Announcement Announcement Module
Collapse
No announcement yet.
Spring Security+CAS always response to defaultTargetUrl page? Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Spring Security+CAS always response to defaultTargetUrl page?

    When cas authentication success then go to defaultTargetUrl page; but when user is chick the system menu,the new page always jump to defaultTargetUrl page,why? The result I want is:when first login to defaultTargetUrl page, and then click menu should open the menu url page.
    The applicationContext-security.xml file:


    <http entry-point-ref="casEntryPoint" use-expressions="true">
    ......
    <logout logout-success-url="/cas-logout.jsp" />
    </http>

    .....

    <b:bean id="serviceProperties" class="org.springframework.security.cas.ServicePro perties"
    p:service="http://${web.server.host}/testweb/j_spring_cas_security_check" p:sendRenew="false"
    />

    <b:bean id="casEntryPoint" class="org.springframework.security.cas.web.CasAut henticationEntryPoint"
    p:serviceProperties-ref="serviceProperties" p:loginUrl="http://${cas.server.host}/testcas/login">
    </b:bean>

    <b:bean id="casFilter" class="org.springframework.security.cas.web.CasAut henticationFilter">
    <broperty name="authenticationManager" ref="casAuthenticationManager"/>
    <broperty name="authenticationSuccessHandler">
    <b:bean class="org.springframework.security.web.authentica tion.SimpleUrlAuthenticationSuccessHandler"
    p:alwaysUseDefaultTargetUrl="true" p:defaultTargetUrl="http://${cas.server.host}/testcas/casGenericSuccess.jsp" />
    </broperty>
    .....
    </b:bean>
    Last edited by lzf0112; Apr 10th, 2013, 07:15 AM. Reason: description the result i want to.

  • #2
    Hi,

    If you are always redirected to the default target url (I mean every time you try to access a protected page), I'm thinking that you are being re-authenticated against CAS each time (as if you have no web session).
    Can you track HTTP requests and see if you have always a round-trip with the CAS server ?
    Best regards,
    Jérôme

    Comment

    Working...
    X