Announcement Announcement Module
Collapse
No announcement yet.
Trying to add basic CAS security to demo Web Flow Projects. Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Trying to add basic CAS security to demo Web Flow Projects.

    I have a basic hello world Web Flow Project that I am using to demo but my firm would like me to use CAS infront of it. we have a standed security-CAS-LDAP.xml file that we use in all projects that need secruitry. If I add the security-CAS-LDAP.xml file to my Web Flow project. I am getting a error.

    web.xml (with CAS)
    Code:
    <?xml version="1.0" encoding="UTF-8"?>
    <web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    	xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
    	xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
    	id="WebApp_ID" version="2.5">
    	<display-name>MyFlow</display-name>
    	<welcome-file-list>
    		<welcome-file>index.html</welcome-file>
    		<welcome-file>index.htm</welcome-file>
    		<welcome-file>index.jsp</welcome-file>
    		<welcome-file>default.html</welcome-file>
    		<welcome-file>default.htm</welcome-file>
    		<welcome-file>default.jsp</welcome-file>
    	</welcome-file-list>
    
    
     <context-param>
      <param-name>contextConfigLocation</param-name>
      <param-value>/WEB-INF/spring/root-config.xml</param-value>
     </context-param>
    
     <listener>
      <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
     </listener>
    
     <servlet>
      <servlet-name>spring</servlet-name>
      <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
      <init-param>
      	<param-name>contextConfigLocation</param-name>
      	<param-value></param-value>
      </init-param>
      <load-on-startup>1</load-on-startup>
     </servlet>
    
     <servlet-mapping>
      <servlet-name>spring</servlet-name>
      <url-pattern>/</url-pattern>
     </servlet-mapping>
     
     
     <!--  adding below for CAS -->
     
      
      <filter>
        <filter-name>springSecurityFilterChain</filter-name>
        <filter-class>
    	        org.springframework.web.filter.DelegatingFilterProxy
            </filter-class>
      </filter>
      
      <filter-mapping>
        <filter-name>springSecurityFilterChain</filter-name>
        <url-pattern>/*</url-pattern>
      </filter-mapping>
      
      <context-param>
        <param-name>log4jConfigLocation</param-name>
        <param-value>
    			/WEB-INF/classes/log4j.xml
            </param-value>
      </context-param>
      
      
      <listener>
        <listener-class>
    			org.springframework.web.context.ContextLoaderListener
            </listener-class>
      </listener>
      
      <listener>
        <listener-class>
    			org.springframework.security.web.session.HttpSessionEventPublisher
            </listener-class>
      </listener>
      
      <listener>
        <listener-class>
    			org.springframework.web.util.Log4jConfigListener
             </listener-class>
      </listener>
      
     
    
    </web-app>
    security-CAS-LDAP.xml:
    Code:
    <?xml version="1.0" encoding="UTF-8"?>
    <b:beans xmlns:b="http://www.springframework.org/schema/beans"
    	xmlns="http://www.springframework.org/schema/security" xmlns:p="http://www.springframework.org/schema/p"
    	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:context="http://www.springframework.org/schema/context"
    	xmlns:util="http://www.springframework.org/schema/util"
    	xsi:schemaLocation="http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd
            http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
            http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-3.1.xsd
            http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd">
    
    	<http entry-point-ref="casEntryPoint" use-expressions="true">
    		<intercept-url pattern="/" access="permitAll" />
    
    		<intercept-url pattern="/index.jsp" access="permitAll" />
    		<intercept-url pattern="/cas-logout.jsp" access="permitAll" />
    		<intercept-url pattern="/casfailed.jsp" access="permitAll" />
    
    		<intercept-url pattern="/secure/**" access="hasRole('ROLE_USER')" />
    		<intercept-url pattern="/helloworld/**" access="hasRole('ROLE_MEMBER_INQUIRY')" />
    
    		<custom-filter ref="requestSingleLogoutFilter" before="LOGOUT_FILTER" />
    		<custom-filter ref="singleLogoutFilter" before="CAS_FILTER" />
    		<custom-filter ref="casFilter" position="CAS_FILTER" />
    
    
    		<logout logout-success-url="/cas-logout.jsp" />
    	</http>
    
    	<authentication-manager alias="authManager">
    		<authentication-provider ref="casAuthProvider" />
    	</authentication-manager>
    
    
    
    	<ldap-server id="ldapServer"
    		url="ldaps://dvldap01.uftwf.dev:636/dc=uftwf,dc=dev" manager-dn="cn=Manager,dc=uftwf,dc=dev"
    		manager-password="uftwf" />
    
    	<ldap-user-service id="userServiceLDAP" server-ref="ldapServer"
    		user-search-base="ou=webusers" user-search-filter="(uid={0})"
    
    		group-search-base="ou=groups" group-role-attribute="cn"
    		group-search-filter="(uniqueMember={0})" role-prefix="ROLE_" />
    
    	<!-- This filter handles a Single Logout Request from the CAS Server -->
    	<b:bean id="singleLogoutFilter" class="org.jasig.cas.client.session.SingleSignOutFilter" />
    	<!-- This filter redirects to the CAS Server to signal Single Logout should 
    		be performed -->
    	<b:bean id="requestSingleLogoutFilter"
    		class="org.springframework.security.web.authentication.logout.LogoutFilter"
    		p:filterProcessesUrl="/j_spring_cas_security_logout">
    		<b:constructor-arg
    			value="https://${cas.server.host}/cas-server-webapp/logout" />
    		<b:constructor-arg>
    			<b:bean
    				class="org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler" />
    		</b:constructor-arg>
    	</b:bean>
    
    	<b:bean id="serviceProperties" class="org.springframework.security.cas.ServiceProperties"
    		p:service="http://${cas.service.host}/MyFlowLocked/j_spring_cas_security_check"
    		p:authenticateAllArtifacts="true" />
    
    	<b:bean id="casEntryPoint"
    		class="org.springframework.security.cas.web.CasAuthenticationEntryPoint"
    		p:serviceProperties-ref="serviceProperties"
    		p:loginUrl="https://${cas.server.host}/cas-server-webapp/login" />
    
    	<b:bean id="casFilter"
    		class="org.springframework.security.cas.web.CasAuthenticationFilter"
    		p:authenticationManager-ref="authManager" p:serviceProperties-ref="serviceProperties"
    		p:proxyGrantingTicketStorage-ref="pgtStorage"
    		p:proxyReceptorUrl="/j_spring_cas_security_proxyreceptor">
    		<b:property name="authenticationDetailsSource">
    			<b:bean
    				class="org.springframework.security.cas.web.authentication.ServiceAuthenticationDetailsSource" />
    		</b:property>
    
    		<b:property name="authenticationFailureHandler">
    			<b:bean
    				class="org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler"
    				p:defaultFailureUrl="/casfailed.jsp" />
    		</b:property>
    
    
    		<b:property name="authenticationSuccessHandler">
    			<b:bean
    				class="org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler"
    				p:defaultTargetUrl="/helloworld" />
    		</b:property>
    	</b:bean>
    	<!-- NOTE: In a real application you should not use an in memory implementation. 
    		You will also want to ensure to clean up expired tickets by calling ProxyGrantingTicketStorage.cleanup() -->
    	<b:bean id="pgtStorage"
    		class="org.jasig.cas.client.proxy.ProxyGrantingTicketStorageImpl" />
    	<b:bean id="casAuthProvider"
    		class="org.springframework.security.cas.authentication.CasAuthenticationProvider"
    		p:serviceProperties-ref="serviceProperties" p:key="casAuthProviderKey">
    		<b:property name="authenticationUserDetailsService">
    			<b:bean
    				class="org.springframework.security.core.userdetails.UserDetailsByNameServiceWrapper">
    				<b:constructor-arg ref="userServiceLDAP" />
    			</b:bean>
    		</b:property>
    	
    			
    	 	
        <b:property name="ticketValidator">
          <b:bean class="org.jasig.cas.client.validation.Cas20ServiceTicketValidator">
            <b:constructor-arg index="0" value="https://${cas.server.host}/cas-server-webapp" />
          </b:bean>
        </b:property>
        
      
    		
    	</b:bean>
    
    	<!-- Configuration for the environment can be overriden by system properties -->
    	<context:property-placeholder
    		system-properties-mode="OVERRIDE" properties-ref="environment" />
    
    	<util:properties id="environment">
    		<b:prop key="cas.service.host">wcmisdlin07.uftmasterad.org:8080</b:prop>
    		<b:prop key="cas.server.host">6dvews01.uftwf.dev:8443</b:prop>
    	</util:properties>
    
    
    </b:beans>
    and now for the error:
    Code:
    2012-07-25 12:11:05,088 [main] ERROR org.springframework.web.context.ContextLoader - Context initialization failed
    org.springframework.beans.factory.parsing.BeanDefinitionParsingException: Configuration problem: Failed to import bean definitions from relative location [security-CAS-LDAP.xml]
    Offending resource: ServletContext resource [/WEB-INF/spring/root-config.xml]; nested exception is org.springframework.beans.factory.BeanDefinitionStoreException: Unexpected exception parsing XML document from ServletContext resource [/WEB-INF/spring/security-CAS-LDAP.xml]; nested exception is org.springframework.beans.FatalBeanException: Invalid NamespaceHandler class [org.springframework.security.config.SecurityNamespaceHandler] for namespace [http://www.springframework.org/schema/security]: problem with handler class file or dependent class; nested exception is java.lang.NoClassDefFoundError: org/springframework/security/web/util/AntUrlPathMatcher
    	at org.springframework.beans.factory.parsing.FailFastProblemReporter.error(FailFastProblemReporter.java:68)
Working...
X