unable to get SSO working
|
|
Dallas
|
Hi, I'm trying to CAS and a couple of apps (appA and appB) configured for SSO. Both appA and appB are configured to authenticate against CAS and in both cases authentication is working correctly. If I start with appA and login,I get authenticated and the CASTGC cookie gets set, same thing happens if I start with appB.
In my case an authenticated user in appA is able to click on a link and be redirected to appB. But when the user is redirected to appB they are challenged again for login creds. If enter the creds I can then get to appB. I assume it is just that I've not correctly configured something but in reading through the CAS docs I've found where I'm going wrong. My web.xml configs are... appA >>>> <filter> <filter-name>CAS Authentication Filter</filter-name> <filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class> <init-param> <param-name>casServerLoginUrl</param-name> <param-value>http://localhost:8080/login</param-value> </init-param> <init-param> <param-name>serverName</param-name> <param-value>http://localhost:8084</param-value> </init-param> </filter> <filter> <filter-name>CAS Validation Filter</filter-name> <filter-class>org.jasig.cas.client.validation.Saml11TicketValidationFilter</filter-class> <init-param> <param-name>casServerUrlPrefix</param-name> <param-value>http://localhost:8080</param-value> </init-param> <init-param> <param-name>serverName</param-name> <param-value>http://localhost:8084</param-value> </init-param> </filter> <filter> <filter-name>CAS HttpServletRequest Wrapper Filter</filter-name> <filter-class>org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filter-class> </filter> <filter> <filter-name>CAS Assertion Thread Local Filter</filter-name> <filter-class>org.jasig.cas.client.util.AssertionThreadLocalFilter</filter-class> </filter> <<< appB >>> <filter> <filter-name>CAS Authentication Filter</filter-name> <filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class> <init-param> <param-name>casServerLoginUrl</param-name> <param-value>http://localhost:8080/login</param-value> </init-param> <init-param> <param-name>serverName</param-name> <param-value>http://localhost:8081</param-value> </init-param> </filter> <filter> <filter-name>CAS Validation Filter</filter-name> <filter-class>org.jasig.cas.client.validation.Saml11TicketValidationFilter</filter-class> <init-param> <param-name>casServerUrlPrefix</param-name> <param-value>http://localhost:8080</param-value> </init-param> <init-param> <param-name>serverName</param-name> <param-value>http://localhost:8081</param-value> </init-param> </filter> <filter> <filter-name>CAS HttpServletRequest Wrapper Filter</filter-name> <filter-class>org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filter-class> </filter> <filter> <filter-name>CAS Assertion Thread Local Filter</filter-name> <filter-class>org.jasig.cas.client.util.AssertionThreadLocalFilter</filter-class> </filter> <<< with some CAS server debug output thrown in for good measure >>> [java] DEBUG [2009-10-19 18:42:06,556] [http--8080-4$28137909] AuthenticationViaFormAction - Action 'AuthenticationViaFormAction' beginning execution [java] DEBUG [2009-10-19 18:42:06,556] [http--8080-4$28137909] AuthenticationViaFormAction - Executing bind [java] DEBUG [2009-10-19 18:42:06,556] [http--8080-4$28137909] AuthenticationViaFormAction - Found existing form object with name 'credentials' of type [class org.jasig.cas.authentication.principal.UsernamePasswordCredentials] in scope Flow [java] DEBUG [2009-10-19 18:42:06,556] [http--8080-4$28137909] AuthenticationViaFormAction - No property editor registrar set, no custom editors to register [java] DEBUG [2009-10-19 18:42:06,587] [http--8080-4$28137909] AuthenticationViaFormAction - Binding allowed request parameters in map['lt' -> '_c59B7F3F2-A126-45EB-19A3-E0B62629BA68_k20309474-3BCC-AC08-4A05-DA5AFEFD06E8', 'service' -> 'http://localho t:8084/reviews/demo', 'username' -> '[hidden email]', '_eventId' -> 'submit', 'submit' -> 'Submit', 'password' -> '1Follow'] to form object with name 'credentials', pre-bind formObject toString = [username: null] [java] DEBUG [2009-10-19 18:42:06,587] [http--8080-4$28137909] AuthenticationViaFormAction - (Any field is allowed) [java] DEBUG [2009-10-19 18:42:06,603] [http--8080-4$28137909] AuthenticationViaFormAction - Binding completed for form object with name 'credentials', post-bind formObject toString = [username: [hidden email]] [java] DEBUG [2009-10-19 18:42:06,603] [http--8080-4$28137909] AuthenticationViaFormAction - There are [0] errors, details: [] [java] DEBUG [2009-10-19 18:42:06,603] [http--8080-4$28137909] AuthenticationViaFormAction - Executing validation [java] DEBUG [2009-10-19 18:42:06,603] [http--8080-4$28137909] AuthenticationViaFormAction - Invoking validator org.jasig.cas.validation.UsernamePasswordCredentialsValidator@186330 [java] DEBUG [2009-10-19 18:42:06,603] [http--8080-4$28137909] AuthenticationViaFormAction - Validation completed for form object [java] DEBUG [2009-10-19 18:42:06,603] [http--8080-4$28137909] AuthenticationViaFormAction - There are [0] errors, details: [] [java] DEBUG [2009-10-19 18:42:06,603] [http--8080-4$28137909] AuthenticationViaFormAction - Putting form errors instance in scope Flash [java] DEBUG [2009-10-19 18:42:06,603] [http--8080-4$28137909] AuthenticationViaFormAction - Action 'AuthenticationViaFormAction' completed execution; result is 'success' [java] DEBUG [2009-10-19 18:42:06,603] [http--8080-4$28137909] AuthenticationViaFormAction - Action 'AuthenticationViaFormAction' beginning execution [java] DEBUG [2009-10-19 18:42:06,603] [http--8080-4$28137909] AuthenticationViaFormAction - Found existing form object with name 'credentials' of type [class org.jasig.cas.authentication.principal.UsernamePasswordCredentials] in scope Flow [java] DEBUG [2009-10-19 18:42:06,680] [http--8080-4$28137909] CentralAuthenticationServiceImpl - Attempting to create TicketGrantingTicket for [username: [hidden email]] [java] INFO [2009-10-19 18:42:06,960] [http--8080-4$28137909] AuthenticationManagerImpl - AuthenticationHandler: com.homeaway.bluesun.cas.authentication.BluesunAuthenticationHandler successfully authenticated the user which provided the following cre entials: [username: [hidden email]] [java] DEBUG [2009-10-19 18:42:06,960] [http--8080-4$28137909] UsernamePasswordCredentialsToPrincipalResolver - Attempting to resolve a principal... [java] DEBUG [2009-10-19 18:42:06,976] [http--8080-4$28137909] UsernamePasswordCredentialsToPrincipalResolver - Creating SimplePrincipal for [[hidden email]] [java] DEBUG [2009-10-19 18:42:07,380] [http--8080-4$28137909] CookieRetrievingCookieGenerator - Removed cookie with name [CASPRIVACY] [java] DEBUG [2009-10-19 18:42:07,380] [http--8080-4$28137909] AuthenticationViaFormAction - Action 'AuthenticationViaFormAction' completed execution; result is 'success' [java] DEBUG [2009-10-19 18:42:07,380] [http--8080-4$28137909] SendTicketGrantingTicketAction - Action 'SendTicketGrantingTicketAction' beginning execution [java] DEBUG [2009-10-19 18:42:07,380] [http--8080-4$28137909] CookieRetrievingCookieGenerator - Added cookie with name [CASTGC] and value [TGT-1-qY4l1fDjtUvYI6RLfPuvcpLVcG0EmfAe60nKduydDNhXeIhd6y-localhost:8080] [java] DEBUG [2009-10-19 18:42:07,380] [http--8080-4$28137909] SendTicketGrantingTicketAction - Action 'SendTicketGrantingTicketAction' completed execution; result is 'success' [java] DEBUG [2009-10-19 18:42:07,395] [http--8080-4$28137909] GenerateServiceTicketAction - Action 'GenerateServiceTicketAction' beginning execution [java] INFO [2009-10-19 18:42:07,473] [http--8080-4$28137909] CentralAuthenticationServiceImpl - Granted service ticket [ST-1-SIy6TrgD7FbTdxKoANnU-localhost:8080] for service [http://localhost:8084/reviews/demo] for user [[hidden email]] [java] DEBUG [2009-10-19 18:42:07,519] [http--8080-4$28137909] GenerateServiceTicketAction - Action 'GenerateServiceTicketAction' completed execution; result is 'success' [java] DEBUG [2009-10-19 18:42:07,675] [http--8080-11$30385692] SamlArgumentExtractor - Extractor generated service for: http://localhost:8084/reviews/demo [java] DEBUG [2009-10-19 18:43:20,449] [http--8080-10$24447827] InitialFlowSetupAction - Action 'InitialFlowSetupAction' beginning execution [java] DEBUG [2009-10-19 18:43:20,449] [http--8080-10$24447827] CasArgumentExtractor - Extractor generated service for: http://localhost:8081/secured/account/editAccount.htm [java] DEBUG [2009-10-19 18:43:20,449] [http--8080-10$24447827] InitialFlowSetupAction - Placing service in FlowScope: http://localhost:8081/secured/account/editAccount.htm [java] DEBUG [2009-10-19 18:43:20,449] [http--8080-10$24447827] InitialFlowSetupAction - Action 'InitialFlowSetupAction' completed execution; result is 'success' [java] DEBUG [2009-10-19 18:43:20,449] [http--8080-10$24447827] AuthenticationViaFormAction - Action 'AuthenticationViaFormAction' beginning execution [java] DEBUG [2009-10-19 18:43:20,449] [http--8080-10$24447827] AuthenticationViaFormAction - Executing setupForm [java] DEBUG [2009-10-19 18:43:20,449] [http--8080-10$24447827] AuthenticationViaFormAction - Creating new form object with name 'credentials' [java] DEBUG [2009-10-19 18:43:20,449] [http--8080-10$24447827] AuthenticationViaFormAction - Creating new instance of form object class [class org.jasig.cas.authentication.principal.UsernamePasswordCredentials] [java] DEBUG [2009-10-19 18:43:20,449] [http--8080-10$24447827] AuthenticationViaFormAction - Putting form object of type [class org.jasig.cas.authentication.principal.UsernamePasswordCredentials] in scope Flow with name 'credentials' [java] DEBUG [2009-10-19 18:43:20,449] [http--8080-10$24447827] AuthenticationViaFormAction - Creating new form errors for object with name 'credentials' [java] DEBUG [2009-10-19 18:43:20,449] [http--8080-10$24447827] AuthenticationViaFormAction - No property editor registrar set, no custom editors to register [java] DEBUG [2009-10-19 18:43:20,449] [http--8080-10$24447827] AuthenticationViaFormAction - Putting form errors instance in scope Flash [java] DEBUG [2009-10-19 18:43:20,449] [http--8080-10$24447827] AuthenticationViaFormAction - Action 'AuthenticationViaFormAction' completed execution; result is 'success' [java] DEBUG [2009-10-19 18:43:20,480] [http--8080-10$24447827] AuthenticationViaFormAction - Action 'AuthenticationViaFormAction' beginning execution [java] DEBUG [2009-10-19 18:43:20,480] [http--8080-10$24447827] AuthenticationViaFormAction - Action 'AuthenticationViaFormAction' completed execution; result is 'success' [java] DEBUG [2009-10-19 18:45:18,943] [http--8080-12$2548297] InitialFlowSetupAction - Action 'InitialFlowSetupAction' beginning execution [java] DEBUG [2009-10-19 18:45:18,943] [http--8080-12$2548297] CasArgumentExtractor - Extractor generated service for: http://localhost:8081/secured/account/editAccount.htm [java] DEBUG [2009-10-19 18:45:18,943] [http--8080-12$2548297] InitialFlowSetupAction - Placing service in FlowScope: http://localhost:8081/secured/account/editAccount.htm [java] DEBUG [2009-10-19 18:45:18,943] [http--8080-12$2548297] InitialFlowSetupAction - Action 'InitialFlowSetupAction' completed execution; result is 'success' [java] DEBUG [2009-10-19 18:45:18,943] [http--8080-12$2548297] AuthenticationViaFormAction - Action 'AuthenticationViaFormAction' beginning execution [java] DEBUG [2009-10-19 18:45:18,943] [http--8080-12$2548297] AuthenticationViaFormAction - Executing setupForm [java] DEBUG [2009-10-19 18:45:18,943] [http--8080-12$2548297] AuthenticationViaFormAction - Creating new form object with name 'credentials' [java] DEBUG [2009-10-19 18:45:18,943] [http--8080-12$2548297] AuthenticationViaFormAction - Creating new instance of form object class [class org.jasig.cas.authentication.principal.UsernamePasswordCredentials] [java] DEBUG [2009-10-19 18:45:18,943] [http--8080-12$2548297] AuthenticationViaFormAction - Putting form object of type [class org.jasig.cas.authentication.principal.UsernamePasswordCredentials] in scope Flow with name 'credentials' [java] DEBUG [2009-10-19 18:45:18,943] [http--8080-12$2548297] AuthenticationViaFormAction - Creating new form errors for object with name 'credentials' [java] DEBUG [2009-10-19 18:45:18,974] [http--8080-12$2548297] AuthenticationViaFormAction - No property editor registrar set, no custom editors to register [java] DEBUG [2009-10-19 18:45:18,974] [http--8080-12$2548297] AuthenticationViaFormAction - Putting form errors instance in scope Flash [java] DEBUG [2009-10-19 18:45:18,974] [http--8080-12$2548297] AuthenticationViaFormAction - Action 'AuthenticationViaFormAction' completed execution; result is 'success' [java] DEBUG [2009-10-19 18:45:18,974] [http--8080-12$2548297] AuthenticationViaFormAction - Action 'AuthenticationViaFormAction' beginning execution [java] DEBUG [2009-10-19 18:45:18,974] [http--8080-12$2548297] AuthenticationViaFormAction - Action 'AuthenticationViaFormAction' completed execution; result is 'success' [java] DEBUG [2009-10-19 18:45:21,283] [http--8080-12$31690392] InitialFlowSetupAction - Action 'InitialFlowSetupAction' beginning execution [java] DEBUG [2009-10-19 18:45:21,283] [http--8080-12$31690392] CasArgumentExtractor - Extractor generated service for: http://localhost:8081/secured/account/editAccount.htm [java] DEBUG [2009-10-19 18:45:21,283] [http--8080-12$31690392] InitialFlowSetupAction - Placing service in FlowScope: http://localhost:8081/secured/account/editAccount.htm [java] DEBUG [2009-10-19 18:45:21,283] [http--8080-12$31690392] InitialFlowSetupAction - Action 'InitialFlowSetupAction' completed execution; result is 'success' [java] DEBUG [2009-10-19 18:45:21,283] [http--8080-12$31690392] AuthenticationViaFormAction - Action 'AuthenticationViaFormAction' beginning execution [java] DEBUG [2009-10-19 18:45:21,283] [http--8080-12$31690392] AuthenticationViaFormAction - Executing setupForm [java] DEBUG [2009-10-19 18:45:21,283] [http--8080-12$31690392] AuthenticationViaFormAction - Creating new form object with name 'credentials' [java] DEBUG [2009-10-19 18:45:21,283] [http--8080-12$31690392] AuthenticationViaFormAction - Creating new instance of form object class [class org.jasig.cas.authentication.principal.UsernamePasswordCredentials] [java] DEBUG [2009-10-19 18:45:21,283] [http--8080-12$31690392] AuthenticationViaFormAction - Putting form object of type [class org.jasig.cas.authentication.principal.UsernamePasswordCredentials] in scope Flow with name 'credentials' [java] DEBUG [2009-10-19 18:45:21,283] [http--8080-12$31690392] AuthenticationViaFormAction - Creating new form errors for object with name 'credentials' [java] DEBUG [2009-10-19 18:45:21,283] [http--8080-12$31690392] AuthenticationViaFormAction - No property editor registrar set, no custom editors to register [java] DEBUG [2009-10-19 18:45:21,283] [http--8080-12$31690392] AuthenticationViaFormAction - Putting form errors instance in scope Flash [java] DEBUG [2009-10-19 18:45:21,283] [http--8080-12$31690392] AuthenticationViaFormAction - Action 'AuthenticationViaFormAction' completed execution; result is 'success' [java] DEBUG [2009-10-19 18:45:21,314] [http--8080-12$31690392] AuthenticationViaFormAction - Action 'AuthenticationViaFormAction' beginning execution [java] DEBUG [2009-10-19 18:45:21,314] [http--8080-12$31690392] AuthenticationViaFormAction - Action 'AuthenticationViaFormAction' completed execution; result is 'success' <<< -- You are currently subscribed to [hidden email] as: [hidden email] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user |
||||||||||||||||
| Free Embeddable Forum Powered by Nabble | Help |
