shiro-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Gianluca Tessarolo <giates2...@gmail.com>
Subject shiro-cas always redirect to error page
Date Sun, 26 Jan 2014 18:31:17 GMT
Hi,

I've successfully installed CAS server (Jasig) running on tomcat 7 on port
8443 (ssl support, context name: cas-server-webapp-3.5.2) and I've an
application running on the same server on a glassfish application server on
port 8080 (context:name LDAPClient1 notice that LDAP is only a typo and I
don't want to access an LDAP...).

I've configured shiro.ini with the following parameters:

[main]
casFilter = org.apache.shiro.cas.CasFilter
casFilter.failureUrl = /error.xhtml
casRealm = org.apache.shiro.cas.CasRealm
casRealm.defaultRoles = ROLE_USER
casRealm.casServerUrlPrefix =
https://192.168.0.200:8443/cas-server-webapp-3.5.2
casRealm.casService = http://192.168.0.200:8080/LDAPClient1/shiro-cas
casRealm.validationProtocol = SAML
casSubjectFactory = org.apache.shiro.cas.CasSubjectFactory
securityManager.subjectFactory = $casSubjectFactory
roles.loginUrl =
https://192.168.0.200:8443/cas-server-webapp-3.5.2/login?service=http://192.168.0.200:8080/LDAPClient1/shiro-cas

[urls]
/shiro-cas = casFilter
/protected/** = roles[ROLE_USER]
/logout = logout
/** = anon

Cas server (jasig) is configured with default installation parameters so
it's using SimpleTestUsernamePasswordAuthenticationHandler.

When I run my app and try to access a protected resource shiro-cas
successfully redirects me on cas login page, I enter username and password
(the same as username) and cas redirects me always on the error page (I
don't understand why...).

I've tried to enable debug on log4j.properties and what I see is this:

Informazioni: CAS SHIRO DEMO APP 2014/01/26 19:07:00,704 DEBUG
[http-thread-pool-8080(2)]
org.jasig.cas.client.validation.Saml11TicketValidator - Placing URL
parameters in map.

Informazioni: CAS SHIRO DEMO APP 2014/01/26 19:07:00,705 DEBUG
[http-thread-pool-8080(2)]
org.jasig.cas.client.validation.Saml11TicketValidator - Calling template URL
attribute map.

Informazioni: CAS SHIRO DEMO APP 2014/01/26 19:07:00,705 DEBUG
[http-thread-pool-8080(2)]
org.jasig.cas.client.validation.Saml11TicketValidator - Loading custom
parameters from configuration.

Informazioni: CAS SHIRO DEMO APP 2014/01/26 19:07:00,705 DEBUG
[http-thread-pool-8080(2)]
org.jasig.cas.client.validation.Saml11TicketValidator - Constructing
validation url:
https://192.168.0.200:8443/cas-server-webapp-3.5.2/samlValidate?TARGET=http%3A%2F%2F192.168.0.200%3A8080%2FLDAPClient1%2Fshiro-cas

Informazioni: CAS SHIRO DEMO APP 2014/01/26 19:07:00,705 DEBUG
[http-thread-pool-8080(2)]
org.jasig.cas.client.validation.Saml11TicketValidator - Retrieving response
from server.

Informazioni: CAS SHIRO DEMO APP 2014/01/26 19:07:00,744 DEBUG
[http-thread-pool-8080(2)] org.apache.shiro.web.servlet.SimpleCookie - Added
HttpServletResponse Cookie [rememberMe=deleteMe; Path=/LDAPClient1;
Max-Age=0; Expires=Sat, 25-Jan-2014 18:07:00 GMT]

Strangely it puts a cooky that is already expired, the test was done on
26-Jan-2014 not 25-Jan-2014 !

I can't understand what is the problem, can you help me ?

Many thanks in advance...



--
View this message in context: http://shiro-user.582556.n2.nabble.com/shiro-cas-always-redirect-to-error-page-tp7579563.html
Sent from the Shiro User mailing list archive at Nabble.com.

Mime
View raw message