Announcement Announcement Module
Collapse
No announcement yet.
CAs stuck in infinite reidrect/ticket doling out loop Page Title Module
Move Remove Collapse
This topic is closed
X
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • CAs stuck in infinite reidrect/ticket doling out loop

    Hi

    I have my acegi setup with CAS .

    When I request a secured URL, it correctly redirects to the CAS login page. I log in correctly, and then I go into a loop, which in IE consists of a never ending series of "you are about to be redirected to a connection that is not secure" (i.e. back to my app), and in Firefox I get "The page isn't redirecting properly.
    Firefox has detected that the server is redirecting the request for this address in a way that will never complete."

    On the CAS server I get multiple tickets being generated:

    Code:
    3 10:15:04,948 INFO [org.jasig.cas.authentication.AuthenticationManagerImpl] - <AuthenticationHandler: org.acegisecurity.adapters.cas3.CasAuthenticationHandler successfully authenticated the user which provided the following credentials: Target4>
    2007-04-23 10:15:04,948 INFO [org.jasig.cas.CentralAuthenticationServiceImpl] - <Granted service ticket [ST-13-K0YTLvlIfLIWvWNiXm6jgR9GwyargYrVPR2-20] for service [http://localhost:9080/BCMNewBusinessWeb/j_acegi_cas_security_check] for user [Target4]>
    2007-04-23 10:15:04,980 INFO [org.jasig.cas.CentralAuthenticationServiceImpl] - <Granted service ticket [ST-14-5k9DSVmtZI4Gn14R9VvhXNx0YUTR3Favnco-20] for service [http://localhost:9080/BCMNewBusinessWeb/j_acegi_cas_security_check] for user [Target4]>
    2007-04-23 10:15:05,011 INFO [org.jasig.cas.CentralAuthenticationServiceImpl] - <Granted service ticket [ST-15-gOqvTxzGc1lrYsz5meOgo1AvB0AMlAabuma-20] for service [http://localhost:9080/BCMNewBusinessWeb/j_acegi_cas_security_check] for user [Target4]>
    2007-04-23 10:15:05,042 INFO [org.jasig.cas.CentralAuthenticationServiceImpl] - <Granted service ticket [ST-16-0xwSxOs1e7D2CoCWqdcfXff67lnIGsVUyUJ-20] for service [http://localhost:9080/BCMNewBusinessWeb/j_acegi_cas_security_check] for user [Target4]>
    2007-04-23 10:15:05,073 INFO [org.jasig.cas.CentralAuthenticationServiceImpl] - <Granted service ticket [ST-17-2UDpZaivMX2cxyQXxDWatMDAY1PBxaYOq3r-20] for service [http://localhost:9080/BCMNewBusinessWeb/j_acegi_cas_security_check] for user [Target4]>
    2007-04-23 10:15:05,105 INFO [org.jasig.cas.CentralAuthenticationServiceImpl] - <Granted service ticket [ST-18-uQxYB9MGm6MQKMvjEBBemqxZVt09RYfdVUx-20] for service [http://localhost:9080/BCMNewBusinessWeb/j_acegi_cas_security_check] for user [Target4]>
    2007-04-23 10:15:05,167 INFO [org.jasig.cas.CentralAuthenticationServiceImpl] - <Granted service ticket [ST-19-olPAyfRucFdBVcBsTAo07ZpFglizklul0KV-20] for service [http://localhost:9080/BCMNewBusinessWeb/j_acegi_cas_security_check] for user [Target4]>
    My web apps acegi config is attached, and the properties plugged in are:

    casServerSecurityCheck=http://localhost:9080/BCMNewBusinessWeb/j_acegi_cas_security_check
    casServerLogin=https://tgcrepd1:8443/cas/login
    casProxyValidator=https://tgcrepd1:8443/cas/proxyValidate

    Has anyone any idea why when it goes from CAS back to my Web App it keeps on going back to CAS again ?

  • #2
    It seems my problem is caused by not having a trusted certificate in my app servers jvm keystore, I already have one in my CAS jvm keystore.

    I can see a whole world of pain ahead as I now attempt to install self signed certificates into Websphere.....

    Comment

    Working...
    X