Sagar,
I thought spring security provided everything, all you have to do is add some
config.
Do you need this SSOController?
Maybe look at the spring documentation to see how they suggest configuration.
Ray
On Thu, 2020-11-05 at 08:54 -0600, sagar ghimire wrote:
Notice: This message was sent from outside the University of Victoria email
system. Please be cautious with links and sensitive information.
Hello Ray,
I have turned on the logging for my application and this is what i got.
The token is
org.springframework.security.authentication.AnonymousAuthenticationToken@5367e0b6:
Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true;
Details:
org.springframework.security.web.authentication.WebAuthenticationDetails@1de6:
RemoteIpAddress: 10.2.101.208; SessionId: null; Granted Authorities:
ROLE_ANONYMOUS
2020-11-05 08:42:10.167 ERROR 21715 --- [nio-8443-exec-4]
o.s.b.w.servlet.support.ErrorPageFilter : Cannot forward to error page for
request [/] as the response has already been committed. As a result, the
response may have the wrong status code. If your application is running on
WebSphere Application Server you may be able to resolve this problem by setting
com.ibm.ws.webcontainer.invokeFlushAfterService to false
It looks like I am getting logged in but getting rendered to error page for
some reason.
This is my controller looks like.
package
com.mynw.sso.Controller
;
import
com.mynw.sso.CASConfig
;
import
org.jasig.cas.client.authentication.AttributePrincipal
;
import
org.jasig.cas.client.validation.Assertion
;
import
org.springframework.security.authentication.AnonymousAuthenticationToken
;
import
org.springframework.security.cas.authentication.CasAuthenticationToken
;
import
org.springframework.security.core.context.SecurityContext
;
import
org.springframework.security.core.context.SecurityContextHolder
;
import
org.springframework.stereotype.
Controller
;
import
org.springframework.ui.Model
;
import
org.springframework.web.bind.annotation.
GetMapping
;
import
java.sql.SQLOutput
;
import
java.util.logging.Logger
;
@Controller
public class
SSOController {
@GetMapping
(
"/"
)
public
String
index
(Model model){
SecurityContext ctx= SecurityContextHolder.
getContext
()
;
AnonymousAuthenticationToken aat = (AnonymousAuthenticationToken)
ctx.getAuthentication()
;
System.
out
.println(
"The token is "
+ aat)
;
model.addAttribute(
"UserName"
,
aat.toString())
;
return
"index"
;
}
}
Thanks
Sagar
On Wed, Nov 4, 2020 at 4:07 PM Ray Bon <[email protected]<mailto:[email protected]>>
wrote:
Sagar,
Turn up logging in spring. Try to figure out what token is.
Ray
On Wed, 2020-11-04 at 14:11 -0600, sagar ghimire wrote:
Notice: This message was sent from outside the University of Victoria email
system. Please be cautious with links and sensitive information.
Roy,
I have attached the image before the red line one. Also I was looking at the
server logs and found :
2020-11-04 12:16:05.770 ERROR 13281 --- [nio-8443-exec-4]
o.s.b.w.servlet.support.ErrorPageFilter : Forwarding to error page from
request [/] due to exception
[org.springframework.security.authentication.AnonymousAuthenticationToken
cannot be cast to
org.springframework.security.cas.authentication.CasAuthenticationToken]
java.lang.ClassCastException:
org.springframework.security.authentication.AnonymousAuthenticationToken cannot
be cast to
org.springframework.security.cas.authentication.CasAuthenticationToken
It looks like token casting is the problem that I have been encountering. Any
suggestions?
Thank you
Sagar
On Wed, Nov 4, 2020 at 12:57 PM Ray Bon <[email protected]<mailto:[email protected]>>
wrote:
Sagar,
The ST handler must be publicly accessible. If
inb9fnhr.nwmissouri.edu:8443/MyNWSSO/<http://inb9fnhr.nwmissouri.edu:8443/MyNWSSO/>
takes you to cas login, it will not be able to receive the ST, but redirect to
cas for login in an endless loop.
What is happening on the line above the red one in the image?
Ray
On Wed, 2020-11-04 at 12:33 -0600, sagar ghimire wrote:
Notice: This message was sent from outside the University of Victoria email
system. Please be cautious with links and sensitive information.
Hello Ray,
I have configured my Spring Boot App but I think the problem is when the CAS
redirect to my webapp with Service Ticket my web app is not revalidating the
ticket to CAS server again. The reference that I have taken for this webapp is
from
https://medium.com/@venkateshpnk22/single-sign-on-in-cas-client-setup-with-spring-security-b51a7e70294d
Also I have attached the error when I hit the
inb9fnhr.nwmissouri.edu:8443/MyNWSSO/<http://inb9fnhr.nwmissouri.edu:8443/MyNWSSO/>
it render to sign in and after sign in I got 404.
Thanks
Sagar Ghimire
Software Developer
Northwest Missouri State University
On Wed, Nov 4, 2020 at 12:26 PM Ray Bon <[email protected]<mailto:[email protected]>>
wrote:
Sagar,
What happens when you browse directly to
inb9fnhr.nwmissouri.edu:8443/MyNWSSO/<http://inb9fnhr.nwmissouri.edu:8443/MyNWSSO/>
This sounds like a problem with your application configuration and not cas. Or
are you asking how to configure your cas client?
Ray
On Wed, 2020-11-04 at 09:56 -0800, sagar ghimire wrote:
Notice: This message was sent from outside the University of Victoria email
system. Please be cautious with links and sensitive information.
Hello,
I have configured CAS in my Spring boot app and when I log in it render to 404
not found with the Service Ticket.
Attached is the error image that i got.
[X]
Thanks
Sagar
--
Ray Bon
Programmer Analyst
Development Services, University Systems
2507218831 | CLE 019 | [email protected]<mailto:[email protected]>
I respectfully acknowledge that my place of work is located within the
ancestral, traditional and unceded territory of the Songhees, Esquimalt and
WSÁNEĆ Nations.
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected]<mailto:[email protected]>.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/05f195cffc9329228b4705f81da7e13f4037c9e8.camel%40uvic.ca<https://groups.google.com/a/apereo.org/d/msgid/cas-user/05f195cffc9329228b4705f81da7e13f4037c9e8.camel%40uvic.ca?utm_medium=email&utm_source=footer>.
--
Ray Bon
Programmer Analyst
Development Services, University Systems
2507218831 | CLE 019 | [email protected]<mailto:[email protected]>
I respectfully acknowledge that my place of work is located within the
ancestral, traditional and unceded territory of the Songhees, Esquimalt and
WSÁNEĆ Nations.
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected]<mailto:[email protected]>.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/e563cb5582248e3b61299aaf01998f5ad03367e9.camel%40uvic.ca<https://groups.google.com/a/apereo.org/d/msgid/cas-user/e563cb5582248e3b61299aaf01998f5ad03367e9.camel%40uvic.ca?utm_medium=email&utm_source=footer>.
--
Ray Bon
Programmer Analyst
Development Services, University Systems
2507218831 | CLE 019 | [email protected]<mailto:[email protected]>
I respectfully acknowledge that my place of work is located within the
ancestral, traditional and unceded territory of the Songhees, Esquimalt and
WSÁNEĆ Nations.
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected]<mailto:[email protected]>.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/07f16efd28acdce013b788b077df0565efd9c4df.camel%40uvic.ca<https://groups.google.com/a/apereo.org/d/msgid/cas-user/07f16efd28acdce013b788b077df0565efd9c4df.camel%40uvic.ca?utm_medium=email&utm_source=footer>.
--
Ray Bon
Programmer Analyst
Development Services, University Systems
2507218831 | CLE 019 | [email protected]<mailto:[email protected]>
I respectfully acknowledge that my place of work is located within the
ancestral, traditional and unceded territory of the Songhees, Esquimalt and
WSÁNEĆ Nations.
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/6798adce6b2ccbf9fc5cd8a6b57390b19e1adbaf.camel%40uvic.ca.
