cas-projects / cas-sample-java-webapp Goto Github PK
View Code? Open in Web Editor NEWSample Java web app protected by Java CAS client
Sample Java web app protected by Java CAS client
Tomcat and Nginx are installed on one server at the same time, the port number of Tomcat is 8080, and the port number of Nginx is 8081, and the service can be accessed normally through http://192.168.99.123:8080 and http://192.168.99.123:8080 .
The web.xml part is configured as follows:
<filter>
<filter-name>CAS Validation Filter</filter-name>
<filter-class>org.jasig.cas.client.validation.Cas30ProxyReceivingTicketValidationFilter</filter-class>
<init-param>
<param-name>casServerUrlPrefix</param-name>
<param-value>http://192.168.99.214:8088/sso</param-value>
</init-param>
<init-param>
<param-name>serverName</param-name>
<param-value>http://192.168.99.123:8080 http://192.168.99.123:8081</param-value>
</init-param>
<init-param>
<param-name>encodeServiceUrl</param-name>
<param-value>false</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CAS Validation Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter>
<filter-name>CAS Authentication Filter</filter-name>
<filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class>
<init-param>
<param-name>casServerLoginUrl</param-name>
<param-value>http://192.168.99.214:8088/sso/login</param-value>
</init-param>
<init-param>
<param-name>serverName</param-name>
<param-value>http://192.168.99.123:8080 http://192.168.99.123:8081</param-value>
</init-param>
<init-param>
<param-name>ignorePattern</param-name>
<param-value>logout</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CAS Authentication Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
The problem that arises now is:
When accessing the service through http://192.168.99.123:8081, it will redirect back to http://192.168.99.123:8080
Is there any way to solve this kind of problem?
The log part of cas client
[INFO] jetty-9.3.6.v20151106
log4j: reset attribute= "false".
log4j: Threshold ="null".
log4j: Level value for root is [DEBUG].
log4j: root level set to DEBUG
log4j: Class name: [org.apache.log4j.ConsoleAppender]
log4j: Parsing layout of class: "org.apache.log4j.PatternLayout"
log4j: Setting property [conversionPattern] to [%d{yyyy-MM-dd HH:mm:ss} %-5p %c{1}:%L - %m%n].
log4j: Adding appender named [console] to category [root].
2019-06-04 20:57:54 DEBUG CommonUtils:356 - serviceUrl generated: http://localhost:8083/sample/
2019-06-04 20:57:54 DEBUG AuthenticationFilter:170 - no ticket and no assertion found
2019-06-04 20:57:54 DEBUG AuthenticationFilter:178 - Constructed service url: http://localhost:8083/sample/
2019-06-04 20:57:54 DEBUG AuthenticationFilter:183 - redirecting to "http://localhost:8443/cas/login?service=http%3A%2F%2Flocalhost%3A8083%2Fsample%2F"
2019-06-04 20:58:39 DEBUG SingleSignOutHandler:242 - Recording session for token ST-1-mwxFGto4bRMcxppIs2We-DESKTOP-9HOHOSI
2019-06-04 20:58:39 DEBUG HashMapBackedSessionMappingStorage:56 - Attempting to remove Session=[1rqd7mb71lgjfdtp10pb9qwq4]
2019-06-04 20:58:39 DEBUG HashMapBackedSessionMappingStorage:64 - No mapping for session found. Ignoring.
2019-06-04 20:58:39 DEBUG Cas30ProxyReceivingTicketValidationFilter:201 - Attempting to validate ticket: ST-1-mwxFGto4bRMcxppIs2We-DESKTOP-9HOHOSI
2019-06-04 20:58:39 DEBUG CommonUtils:356 - serviceUrl generated: http://localhost:8083/sample/
2019-06-04 20:58:39 DEBUG Cas30ServiceTicketValidator:104 - Placing URL parameters in map.
2019-06-04 20:58:39 DEBUG Cas30ServiceTicketValidator:112 - Calling template URL attribute map.
2019-06-04 20:58:39 DEBUG Cas30ServiceTicketValidator:115 - Loading custom parameters from configuration.
2019-06-04 20:58:39 DEBUG Cas30ServiceTicketValidator:189 - Constructing validation url: http://localhost:8443/cas/p3/serviceValidate?ticket=ST-1-mwxFGto4bRMcxppIs2We-DESKTOP-9HOHOSI&service=http%3A%2F%2Flocalhost%3A8083%2Fsample%2F&authn_method=mfa-duo
2019-06-04 20:58:39 DEBUG Cas30ServiceTicketValidator:192 - Retrieving response from server.
2019-06-04 20:58:39 DEBUG Cas30ServiceTicketValidator:199 - Server response: <cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'>
<cas:authenticationSuccess>
<cas:user>casuser</cas:user>
<cas:attributes>
<cas:longTermAuthenticationRequestTokenUsed>false</cas:longTermAuthenticationRequestTokenUsed>
<cas:isFromNewLogin>true</cas:isFromNewLogin>
<cas:authenticationDate>2019-06-04T20:58:38.719+08:00[Asia/Shanghai]</cas:authenticationDate>
<cas:authenticationMethod>AcceptUsersAuthenticationHandler</cas:authenticationMethod>
<cas:successfulAuthenticationHandlers>AcceptUsersAuthenticationHandler</cas:successfulAuthenticationHandlers>
</cas:attributes>
</cas:authenticationSuccess>
</cas:serviceResponse>
2019-06-04 20:58:39 DEBUG Cas30ProxyReceivingTicketValidationFilter:207 - Successfully authenticated user: casuser
2019-06-04 20:58:39 DEBUG Cas30ProxyReceivingTicketValidationFilter:217 - Redirecting after successful ticket validation.
2019-06-04 20:58:39 DEBUG CommonUtils:356 - serviceUrl generated: http://localhost:8083/sample/
cas client web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app version="2.4" xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
<!--
<context-param>
<param-name>renew</param-name>
<param-value>true</param-value>
</context-param>
-->
<filter>
<filter-name>CAS Single Sign Out Filter</filter-name>
<filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class>
<init-param>
<param-name>casServerUrlPrefix</param-name>
<!-- <param-value>https://mmoayyed.unicon.net:8443/cas</param-value> -->
<param-value>http://localhost:8443/cas</param-value>
</init-param>
</filter>
<listener>
<listener-class>org.jasig.cas.client.session.SingleSignOutHttpSessionListener</listener-class>
</listener>
<filter>
<filter-name>CAS Authentication Filter</filter-name>
<!--<filter-class>org.jasig.cas.client.authentication.Saml11AuthenticationFilter</filter-class>-->
<filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class>
<init-param>
<param-name>casServerLoginUrl</param-name>
<!-- <param-value>https://mmoayyed.unicon.net:8443/cas/login</param-value> -->
<param-value>http://localhost:8443/cas/login</param-value>
</init-param>
<init-param>
<param-name>serverName</param-name>
<!-- <param-value>https://mmoayyed.unicon.net:9443</param-value> -->
<param-value>http://localhost:8083</param-value>
</init-param>
</filter>
<filter>
<filter-name>CAS Validation Filter</filter-name>
<!--<filter-class>org.jasig.cas.client.validation.Saml11TicketValidationFilter</filter-class>-->
<filter-class>org.jasig.cas.client.validation.Cas30ProxyReceivingTicketValidationFilter</filter-class>
<init-param>
<param-name>casServerUrlPrefix</param-name>
<!-- <param-value>https://mmoayyed.unicon.net:8443/cas</param-value> -->
<param-value>http://localhost:8443/cas</param-value>
</init-param>
<init-param>
<param-name>serverName</param-name>
<!-- <param-value>https://mmoayyed.unicon.net:9443</param-value> -->
<param-value>http://localhost:8083</param-value>
</init-param>
<init-param>
<param-name>redirectAfterValidation</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<param-name>useSession</param-name>
<param-value>true</param-value>
</init-param>
<!--
<init-param>
<param-name>acceptAnyProxy</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<param-name>proxyReceptorUrl</param-name>
<param-value>/sample/proxyUrl</param-value>
</init-param>
<init-param>
<param-name>proxyCallbackUrl</param-name>
<param-value>https://mmoayyed.unicon.net:9443/sample/proxyUrl</param-value>
</init-param>
-->
<init-param>
<param-name>authn_method</param-name>
<param-value>mfa-duo</param-value>
</init-param>
</filter>
<filter>
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
<filter-class>org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>CAS Single Sign Out Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>CAS Validation Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>CAS Authentication Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<welcome-file-list>
<welcome-file>
index.jsp
</welcome-file>
</welcome-file-list>
</web-app>
and I also registered service to cas server and set cas.serviceRegistry.initFromJson=true.
cas server service
{
"@class": "org.apereo.cas.services.RegexRegisteredService",
"serviceId": "^(https|imaps|http)://localhost:8083.*",
"name": "Localhost8083",
"id": 10000006,
"description": "this is a localhost service",
"evaluationOrder": 10000000,
"logoutType" : "BACK_CHANNEL",
"logoutUrl" : "http://localhost:8083/sample",
"attributeReleasePolicy": {
"@class": "org.apereo.cas.services.ReturnAllAttributeReleasePolicy"
}
}
when I run http://localhost:8443/cas/logout(cas server),and the cas client can not receive cas server single logout callback.
The log part of cas server
2019-06-04 21:30:38,161 DEBUG [org.apereo.cas.logout.DefaultLogoutManager] - <Handling single logout callback for [org.apereo.cas.authentication.principal.SimpleWebApplicationServiceImpl@78fbff0b[id=http://localhost:8083/sample/,originalUrl=http://localhost:8083/sample/,artifactId=<null>,principal=casuser,loggedOutAlready=true,format=XML]]>
2019-06-04 21:30:38,161 DEBUG [org.apereo.cas.logout.DefaultSingleLogoutServiceMessageHandler] - <Processing logout request for service [org.apereo.cas.authentication.principal.SimpleWebApplicationServiceImpl@78fbff0b[id=http://localhost:8083/sample/,originalUrl=http://localhost:8083/sample/,artifactId=<null>,principal=casuser,loggedOutAlready=true,format=XML]]...>
2019-06-04 21:30:38,161 DEBUG [org.apereo.cas.logout.DefaultSingleLogoutServiceMessageHandler] - <Service [org.apereo.cas.authentication.principal.SimpleWebApplicationServiceImpl@78fbff0b[id=http://localhost:8083/sample/,originalUrl=http://localhost:8083/sample/,artifactId=<null>,principal=casuser,loggedOutAlready=true,format=XML]] supports single logout and is found in the registry as [id=10000000,name=ShiroClient-demo,description=ShiroClient-demo service,serviceId=^(https|imaps|http)://localhost:8083.*,usernameAttributeProvider=org.apereo.cas.services.DefaultRegisteredServiceUsernameProvider@d,theme=demo,evaluationOrder=100,logoutType=BACK_CHANNEL,attributeReleasePolicy=org.apereo.cas.services.ReturnAllowedAttributeReleasePolicy@c34d45[attributeFilter=<null>,principalAttributesRepository=org.apereo.cas.authentication.principal.DefaultPrincipalAttributesRepository@608ee0f5[],authorizedToReleaseCredentialPassword=false,authorizedToReleaseProxyGrantingTicket=false,excludeDefaultAttributes=false,principalIdAttribute=<null>,allowedAttributes=[school_multi, email]],accessStrategy=org.apereo.cas.services.DefaultRegisteredServiceAccessStrategy@1f1ad3ff[enabled=true,ssoEnabled=true,requireAllAttributes=true,requiredAttributes={},unauthorizedRedirectUrl=<null>,caseInsensitive=false,rejectedAttributes={}],publicKey=<null>,proxyPolicy=org.apereo.cas.services.RefuseRegisteredServiceProxyPolicy@4dc523be,logo=<null>,logoutUrl=http://localhost:8083/logout,requiredHandlers=[],properties={},multifactorPolicy=org.apereo.cas.services.DefaultRegisteredServiceMultifactorPolicy@7901c19e[multifactorAuthenticationProviders=[],failureMode=CLOSED,principalAttributeNameTrigger=<null>,principalAttributeValueToMatch=<null>,bypassEnabled=false],informationUrl=<null>,privacyUrl=<null>,<null>]. Proceeding...>
2019-06-04 21:30:38,161 DEBUG [org.apereo.cas.logout.DefaultSingleLogoutServiceLogoutUrlBuilder] - <Logout request will be sent to [http://localhost:8083/logout] for service [org.apereo.cas.authentication.principal.SimpleWebApplicationServiceImpl@78fbff0b[id=http://localhost:8083/sample/,originalUrl=http://localhost:8083/sample/,artifactId=<null>,principal=casuser,loggedOutAlready=true,format=XML]]>
2019-06-04 21:30:38,161 DEBUG [org.apereo.cas.logout.DefaultSingleLogoutServiceMessageHandler] - <Prepared logout url [http://localhost:8083/logout] for service [org.apereo.cas.authentication.principal.SimpleWebApplicationServiceImpl@78fbff0b[id=http://localhost:8083/sample/,originalUrl=http://localhost:8083/sample/,artifactId=<null>,principal=casuser,loggedOutAlready=true,format=XML]]>
2019-06-04 21:30:38,161 DEBUG [org.apereo.cas.logout.DefaultSingleLogoutServiceMessageHandler] - <Creating logout request for [org.apereo.cas.authentication.principal.SimpleWebApplicationServiceImpl@78fbff0b[id=http://localhost:8083/sample/,originalUrl=http://localhost:8083/sample/,artifactId=<null>,principal=casuser,loggedOutAlready=true,format=XML]] and ticket id [ST-2-Cz1Eyy9fTLSPWcbJTcro-DESKTOP-9HOHOSI]>
2019-06-04 21:30:38,161 DEBUG [org.apereo.cas.logout.DefaultSingleLogoutServiceMessageHandler] - <Logout request [org.apereo.cas.logout.DefaultLogoutRequest@32c309f0[ticketId=ST-2-Cz1Eyy9fTLSPWcbJTcro-DESKTOP-9HOHOSI,service=org.apereo.cas.authentication.principal.SimpleWebApplicationServiceImpl@78fbff0b[id=http://localhost:8083/sample/,originalUrl=http://localhost:8083/sample/,artifactId=<null>,principal=casuser,loggedOutAlready=true,format=XML],status=SUCCESS]] created for [org.apereo.cas.authentication.principal.SimpleWebApplicationServiceImpl@78fbff0b[id=http://localhost:8083/sample/,originalUrl=http://localhost:8083/sample/,artifactId=<null>,principal=casuser,loggedOutAlready=true,format=XML]] and ticket id [ST-2-Cz1Eyy9fTLSPWcbJTcro-DESKTOP-9HOHOSI]>
2019-06-04 21:30:38,161 DEBUG [org.apereo.cas.logout.DefaultSingleLogoutServiceMessageHandler] - <Logout type registered for [org.apereo.cas.authentication.principal.SimpleWebApplicationServiceImpl@78fbff0b[id=http://localhost:8083/sample/,originalUrl=http://localhost:8083/sample/,artifactId=<null>,principal=casuser,loggedOutAlready=true,format=XML]] is [BACK_CHANNEL]>
2019-06-04 21:30:38,161 DEBUG [org.apereo.cas.logout.DefaultSingleLogoutServiceMessageHandler] - <Creating back-channel logout request based on [org.apereo.cas.logout.DefaultLogoutRequest@32c309f0[ticketId=ST-2-Cz1Eyy9fTLSPWcbJTcro-DESKTOP-9HOHOSI,service=org.apereo.cas.authentication.principal.SimpleWebApplicationServiceImpl@78fbff0b[id=http://localhost:8083/sample/,originalUrl=http://localhost:8083/sample/,artifactId=<null>,principal=casuser,loggedOutAlready=true,format=XML],status=SUCCESS]]>
2019-06-04 21:30:38,162 DEBUG [org.apereo.cas.logout.SamlCompliantLogoutMessageCreator] - <Generated logout message: [<samlp:LogoutRequest xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="LR-3-UwxHvvQlWqFwQlg6OqWrDOsmHhyC1SQsM6j" Version="2.0" IssueInstant="2019-06-04T21:30:38Z"><saml:NameID xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">@NOT_USED@</saml:NameID><samlp:SessionIndex>ST-2-Cz1Eyy9fTLSPWcbJTcro-DESKTOP-9HOHOSI</samlp:SessionIndex></samlp:LogoutRequest>]>
2019-06-04 21:30:38,162 DEBUG [org.apereo.cas.logout.DefaultSingleLogoutServiceMessageHandler] - <Preparing logout request for [http://localhost:8083/sample/] to [http://localhost:8083/logout]>
2019-06-04 21:30:38,162 DEBUG [org.apereo.cas.logout.DefaultSingleLogoutServiceMessageHandler] - <Prepared logout message to send is [org.apereo.cas.logout.LogoutHttpMessage@2ff024[url=http://localhost:8083/logout,message=<samlp:LogoutRequest xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="LR-3-UwxHvvQlWqFwQlg6OqWrDOsmHhyC1SQsM6j" Version="2.0" IssueInstant="2019-06-04T21:30:38Z"><saml:NameID xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">@NOT_USED@</saml:NameID><samlp:SessionIndex>ST-2-Cz1Eyy9fTLSPWcbJTcro-DESKTOP-9HOHOSI</samlp:SessionIndex></samlp:LogoutRequest>,asynchronous=true,contentType=application/x-www-form-urlencoded,responseCode=0]]. Sending...>
2019-06-04 21:30:38,163 DEBUG [org.apereo.cas.logout.DefaultLogoutManager] - <Captured logout request [org.apereo.cas.logout.DefaultLogoutRequest@32c309f0[ticketId=ST-2-Cz1Eyy9fTLSPWcbJTcro-DESKTOP-9HOHOSI,service=org.apereo.cas.authentication.principal.SimpleWebApplicationServiceImpl@78fbff0b[id=http://localhost:8083/sample/,originalUrl=http://localhost:8083/sample/,artifactId=<null>,principal=casuser,loggedOutAlready=true,format=XML],status=SUCCESS]]>
when i redirect to this page https://mmoayyed.unicon.net:8443/cas/login the page appear This site can’t be reached.what do i have to do?
Hi,
With which version of CAS server is this supposed to work? I'm running CAS server 4.0 on my local host and am running into the following issue:
Audit log gives me this (sorry for the crappy layout)
2015-01-22 13:46:46,242 INFO [org.jasig.cas.authentication.PolicyBasedAuthenticationManager] - <SimpleTestUsernamePasswordAuthenticationHandler successfully authenticated User+password>
2015-01-22 13:46:46,242 DEBUG [org.jasig.cas.authentication.principal.PersonDirectoryPrincipalResolver] -
2015-01-22 13:46:46,242 DEBUG [org.jasig.cas.authentication.principal.PersonDirectoryPrincipalResolver] - <Creating SimplePrincipal for [User]>
2015-01-22 13:46:46,243 DEBUG [org.jasig.cas.authentication.PolicyBasedAuthenticationManager] - <org.jasig.cas.authentication.principal.PersonDirectoryPrincipalResolver@327dae65 resolved User from User+password>
2015-01-22 13:46:46,246 INFO [org.jasig.cas.authentication.PolicyBasedAuthenticationManager] - <Authenticated User with credentials [User+password].>
2015-01-22 13:46:46,246 DEBUG [org.jasig.cas.authentication.PolicyBasedAuthenticationManager] - <Attribute map for User: {uid=uid, eduPersonAffiliation=eduPersonAffiliation, groupMembership=groupMembership}>
2015-01-22 13:46:46,246 INFO [org.perf4j.TimingLogger] - <start[1421927206238] time[7] tag[AUTHENTICATE]>
#2015-01-22 13:46:46,247 INFO [com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit trail record BEGIN
WHO: audit:unknown
WHAT: supplied credentials: [User+password]
ACTION: AUTHENTICATION_SUCCESS
APPLICATION: CAS
WHEN: Thu Jan 22 13:46:46 EET 2015
CLIENT IP ADDRESS: 0:0:0:0:0:0:0:1
2015-01-22 13:46:46,250 DEBUG [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Added ticket [TGT-1-ms17Ih751PPSRVpUxPqaEygdiknez9kvgv4mLYlCP3EdAtIqc0-cas01.example.org] to registry.>
2015-01-22 13:46:46,250 INFO [org.perf4j.TimingLogger] - <start[1421927206237] time[12] tag[CREATE_TICKET_GRANTING_TICKET]>2015-01-22 13:46:46,251 INFO [com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit trail record BEGIN
WHO: audit:unknown
WHAT: TGT-1-ms17Ih751PPSRVpUxPqaEygdiknez9kvgv4mLYlCP3EdAtIqc0-cas01.example.org
ACTION: TICKET_GRANTING_TICKET_CREATED
APPLICATION: CAS
WHEN: Thu Jan 22 13:46:46 EET 2015
CLIENT IP ADDRESS: 0:0:0:0:0:0:0:1SERVER IP ADDRESS: 0:0:0:0:0:0:0:1
2015-01-22 13:46:46,252 DEBUG [org.jasig.cas.web.support.CookieRetrievingCookieGenerator] - <Removed cookie with name [CASPRIVACY]>
2015-01-22 13:46:46,252 DEBUG [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Attempting to retrieve ticket [TGT-1-ms17Ih751PPSRVpUxPqaEygdiknez9kvgv4mLYlCP3EdAtIqc0-cas01.example.org]>
2015-01-22 13:46:46,253 DEBUG [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Ticket [TGT-1-ms17Ih751PPSRVpUxPqaEygdiknez9kvgv4mLYlCP3EdAtIqc0-cas01.example.org] found in registry.>
2015-01-22 13:46:46,253 DEBUG [org.jasig.cas.web.support.CookieRetrievingCookieGenerator] - <Added cookie with name [CASTGC] and value [TGT-1-ms17Ih751PPSRVpUxPqaEygdiknez9kvgv4mLYlCP3EdAtIqc0-cas01.example.org]>
2015-01-22 13:46:46,263 DEBUG [org.jasig.cas.web.support.CasArgumentExtractor] -
I'm pretty new to CAS and it's a little overwhelming :) I may have missed some setup somewhere... any help is much appreciated.
Thanks
Since this project seems to be abundant, at least want to leave this here so help somebody if they come across this:
If you receive this error:
org.jasig.cas.client.validation.TicketValidationException: No principal was found in the response from the CAS server.
Try comment out the following line in web.xml
<init-param>
<param-name>authn_method</param-name>
<param-value>mfa-duo</param-value>
</init-param>
This happened because your CAS server does not support MFA authentication
Hi,
I'm attempting to run this sample webapp with a CAS 6.0.0-RC1 installation I have setup in another node.
I've configured the web.xml to target my CAS installation and started the webapp according to the README instructions.
When browsing this sample app I'm redirected to the CAS login, I enter my credentials, and then the following error is displayed.
HTTP ERROR 500
Problem accessing /sample/. Reason:
Server Error
Caused by:
java.lang.RuntimeException: java.io.FileNotFoundException: https://mydomain.com:8443/cas/login/p3/serviceValidate?ticket=ST-3-ppf6QjykhqFHGczk24CiyBgJ7sQip-XXX-XX-XX-XX&service=https%3A%2F%2Fmydomain.com%3A9443%2Fsample%2F&authn_method=mfa-duo
at org.jasig.cas.client.util.CommonUtils.getResponseFromServer(CommonUtils.java:443)
at org.jasig.cas.client.validation.AbstractCasProtocolUrlBasedTicketValidator.retrieveResponseFromServer(AbstractCasProtocolUrlBasedTicketValidator.java:41)
at org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:193)
at org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(AbstractTicketValidationFilter.java:204)
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1668)
at org.jasig.cas.client.session.SingleSignOutFilter.doFilter(SingleSignOutFilter.java:97)
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1668)
at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:581)
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143)
at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:548)
at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:226)
at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1158)
at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:511)
at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:185)
at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1090)
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)
at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:213)
at org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:109)
at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:119)
at org.eclipse.jetty.server.Server.handle(Server.java:517)
at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:308)
at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:242)
at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:261)
at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:95)
at org.eclipse.jetty.io.ssl.SslConnection.onFillable(SslConnection.java:192)
at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:261)
at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:95)
at org.eclipse.jetty.io.SelectChannelEndPoint$2.run(SelectChannelEndPoint.java:75)
at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.produceAndRun(ExecuteProduceConsume.java:213)
at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.run(ExecuteProduceConsume.java:147)
at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:654)
at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:572)
at java.lang.Thread.run(Thread.java:748)
Any hints/pointers as to what should be done to fix this are appreciated.
thanks!
Hi,
I've just cloned and tried to build it but it fails. There is an "Exception starting filter springSecurityFilterChain" and next line displays "Error creating bean with name 'springSecurityFilterChain' defined in class path resource [org/springframework/security/config/annotation/web/configuration/WebSecurityConfiguration.class]: Bean instantiation via factory method failed".
The netire build output generated by "mvn -e -X install" is attached here.
build.txt
The same errors are triggered even when Run.sh is executed.
Any idea about how to debug it and move forward?
Thanks!
when i go to this site https://mmoayyed.unicon.net:8443/cas/login the page display the site can not be reached.
Hello,
As Jetty wiki said, I'm creating keystore using keytool -keystore /etc/cas/jetty/thekeystore -alias cas -genkey -keyalg RSA
$ ll /etc/cas/jetty/
total 20
-rw-r--r-- 1 Administrator 197121 7293 Jan 28 10:11 thekeystore
but when I run mvn clean package jetty:run-forked
, it's said:
[STDERR] 2019-01-28 10:11:35.785:INFO:oejs.ServerConnector:main: Started ServerConnector@54e7df6a{HTTP/1.1,[http/1.1]}{0.0.0.0:9080}
[STDOUT] -40LXX65XTU2L no valid keystore
[STDERR] java.lang.IllegalStateException: no valid keystore
[STDERR] at org.eclipse.jetty.util.security.CertificateUtils.getKeyStore(CertificateUtils.java:48)
[STDERR] at org.eclipse.jetty.util.ssl.SslContextFactory.loadKeyStore(SslContextFactory.java:1020)
[STDERR] at org.eclipse.jetty.util.ssl.SslContextFactory.doStart(SslContextFactory.java:336)
[STDERR] at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
[STDERR] at org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:132)
[STDERR] at org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:114)
[STDERR] at org.eclipse.jetty.server.SslConnectionFactory.doStart(SslConnectionFactory.java:64)
[STDERR] at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
[STDERR] at org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:132)
[STDERR] at org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:114)
[STDERR] at org.eclipse.jetty.server.AbstractConnector.doStart(AbstractConnector.java:260)
[STDERR] at org.eclipse.jetty.server.AbstractNetworkConnector.doStart(AbstractNetworkConnector.java:81)
[STDERR] at org.eclipse.jetty.server.ServerConnector.doStart(ServerConnector.java:244)
[STDERR] at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
[STDERR] at org.eclipse.jetty.server.Server.doStart(Server.java:384)
[STDERR] at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
[STDERR] at org.eclipse.jetty.maven.plugin.Starter.run(Starter.java:370)
[STDERR] at org.eclipse.jetty.maven.plugin.Starter.main(Starter.java:468)
[INFO] Forked execution exit: 1
[INFO] ------------------------------------------------------------------------
[INFO] BUILD SUCCESS
[INFO] ------------------------------------------------------------------------
Please help.
When i login in the logging page and want to redirect it to the index.jsp the error 404 appeared that tell me the resource doesn't exist.
I'm logged in CAS with jleleu example user and when I call my cas URL with the service in in I got this:
CAS Example Java Web App
A sample web application that exercises the CAS protocol features via the Java CAS Client.
Authenticated User Id: null
The user principal is empty from the request object. Review the wrapper filter configuration.
Can someone help me??
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.