I've already tried that but I get this error: INFO: 2014-04-03 17:04:22,357 DEBUG [org.jasig.cas.client.validation.Cas20ServiceTicketValidator] - <Constructing validation url: https://localhost:8181/cas/serviceValidate?pgtUrl=https%3A%2F%2Flocalhost%3A8181%2FWebAppB%2FproxyReceptor.xhtml%3Fclient_name%3DStubCasClient&ticket=ST-5-Kcl31pUVEJthDUaLRuyc-cas01.example.org&service=https%3A%2F%2Flocalhost%3A8181%2FWebAppB%2Fshiro-cas%3Fclient_name%3DStubCasClient> INFO: 2014-04-03 17:04:22,358 DEBUG [org.jasig.cas.client.validation.Cas20ServiceTicketValidator] - <Retrieving response from server.> INFO: 2014-04-03 17:04:22,372 DEBUG [org.jasig.cas.web.support.CasArgumentExtractor] - <Extractor generated service for: https://localhost:8181/WebAppB/shiro-cas?client_name=StubCasClient> INFO: 2014-04-03 17:04:22,374 DEBUG [org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler] - <Attempting to resolve credentials for [callbackUrl: https://localhost:8181/WebAppB/proxyReceptor.xhtml?client_name=StubCasClient]> INFO: StubClientFilter getClientNameParameter: client_name INFO: 2 INFO: StubClientFilter Client name: StubCasClient INFO: StubClientFilter Client name: CasProxyReceptor INFO: StubClientFilter findClient name: StubCasClient INFO: StubCasClient name: StubCasClient INFO: StubCasClient SERVICE_TICKET_PARAMETER:null WARNING: StandardWrapperValve[Faces Servlet]: Servlet.service() for servlet Faces Servlet threw exception org.pac4j.core.exception.CredentialsException: No ticket or logout request at org.pac4j.cas.client.CasClient.retrieveCredentials(CasClient.java:217) at pt.ptsi.dgo.test.webappb.controller.util.StubCasClient.retrieveCredentials(StubCasClient.java:30) at pt.ptsi.dgo.test.webappb.controller.util.StubCasClient.retrieveCredentials(StubCasClient.java:21) at org.pac4j.core.client.BaseClient.getCredentials(BaseClient.java:134) at io.buji.pac4j.ClientFilter.createToken(ClientFilter.java:72) at pt.ptsi.dgo.test.webappb.controller.util.StubClientFilter.createToken(StubClientFilter.java:45) at io.buji.pac4j.ClientFilter.onAccessDenied(ClientFilter.java:89) at org.apache.shiro.web.filter.AccessControlFilter.onAccessDenied(AccessControlFilter.java:133) at org.apache.shiro.web.filter.AccessControlFilter.onPreHandle(AccessControlFilter.java:162) at org.apache.shiro.web.filter.PathMatchingFilter.isFilterChainContinued(PathMatchingFilter.java:203) at org.apache.shiro.web.filter.PathMatchingFilter.preHandle(PathMatchingFilter.java:178) at org.apache.shiro.web.servlet.AdviceFilter.doFilterInternal(AdviceFilter.java:131) at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125) at org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:66) at org.apache.shiro.web.servlet.AbstractShiroFilter.executeChain(AbstractShiroFilter.java:449) at org.apache.shiro.web.servlet.AbstractShiroFilter$1.call(AbstractShiroFilter.java:365) at org.apache.shiro.subject.support.SubjectCallable.doCall(SubjectCallable.java:90) at org.apache.shiro.subject.support.SubjectCallable.call(SubjectCallable.java:83) at org.apache.shiro.subject.support.DelegatingSubject.execute(DelegatingSubject.java:383) at org.apache.shiro.web.servlet.AbstractShiroFilter.doFilterInternal(AbstractShiroFilter.java:362) at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:256) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214) at org.jasig.cas.client.session.SingleSignOutFilter.doFilter(SingleSignOutFilter.java:76) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:256) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:316) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:160) at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:734) at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:673) at com.sun.enterprise.web.WebPipeline.invoke(WebPipeline.java:99) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:174) at org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:357) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:260) at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:188) at org.glassfish.grizzly.http.server.HttpHandler.runService(HttpHandler.java:191) at org.glassfish.grizzly.http.server.HttpHandler.doHandle(HttpHandler.java:168) at org.glassfish.grizzly.http.server.HttpServerFilter.handleRead(HttpServerFilter.java:189) at org.glassfish.grizzly.filterchain.ExecutorResolver$9.execute(ExecutorResolver.java:119) at org.glassfish.grizzly.filterchain.DefaultFilterChain.executeFilter(DefaultFilterChain.java:288) at org.glassfish.grizzly.filterchain.DefaultFilterChain.executeChainPart(DefaultFilterChain.java:206) at org.glassfish.grizzly.filterchain.DefaultFilterChain.execute(DefaultFilterChain.java:136) at org.glassfish.grizzly.filterchain.DefaultFilterChain.process(DefaultFilterChain.java:114) at org.glassfish.grizzly.ProcessorExecutor.execute(ProcessorExecutor.java:77) at org.glassfish.grizzly.nio.transport.TCPNIOTransport.fireIOEvent(TCPNIOTransport.java:838) at org.glassfish.grizzly.strategies.AbstractIOStrategy.fireIOEvent(AbstractIOStrategy.java:113) at org.glassfish.grizzly.strategies.WorkerThreadIOStrategy.run0(WorkerThreadIOStrategy.java:115) at org.glassfish.grizzly.strategies.WorkerThreadIOStrategy.access$100(WorkerThreadIOStrategy.java:55) at org.glassfish.grizzly.strategies.WorkerThreadIOStrategy$WorkerThreadRunnable.run(WorkerThreadIOStrategy.java:135) at org.glassfish.grizzly.threadpool.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:564) at org.glassfish.grizzly.threadpool.AbstractThreadPool$Worker.run(AbstractThreadPool.java:544) at java.lang.Thread.run(Thread.java:744)
INFO: 2014-04-03 17:04:22,388 ERROR [org.pac4j.cas.client.CasClient] - <No ticket or logout request> INFO: 2014-04-03 17:04:22,392 DEBUG [org.jasig.cas.util.HttpClient] - <Response Code did not match any of the acceptable response codes. Code returned was 500> I extended the CasClient and the ClientFilter trying to further debug what is happening and it looks like it cannot get the service ticket for the proxyReceptor URL. I've uploaded the POC projects I'm using to CAS_proxy_POC.zip <http://shiro-user.582556.n2.nabble.com/file/n7579864/CAS_proxy_POC.zip> -- View this message in context: http://shiro-user.582556.n2.nabble.com/SSO-between-Webapp-and-REST-API-using-apache-shiro-tp7579861p7579864.html Sent from the Shiro User mailing list archive at Nabble.com.
