean>
        	</property>
        	<property name="key" value="an_id_for_this_auth_provider_only"/>
      	</bean>
      	
      	<security:user-service id="userService">
        	<security:user name="joe" password="joe" authorities="ROLE_USER" />
      	</security:user-service>
    	
    	<bean id="casEntryPoint" class="org.springframework.security.cas.web.CasAuthenticationEntryPoint">
        	<property name="loginUrl" value="https://localhost:8443/cas-server-webapp-3.5.2"/>
        	<property name="serviceProperties" ref="serviceProperties"/>
      	</bean>
      	
    	<bean id="serviceProperties" class="org.springframework.security.cas.ServiceProperties">
        	<property name="service" value="https://localhost:8443/App1-1.0/j_spring_cas_security_check"/>
        	<property name="sendRenew" value="false"/>
      	</bean>
    
    </beans>
    here is my web.xml

    Code:
    <?xml version="1.0" encoding="UTF-8"?>
    <web-app version="2.5" xmlns="http://java.sun.com/xml/ns/javaee"
    	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    	xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">
    
    	<!-- The definition of the Root Spring Container shared by all Servlets 
    		and Filters -->
    	<context-param>
    		<param-name>contextConfigLocation</param-name>
    		<param-value>/WEB-INF/spring/applicationContext.xml</param-value>
    	</context-param>
    
    	<!-- Creates the Spring Container shared by all Servlets and Filters -->
    	<listener>
    		<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
    	</listener>
    
    	<!-- Processes application requests -->
    	<servlet>
    		<servlet-name>appServlet</servlet-name>
    		<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
    		<init-param>
    			<param-name>contextConfigLocation</param-name>
    			<param-value>/WEB-INF/spring/appServlet/servlet-context.xml</param-value>
    		</init-param>
    		<load-on-startup>1</load-on-startup>
    	</servlet>
    
    	<servlet-mapping>
    		<servlet-name>appServlet</servlet-name>
    		<url-pattern>/</url-pattern>
    	</servlet-mapping>
    
    	<filter>
    		<filter-name>springSecurityFilterChain</filter-name>
    		<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
    	</filter>
    
    	<filter-mapping>
    		<filter-name>springSecurityFilterChain</filter-name>
    		<url-pattern>/*</url-pattern>
    	</filter-mapping>
    
    </web-app>
    here is my simple controller
    Code:
    package com.cisco.prime;
    
    import java.text.DateFormat;
    import java.util.Date;
    import java.util.Locale;
    
    import org.slf4j.Logger;
    import org.slf4j.LoggerFactory;
    import org.springframework.stereotype.Controller;
    import org.springframework.ui.Model;
    import org.springframework.web.bind.annotation.RequestMapping;
    import org.springframework.web.bind.annotation.RequestMethod;
    
    /**
     * Handles requests for the application home page.
     */
    @Controller
    public class HomeController {
    	
    	private static final Logger logger = LoggerFactory.getLogger(HomeController.class);
    	
    	/**
    	 * Simply selects the home view to render by returning its name.
    	 */
    	@RequestMapping(value = "/", method = RequestMethod.GET)
    	public String home(Locale locale, Model model) {
    		logger.info("Welcome home! The client locale is {}.", locale);
    		
    		Date date = new Date();
    		DateFormat dateFormat = DateFormat.getDateTimeInstance(DateFormat.LONG, DateFormat.LONG, locale);
    		
    		String formattedDate = dateFormat.format(date);
    		
    		model.addAttribute("serverTime", formattedDate );
    		
    		return "home";
    	}
    	
    }
    could you please help me resolving this?

  • #2
    The issue is most likely an SSL issue so ensure you are trusting the SSL endpoints. You can refer to the CAS SSL troubleshooting guide. This blog has some information on how to do it with Eclipse. If you are still having issues, enable logging on your CAS Service and the CAS server and see what that turns up.

    Comment


    • #3
      thanks

      Originally posted by Rob Winch View Post
      The issue is most likely an SSL issue so ensure you are trusting the SSL endpoints. You can refer to the CAS SSL troubleshooting guide. This blog has some information on how to do it with Eclipse. If you are still having issues, enable logging on your CAS Service and the CAS server and see what that turns up.

      Thanks rob. That was the exact issue. It was the issue with certificate that i generated using keytool. Thanks a lot for the help. That resolved my issue

      Comment

      Working...
      X