Announcement Announcement Module
Collapse
No announcement yet.
Acegi + CAS configuration problem Page Title Module
Move Remove Collapse
This topic is closed
X
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Acegi + CAS configuration problem

    Hi,
    I'm configured CAS server 3.1 M1 and my web application (with acegi 1.0.3) on different hosts.
    After submit credentials on CAS server the result is my application don't work and browser pending.

    How can I do?

    Thanks and regards,
    bobo32

  • #2
    Not that I know anything about CAS, but there have been examples posted in the past. I'd do a search and have a look at those. It would also help someone who might be able to help you if; you posted your applicationContext.xml, any exceptions you are getting and if you could describe your problem in more detail.

    Comment


    • #3
      Preface: if my app and CAS server running on the same Tomcat all work rigth.

      I need to have the cas server on different machine.

      This is my test:

      Host 1 - Environment for my app:
      - Java 1.5
      - tomcat 5.5.x with SSL config
      - spring context: view attachments
      - web.xml: view attachments

      Host 2 - Environment for cas server:
      - Java 1.5
      - tomcat 5.5.x with SSL config


      I try to access to protected resource and acegi redirect to CAS for authentication. After I submit the credentials cas server performe authentication and recall my application which don't work and the browser remain pending. Both, server and app, log nothing.

      Comment


      • #4
        FYI - I am still working on integrating CAS 3.0.x with our web apps, so take everything I say with a grain of salt.

        --> Preface: if my app and CAS server running on the same Tomcat all work rigth.

        Is there anything else different in the configuration of the applications other than the host? E.g. how is CAS authenticating the user.

        I am sorry, but I am having a little trouble following you.

        --> After I submit the credentials cas server performe authentication and recall my application

        I assume that when you access a secured resource on "springweb" that acegi is properly redirecting you to the following url for CAS: https://<cas_server_host>:9443/cas/proxyValidate

        After you authenticate via CAS, your browser is then being redirected back to the following url for "springweb": https://<my_app_host>:8443/springweb/j_acegi_cas_security_check

        --> which don't work and the browser remain pending

        I am not entirely sure what you mean by this. After CAS redirects you to "https://<my_app_host>:8443/springweb/j_acegi_cas_security_check", is your browser just constantly loading a page(s)?

        The working authentication process will force an HTTP redirect a number of times (from web app (resource requested) --> cas --> web app (cas processing filter) --> web app (resource requested)). It might be stuck in a cycle of http redirection. For example, you might be boucing to CAS for authentication and CAS redirecting back to "springweb" because the user is already authenticated via SSO. You should be able to tell what is going on via HTTP headers. If you are using firefox I recommend the Live HTTP Headers plugin.

        --> Both, server and app, log nothing.

        I would suggest setting the acegi logs to debug on the "springweb" app. Acegi will be pretty noisy at debug, and you should get entries for the ExceptionTranslation, CasProcessingFilter and CasProcessingFilterEntryPoint.

        That should give you a much better sense of what is happening and why it is happening.

        You may also want to take a look at what is going on in CasAuthenticationProvider.authenticateNow().

        Carlos

        Comment

        Working...
        X