Contacts Cas app. not getting redirected to cas server login page

deployerConfigContext.xml of cas server

Code:

---

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE beans PUBLIC  "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
<beans>
        <bean id="authenticationManager"
                class="org.jasig.cas.authentication.AuthenticationManagerImpl">
                <property name="credentialsToPrincipalResolvers">
                        <list>
                                <bean
                                        class="org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver" />
                                <bean
                                        class="org.jasig.cas.authentication.principal.HttpBasedServiceCredentialsToPrincipalResolver" />
                        </list>
                </property>
                <property name="authenticationHandlers">
                        <list>
                                <bean class="org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler" />
                                <bean class="org.acegisecurity.adapters.cas3.CasAuthenticationHandler">
                                        <property name="authenticationManager" ref="acegiAuthenticationManager" /> 
                                </bean>
                               
                        </list>
                </property>
        </bean>
       
        <bean id="inMemoryDaoImpl" class="org.acegisecurity.userdetails.memory.InMemoryDaoImpl">
                          <property name="userMap">
                                <value>
                                        marissa=koala,ROLES_IGNORED_BY_CAS
                                        dianne=emu,ROLES_IGNORED_BY_CAS
                                        scott=wombat,ROLES_IGNORED_BY_CAS
                                        peter=opal,disabled,ROLES_IGNORED_BY_CAS
                                </value>
                        </property>
        </bean>
       
        <bean id="daoAuthenticationProvider" class="org.acegisecurity.providers.dao.DaoAuthenticationProvider">
                    <property name="userDetailsService"><ref bean="inMemoryDaoImpl"/></property>
        </bean>
       
        <bean id="acegiAuthenticationManager" class="org.acegisecurity.providers.ProviderManager">
            <property name="providers">
                <list>             
                    <ref bean="daoAuthenticationProvider"/>
                </list>
            </property>
        </bean>
</beans>

---

applicationContext-acegi-security.xml

Code:

---

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">

<!--
  - Application context containing authentication, channel
  - security and web URI beans.
  -
  - Only used by "cas" artifact.
  -
  - $Id: applicationContext-acegi-security.xml 1409 2006-04-26 23:36:03Z benalex $
  -->

<beans>

  <!-- ======================== FILTER CHAIN ======================= -->

        <bean id="filterChainProxy" class="org.acegisecurity.util.FilterChainProxy">
      <property name="filterInvocationDefinitionSource">
        <value>
                    CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
                    PATTERN_TYPE_APACHE_ANT
            /**=channelProcessingFilter,httpSessionContextIntegrationFilter,logoutFilter,casProcessingFilter,exceptionTranslationFilter,filterInvocationInterceptor
        </value>
      </property>
    </bean>

  <!-- ======================== AUTHENTICATION ======================= -->

  <bean id="authenticationManager" class="org.acegisecurity.providers.ProviderManager">
      <property name="providers">
        <list>
                    <ref local="casAuthenticationProvider"/>
        </list>
      </property>
  </bean>

  <bean id="inMemoryDaoImpl" class="org.acegisecurity.userdetails.memory.InMemoryDaoImpl">
        <property name="userMap">
                <value>
                        marissa=koala,ROLES_IGNORED_BY_CAS
                        dianne=emu,ROLES_IGNORED_BY_CAS
                        scott=wombat,ROLES_IGNORED_BY_CAS
                        peter=opal,disabled,ROLES_IGNORED_BY_CAS
                </value>
        </property>
  </bean>
 
  <bean id="httpSessionContextIntegrationFilter" class="org.acegisecurity.context.HttpSessionContextIntegrationFilter">
  </bean>

        <bean id="casAuthenticationProvider" class="org.acegisecurity.providers.cas.CasAuthenticationProvider">
                <property name="casAuthoritiesPopulator"><ref local="casAuthoritiesPopulator"/></property>
                <property name="casProxyDecider"><ref local="casProxyDecider"/></property>
                <property name="ticketValidator"><ref local="casProxyTicketValidator"/></property>
                <property name="statelessTicketCache"><ref local="statelessTicketCache"/></property>
                <property name="key"><value>password</value></property>
        </bean>

        <bean id="casProxyTicketValidator" class="org.acegisecurity.providers.cas.ticketvalidator.CasProxyTicketValidator">
                <property name="casValidate"><value>http://localhost:8090/cas/proxyValidate</value></property>
                <!--<property name="proxyCallbackUrl"><value>https://localhost:8443/contacts-cas/casProxy/receptor</value></property>-->
                <property name="serviceProperties"><ref local="serviceProperties"/></property>
        <!-- <property name="trustStore"><value>/some/path/to/your/lib/security/cacerts</value></property> -->
        </bean>

    <bean id="cacheManager" class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean"/>
   
    <bean id="ticketCacheBackend" class="org.springframework.cache.ehcache.EhCacheFactoryBean">
      <property name="cacheManager">
          <ref local="cacheManager"/>
      </property>
      <property name="cacheName">
          <value>ticketCache</value>
      </property>
    </bean>
 
        <bean id="statelessTicketCache" class="org.acegisecurity.providers.cas.cache.EhCacheBasedTicketCache">
      <property name="cache"><ref local="ticketCacheBackend"/></property>
        </bean>

        <bean id="casAuthoritiesPopulator" class="org.acegisecurity.providers.cas.populator.DaoCasAuthoritiesPopulator">
                <property name="userDetailsService"><ref bean="inMemoryDaoImpl"/></property>
        </bean>

        <bean id="casProxyDecider" class="org.acegisecurity.providers.cas.proxy.RejectProxyTickets">
        </bean>

        <bean id="serviceProperties" class="org.acegisecurity.ui.cas.ServiceProperties">
                <property name="service"><value>http://localhost:8090/concas/j_acegi_cas_security_check</value></property>
                <property name="sendRenew"><value>false</value></property>
        </bean>

        <!-- note logout has little impact, due to CAS reauthentication functionality (it will cause a refresh of the authentication though) -->
  <bean id="logoutFilter" class="org.acegisecurity.ui.logout.LogoutFilter">
      <constructor-arg value="/index.jsp"/> <!-- URL redirected to after logout -->
      <constructor-arg>
        <list>
              <bean class="org.acegisecurity.ui.logout.SecurityContextLogoutHandler"/>
        </list>
      </constructor-arg>
  </bean>


        <!-- ===================== HTTP CHANNEL REQUIREMENTS ==================== -->
       
        <!-- Enabled by default for CAS, as a CAS deployment uses HTTPS -->
        <bean id="channelProcessingFilter" class="org.acegisecurity.securechannel.ChannelProcessingFilter">
                <property name="channelDecisionManager"><ref local="channelDecisionManager"/></property>
                <property name="filterInvocationDefinitionSource">
                        <value>
                            CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
                                \A/secure/.*\Z=REQUIRES_SECURE_CHANNEL
                                \A/j_acegi_cas_security_check.*\Z=REQUIRES_SECURE_CHANNEL       
                                \A.*\Z=REQUIRES_INSECURE_CHANNEL
                        </value>
                </property>
        </bean>

        <bean id="channelDecisionManager" class="org.acegisecurity.securechannel.ChannelDecisionManagerImpl">
            <property name="channelProcessors">
                      <list>
                        <ref local="secureChannelProcessor"/>
                        <ref local="insecureChannelProcessor"/>
                    </list>
            </property>
        </bean>

        <bean id="secureChannelProcessor" class="org.acegisecurity.securechannel.SecureChannelProcessor"/>
        <bean id="insecureChannelProcessor" class="org.acegisecurity.securechannel.InsecureChannelProcessor"/>

        <!-- ===================== HTTP REQUEST SECURITY ==================== -->

        <bean id="exceptionTranslationFilter" class="org.acegisecurity.ui.ExceptionTranslationFilter">
            <property name="authenticationEntryPoint"><ref local="casProcessingFilterEntryPoint"/></property>               
        </bean>

        <bean id="casProcessingFilter" class="org.acegisecurity.ui.cas.CasProcessingFilter">
                <property name="authenticationManager"><ref local="authenticationManager"/></property>
                <property name="authenticationFailureUrl"><value>/casfailed.jsp</value></property>
                <property name="defaultTargetUrl"><value>/</value></property>
                <property name="filterProcessesUrl"><value>/j_acegi_cas_security_check</value></property>
        </bean>

        <bean id="casProcessingFilterEntryPoint" class="org.acegisecurity.ui.cas.CasProcessingFilterEntryPoint">
                <property name="loginUrl"><value>http://localhost:8090/cas/login</value></property>
                <property name="serviceProperties"><ref local="serviceProperties"/></property>
        </bean>

        <bean id="httpRequestAccessDecisionManager" class="org.acegisecurity.vote.AffirmativeBased">
                  <property name="allowIfAllAbstainDecisions"><value>false</value></property>
                <property name="decisionVoters">
                  <list>
                    <ref bean="roleVoter"/>
                  </list>
                </property>
        </bean>

        <!-- Note the order that entries are placed against the objectDefinitionSource is critical.
            The FilterSecurityInterceptor will work from the top of the list down to the FIRST pattern that matches the request URL.
            Accordingly, you should place MOST SPECIFIC (ie a/b/c/d.*) expressions first, with LEAST SPECIFIC (ie a/.*) expressions last -->
        <bean id="filterInvocationInterceptor" class="org.acegisecurity.intercept.web.FilterSecurityInterceptor">
            <property name="authenticationManager"><ref local="authenticationManager"/></property>
            <property name="accessDecisionManager"><ref local="httpRequestAccessDecisionManager"/></property>
                <property name="objectDefinitionSource">
                        <value>
                            CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
                                \A/secure/super.*\Z=ROLE_WE_DONT_HAVE
                                \A/secure/.*\Z=ROLE_SUPERVISOR,ROLE_TELLER
                        </value>
                </property>
        </bean>
       
        <!-- BASIC Regular Expression Syntax (for beginners):
           
            \A means the start of the string (ie the beginning of the URL)
            \Z means the end of the string (ie the end of the URL)
            .  means any single character
            *  means null or any number of repetitions of the last expression (so .* means zero or more characters)
           
            Some examples:
           
            Expression:  \A/my/directory/.*\Z
            Would match:    /my/directory/
                            /my/directory/hello.html
           
            Expression:  \A/.*\Z
            Would match:    /hello.html
                            /
           
            Expression:  \A/.*/secret.html\Z
            Would match:    /some/directory/secret.html
                            /another/secret.html
            Not match:      /anothersecret.html (missing required /)
        -->

</beans>

---

Log

Code:

---

Feb 27, 2007 10:23:50 AM org.apache.catalina.core.AprLifecycleListener lifecycleEvent
INFO: The Apache Portable Runtime which allows optimal performance in production environments was not found on the java.library.path: C:\Program Files\Java\jre1.5.0_11\bin;.;C:\WINDOWS\system32;C:\WINDOWS;C:\Perl\bin\;C:\oraclexe\app\oracle\product\10.2.0\server\bin;C:\Program Files\ThinkPad\Utilities;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\Intel\Wireless\Bin\;C:\Program Files\ThinkPad\ConnectUtilities;C:\Program Files\ATI Technologies\ATI.ACE\;C:\Program Files\Microsoft SQL Server\80\Tools\BINN;C:\apache-ant-1.6.5\bin;C:\Program Files\Perforce;C:\Program Files\Apache Software Foundation\Maven 1.0.2\bin\;;C:\Program Files\Subversion\bin;C:\Program Files\Subversion\bin;
Feb 27, 2007 10:23:50 AM org.apache.coyote.http11.Http11BaseProtocol init
INFO: Initializing Coyote HTTP/1.1 on http-8090
Feb 27, 2007 10:23:51 AM org.apache.coyote.http11.Http11BaseProtocol init
INFO: Initializing Coyote HTTP/1.1 on http-8443
Feb 27, 2007 10:23:51 AM org.apache.catalina.startup.Catalina load
INFO: Initialization processed in 1218 ms
Feb 27, 2007 10:23:51 AM org.apache.catalina.core.StandardService start
INFO: Starting service Catalina
Feb 27, 2007 10:23:51 AM org.apache.catalina.core.StandardEngine start
INFO: Starting Servlet Engine: Apache Tomcat/5.5.12
Feb 27, 2007 10:23:51 AM org.apache.catalina.core.StandardHost start
INFO: XML validation disabled
Feb 27, 2007 10:23:51 AM org.apache.catalina.startup.HostConfig deployWAR
INFO: Deploying web application archive cas.war
2007-02-27 10:23:58,909 INFO [org.jasig.cas.web.flow.AuthenticationViaFormAction] - <FormObjectClass not set.  Using default class of org.jasig.cas.authentication.principal.UsernamePasswordCredentials with formObjectName credentials and validator org.jasig.cas.validation.UsernamePasswordCredentialsValidator.>
2007-02-27 10:23:59,096 INFO [org.jasig.cas.web.ServiceValidateController] - <No successView specified.  Using default of casServiceSuccessView>
2007-02-27 10:23:59,096 INFO [org.jasig.cas.web.ServiceValidateController] - <No failureView specified.  Using default of casServiceFailureView>
2007-02-27 10:23:59,096 INFO [org.jasig.cas.ticket.proxy.support.Cas20ProxyHandler] - <No UniqueTicketIdGenerator specified for org.jasig.cas.ticket.proxy.support.Cas20ProxyHandler.  Using org.jasig.cas.util.DefaultUniqueTicketIdGenerator>
2007-02-27 10:23:59,096 INFO [org.jasig.cas.web.ServiceValidateController] - <No proxyHandler specified.  Defaulting to org.jasig.cas.ticket.proxy.support.Cas20ProxyHandler>
2007-02-27 10:23:59,127 INFO [org.jasig.cas.web.ServiceValidateController] - <No authentication specification class set.  Defaulting to org.jasig.cas.validation.Cas20ProtocolValidationSpecification>
2007-02-27 10:23:59,127 INFO [org.jasig.cas.web.ServiceValidateController] - <No successView specified.  Using default of casServiceSuccessView>
2007-02-27 10:23:59,127 INFO [org.jasig.cas.web.ServiceValidateController] - <No failureView specified.  Using default of casServiceFailureView>
2007-02-27 10:23:59,127 INFO [org.jasig.cas.ticket.proxy.support.Cas20ProxyHandler] - <No UniqueTicketIdGenerator specified for org.jasig.cas.ticket.proxy.support.Cas20ProxyHandler.  Using org.jasig.cas.util.DefaultUniqueTicketIdGenerator>
2007-02-27 10:23:59,127 INFO [org.jasig.cas.web.ServiceValidateController] - <No proxyHandler specified.  Defaulting to org.jasig.cas.ticket.proxy.support.Cas20ProxyHandler>
[WARN,Configurator,main] No configuration found. Configuring ehcache from ehcache-failsafe.xml found in the classpath: jar:file:/C:/Program%20Files/Apache%20Software%20Foundation/Tomcat%205.5/webapps/concas/WEB-INF/lib/ehcache-1.1.jar!/ehcache-failsafe.xml
[DEBUG,ContactDaoSpring$ContactInsert,main] RdbmsOperation with SQL [INSERT INTO contacts VALUES (?, ?, ?)] compiled
[DEBUG,ContactDaoSpring$ContactInsert,main] RdbmsOperation with SQL [INSERT INTO contacts VALUES (?, ?, ?)] compiled
[DEBUG,ContactDaoSpring$ContactUpdate,main] RdbmsOperation with SQL [UPDATE contacts SET contact_name = ?, address = ? WHERE id = ?] compiled
[DEBUG,ContactDaoSpring$ContactUpdate,main] RdbmsOperation with SQL [UPDATE contacts SET contact_name = ?, address = ? WHERE id = ?] compiled
[DEBUG,ContactDaoSpring$ContactDelete,main] RdbmsOperation with SQL [DELETE FROM contacts WHERE id = ?] compiled
[DEBUG,ContactDaoSpring$ContactDelete,main] RdbmsOperation with SQL [DELETE FROM contacts WHERE id = ?] compiled
[DEBUG,ContactDaoSpring$ContactsAllQuery,main] RdbmsOperation with SQL [SELECT id, contact_name, email FROM contacts ORDER BY id] compiled
[DEBUG,ContactDaoSpring$ContactsAllQuery,main] RdbmsOperation with SQL [SELECT id, contact_name, email FROM contacts ORDER BY id] compiled
[DEBUG,ContactDaoSpring$PrincipalsAllQuery,main] RdbmsOperation with SQL [SELECT username FROM users ORDER BY username] compiled
[DEBUG,ContactDaoSpring$PrincipalsAllQuery,main] RdbmsOperation with SQL [SELECT username FROM users ORDER BY username] compiled
[DEBUG,ContactDaoSpring$RolesAllQuery,main] RdbmsOperation with SQL [SELECT DISTINCT authority FROM authorities ORDER BY authority] compiled
[DEBUG,ContactDaoSpring$RolesAllQuery,main] RdbmsOperation with SQL [SELECT DISTINCT authority FROM authorities ORDER BY authority] compiled
[DEBUG,ContactDaoSpring$ContactsByIdQuery,main] RdbmsOperation with SQL [SELECT id, contact_name, email FROM contacts WHERE id = ? ORDER BY id] compiled
[DEBUG,ContactDaoSpring$ContactsByIdQuery,main] RdbmsOperation with SQL [SELECT id, contact_name, email FROM contacts WHERE id = ? ORDER BY id] compiled
Feb 27, 2007 10:24:06 AM org.apache.coyote.http11.Http11BaseProtocol start
INFO: Starting Coyote HTTP/1.1 on http-8090
Feb 27, 2007 10:24:07 AM org.apache.coyote.http11.Http11BaseProtocol start
INFO: Starting Coyote HTTP/1.1 on http-8443
Feb 27, 2007 10:24:07 AM org.apache.jk.common.ChannelSocket init
INFO: JK: ajp13 listening on /0.0.0.0:8009
Feb 27, 2007 10:24:07 AM org.apache.jk.server.JkMain start
INFO: Jk running ID=0 time=0/31  config=null
Feb 27, 2007 10:24:07 AM org.apache.catalina.storeconfig.StoreLoader load
INFO: Find registry server-registry.xml at classpath resource
Feb 27, 2007 10:24:07 AM org.apache.catalina.startup.Catalina start
INFO: Server startup in 16272 ms
2007-02-27 10:24:14,041 INFO [org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] - <Starting cleaning of expired tickets from ticket registry at [Tue Feb 27 10:24:14 EST 2007]>
2007-02-27 10:24:14,041 INFO [org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] - <0 found to be removed.  Removing now.>
2007-02-27 10:24:14,041 INFO [org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] - <Finished cleaning of expired tickets from ticket registry at [Tue Feb 27 10:24:14 EST 2007]>
[DEBUG,ContactManagerBackend,http-8090-Processor25] Returning random contact
[DEBUG,ContactManagerBackend,http-8090-Processor25] Returning random contact
[DEBUG,ContactManagerBackend,http-8090-Processor24] Returning random contact
[DEBUG,ContactManagerBackend,http-8090-Processor24] Returning random contact

---

redirection works if i remove channel processing filter from the filter entry. Well i did try with https in the service properities with channel filter definition before but it was not working. Hence i had to go with http

i could able to login with marissa=koala then i got an exception ACEGI_SECURITY_LAST_EXCEPTION_KEY cannot be resolved to a type

then i got this in the log

Code:

---

2007-02-27 11:09:58,699 DEBUG [org.jasig.cas.web.flow.TicketGrantingTicketExistsAction] - <Action 'org.jasig.cas.web.flow.TicketGrantingTicketExistsAction' beginning execution>
2007-02-27 11:09:58,777 DEBUG [org.jasig.cas.web.flow.TicketGrantingTicketExistsAction] - <Action 'org.jasig.cas.web.flow.TicketGrantingTicketExistsAction' completed execution; result event is [Event@15e8a8f source = org.jasig.cas.web.flow.TicketGrantingTicketExistsAction@1daca94, id = 'noTicketGrantingTicketExists', stateId = [null], parameters = [null]]>
2007-02-27 11:09:58,777 DEBUG [org.jasig.cas.web.flow.GatewayRequestCheckAction] - <Action 'org.jasig.cas.web.flow.GatewayRequestCheckAction' beginning execution>
2007-02-27 11:09:58,777 DEBUG [org.jasig.cas.web.flow.GatewayRequestCheckAction] - <Action 'org.jasig.cas.web.flow.GatewayRequestCheckAction' completed execution; result event is [Event@129efd0 source = org.jasig.cas.web.flow.GatewayRequestCheckAction@3f6843, id = 'authenticationRequired', stateId = [null], parameters = [null]]>
2007-02-27 11:10:54,632 DEBUG [org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Action 'org.jasig.cas.web.flow.AuthenticationViaFormAction' beginning execution>
2007-02-27 11:10:54,632 DEBUG [org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Creating new form object 'credentials'>
2007-02-27 11:10:54,632 DEBUG [org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Creating new form object of class [org.jasig.cas.authentication.principal.UsernamePasswordCredentials]>
2007-02-27 11:10:54,664 DEBUG [org.jasig.cas.web.flow.AuthenticationViaFormAction] - <No property editor registrar set, no custom editors to register>
2007-02-27 11:10:54,664 DEBUG [org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Binding allowed parameters in event: [ServletEvent@1246bec source = org.apache.catalina.connector.RequestFacade@2957a4, id = 'submit', stateId = 'viewLoginForm', parameters = map['password' -> 'koala', 'service' -> 'http://localhost:8090/concas/j_acegi_cas_security_check', 'lt' -> '7C093A5B-50B3-1A9A-4DF2-AC60E70907DA', 'username' -> 'marissa', '_currentStateId' -> 'viewLoginForm', '_eventId' -> 'submit']] to form object with name: 'credentials', prebind-toString: org.jasig.cas.authentication.principal.UsernamePasswordCredentials@5003f6[userName=<null>]>
2007-02-27 11:10:54,664 DEBUG [org.jasig.cas.web.flow.AuthenticationViaFormAction] - <(Any event parameter is allowed)>
2007-02-27 11:10:54,695 DEBUG [org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Binding completed for form object with name: 'credentials', postbind-toString: org.jasig.cas.authentication.principal.UsernamePasswordCredentials@5003f6[userName=marissa]>
2007-02-27 11:10:54,695 DEBUG [org.jasig.cas.web.flow.AuthenticationViaFormAction] - <There are [0] errors, details: []>
2007-02-27 11:10:54,695 DEBUG [org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Invoking validator: org.jasig.cas.validation.UsernamePasswordCredentialsValidator@1b3251d>
2007-02-27 11:10:54,695 DEBUG [org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Validation completed for form object with name: 'credentials'>
2007-02-27 11:10:54,695 DEBUG [org.jasig.cas.web.flow.AuthenticationViaFormAction] - <There are [0] errors, details: []>
2007-02-27 11:10:54,695 DEBUG [org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Action 'org.jasig.cas.web.flow.AuthenticationViaFormAction' completed execution; result event is [Event@1299442 source = org.jasig.cas.web.flow.AuthenticationViaFormAction@c48d24, id = 'success', stateId = [null], parameters = [null]]>
2007-02-27 11:10:54,695 DEBUG [org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Action 'org.jasig.cas.web.flow.AuthenticationViaFormAction' beginning execution>
2007-02-27 11:10:54,695 DEBUG [org.jasig.cas.CentralAuthenticationServiceImpl] - <Attempting to create TicketGrantingTicket for org.jasig.cas.authentication.principal.UsernamePasswordCredentials@5003f6[userName=marissa]>
2007-02-27 11:10:54,695 INFO [org.jasig.cas.authentication.AuthenticationManagerImpl] - <AuthenticationHandler: org.acegisecurity.adapters.cas3.CasAuthenticationHandler successfully authenticated the user.>
2007-02-27 11:10:54,695 DEBUG [org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver] - <Creating SimplePrincipal for [marissa]>
2007-02-27 11:10:54,710 DEBUG [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Added ticket [TGT-2-abqhagtHbBjDgbVlcgSP0csziMm1pyli00Y-50] to registry.>
2007-02-27 11:10:54,710 DEBUG [org.jasig.cas.web.util.SecureCookieGenerator] - <Removed cookie with name [CASPRIVACY]>
2007-02-27 11:10:54,710 DEBUG [org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Action 'org.jasig.cas.web.flow.AuthenticationViaFormAction' completed execution; result event is [Event@1aea0c1 source = org.jasig.cas.web.flow.AuthenticationViaFormAction@c48d24, id = 'success', stateId = [null], parameters = [null]]>
2007-02-27 11:10:54,710 DEBUG [org.jasig.cas.web.flow.SendTicketGrantingTicketAction] - <Action 'org.jasig.cas.web.flow.SendTicketGrantingTicketAction' beginning execution>
2007-02-27 11:10:54,710 DEBUG [org.jasig.cas.web.util.SecureCookieGenerator] - <Added cookie with name [CASTGC] and value [TGT-2-abqhagtHbBjDgbVlcgSP0csziMm1pyli00Y-50]>
2007-02-27 11:10:54,710 DEBUG [org.jasig.cas.web.flow.SendTicketGrantingTicketAction] - <Action 'org.jasig.cas.web.flow.SendTicketGrantingTicketAction' completed execution; result event is [Event@1bbf341 source = org.jasig.cas.web.flow.SendTicketGrantingTicketAction@5f4e03, id = 'success', stateId = [null], parameters = [null]]>
2007-02-27 11:10:54,710 DEBUG [org.jasig.cas.web.flow.HasServiceCheckAction] - <Action 'org.jasig.cas.web.flow.HasServiceCheckAction' beginning execution>
2007-02-27 11:10:54,710 DEBUG [org.jasig.cas.web.flow.HasServiceCheckAction] - <Action 'org.jasig.cas.web.flow.HasServiceCheckAction' completed execution; result event is [Event@fad969 source = org.jasig.cas.web.flow.HasServiceCheckAction@d7ad36, id = 'hasService', stateId = [null], parameters = [null]]>
2007-02-27 11:10:54,710 DEBUG [org.jasig.cas.web.flow.GenerateServiceTicketAction] - <Action 'org.jasig.cas.web.flow.GenerateServiceTicketAction' beginning execution>
2007-02-27 11:10:54,710 DEBUG [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Attempting to retrieve ticket [TGT-2-abqhagtHbBjDgbVlcgSP0csziMm1pyli00Y-50]>
2007-02-27 11:10:54,710 DEBUG [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Ticket [TGT-2-abqhagtHbBjDgbVlcgSP0csziMm1pyli00Y-50] found in registry.>
2007-02-27 11:10:54,710 DEBUG [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Added ticket [ST-2-uJOE7Yi9r1dVXcuANx7l9rRyn7vPoOugIqQ-20] to registry.>
2007-02-27 11:10:54,710 INFO [org.jasig.cas.CentralAuthenticationServiceImpl] - <Granted service ticket [ST-2-uJOE7Yi9r1dVXcuANx7l9rRyn7vPoOugIqQ-20] for service [http://localhost:8090/concas/j_acegi_cas_security_check] for user [marissa]>
2007-02-27 11:10:54,710 DEBUG [org.jasig.cas.web.flow.GenerateServiceTicketAction] - <Action 'org.jasig.cas.web.flow.GenerateServiceTicketAction' completed execution; result event is [Event@1c49094 source = org.jasig.cas.web.flow.GenerateServiceTicketAction@1efe574, id = 'success', stateId = [null], parameters = [null]]>
2007-02-27 11:10:54,710 DEBUG [org.jasig.cas.web.flow.WarnAction] - <Action 'org.jasig.cas.web.flow.WarnAction' beginning execution>
2007-02-27 11:10:54,726 DEBUG [org.jasig.cas.web.flow.WarnAction] - <Action 'org.jasig.cas.web.flow.WarnAction' completed execution; result event is [Event@c12ad8 source = org.jasig.cas.web.flow.WarnAction@1e3f34c, id = 'redirect', stateId = [null], parameters = [null]]>
[ERROR,[jsp],http-8090-Processor23] Servlet.service() for servlet jsp threw exception
org.apache.jasper.JasperException: Unable to compile class for JSP

Generated servlet error:
Only a type can be imported. net.sf.acegisecurity.ui.AbstractProcessingFilter resolves to a package

Generated servlet error:
Only a type can be imported. net.sf.acegisecurity.AuthenticationException resolves to a package

An error occurred at line: 15 in the jsp file: /casfailed.jsp
Generated servlet error:
AuthenticationException cannot be resolved to a type

An error occurred at line: 15 in the jsp file: /casfailed.jsp
Generated servlet error:
AbstractProcessingFilter.ACEGI_SECURITY_LAST_EXCEPTION_KEY cannot be resolved to a type


        at org.apache.jasper.compiler.DefaultErrorHandler.javacError(DefaultErrorHandler.java:84)

---

changed the import package to

<%@ page import="org.acegisecurity.ui.AbstractProcessingFil ter" %>
<%@ page import="org.acegisecurity.AuthenticationException" %>

and also http in applicationContext-acegi* has to changed to https://*.8443

otherwise (addressing to a newbie who is testing contact cas app) after authentication you get,

Login to CAS failed!
Your CAS credentials were rejected.

Reason: only 'https' URLs are valid for this method

the import package in casfailed.jsp was incorrect and i have to change it as in gave in the previous post

Role definition is confusing, can anybody figure it out, what is going wrong?

after cas server authentication i am taken to
http://localhost:8090/concas/secure/index.htm
HTTP Status 403 - Access is denied

Code:

---

        <bean id="filterInvocationInterceptor" class="org.acegisecurity.intercept.web.FilterSecurityInterceptor">
            <property name="authenticationManager"><ref local="authenticationManager"/></property>
            <property name="accessDecisionManager"><ref local="httpRequestAccessDecisionManager"/></property>
                <property name="objectDefinitionSource">
                        <value>
                            CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
                                \A/secure/super.*\Z=ROLE_WE_DONT_HAVE
                                \A/secure/.*\Z=ROLE_SUPERVISOR,ROLE_TELLER
                        </value>
                </property>
        </bean>

---

Dao implementation

Code:

---

  <bean id="inMemoryDaoImpl" class="org.acegisecurity.userdetails.memory.InMemoryDaoImpl">
        <property name="userMap">
                <value>
                        marissa=koala,ROLES_IGNORED_BY_CAS
                        dianne=emu,ROLES_IGNORED_BY_CAS
                        scott=wombat,ROLES_IGNORED_BY_CAS
                        peter=opal,disabled,ROLES_IGNORED_BY_CAS
                </value>
        </property>
  </bean>

---

uncommeted channelprocessing filter bean definition and also added its name to filter entry point.

Changed the service url to,

Code:

---

<property name="service"><value>https://localhost:8443/concas/secure/j_acegi_cas_security_check</value></property>

---

now after CAS authentication the browser request keeps spinning to this url
https://localhost:8443/cas/login?ser...CBEEC390F96D7A

attached applicationContext-acegi-security.xml.txt

any thoughts ...

Code:

---

2007-02-27 13:32:19,909 INFO [org.jasig.cas.CentralAuthenticationServiceImpl] - <Granted service ticket [ST-370-bHvaRdAp0VGsE4uu9FTevCcJWDx2uojLecb-20] for service [https://localhost:8443/concas/secure/j_acegi_cas_security_check] for user [marissa]>
2007-02-27 13:32:19,909 DEBUG [org.jasig.cas.web.flow.GenerateServiceTicketAction] - <Action 'org.jasig.cas.web.flow.GenerateServiceTicketAction' completed execution; result event is [Event@48bd67 source = org.jasig.cas.web.flow.GenerateServiceTicketAction@b2e9be, id = 'success', stateId = [null], parameters = [null]]>
2007-02-27 13:32:19,909 DEBUG [org.jasig.cas.web.flow.WarnAction] - <Action 'org.jasig.cas.web.flow.WarnAction' beginning execution>
2007-02-27 13:32:19,909 DEBUG [org.jasig.cas.web.flow.WarnAction] - <Action 'org.jasig.cas.web.flow.WarnAction' completed execution; result event is [Event@18add58 source = org.jasig.cas.web.flow.WarnAction@d4855d, id = 'redirect', stateId = [null], parameters = [null]]>
2007-02-27 13:32:19,940 DEBUG [org.jasig.cas.web.flow.TicketGrantingTicketExistsAction] - <Action 'org.jasig.cas.web.flow.TicketGrantingTicketExistsAction' beginning execution>
2007-02-27 13:32:19,940 DEBUG [org.jasig.cas.web.flow.TicketGrantingTicketExistsAction] - <Action 'org.jasig.cas.web.flow.TicketGrantingTicketExistsAction' completed execution; result event is [Event@8a9705 source = org.jasig.cas.web.flow.TicketGrantingTicketExistsAction@cca07b, id = 'ticketGrantingTicketExists', stateId = [null], parameters = [null]]>
2007-02-27 13:32:19,940 DEBUG [org.jasig.cas.web.flow.HasServiceCheckAction] - <Action 'org.jasig.cas.web.flow.HasServiceCheckAction' beginning execution>
2007-02-27 13:32:19,940 DEBUG [org.jasig.cas.web.flow.HasServiceCheckAction] - <Action 'org.jasig.cas.web.flow.HasServiceCheckAction' completed execution; result event is [Event@c0dc01 source = org.jasig.cas.web.flow.HasServiceCheckAction@150388c, id = 'hasService', stateId = [null], parameters = [null]]>
2007-02-27 13:32:19,940 DEBUG [org.jasig.cas.web.flow.RenewRequestCheckAction] - <Action 'org.jasig.cas.web.flow.RenewRequestCheckAction' beginning execution>
2007-02-27 13:32:19,940 DEBUG [org.jasig.cas.web.flow.RenewRequestCheckAction] - <Action 'org.jasig.cas.web.flow.RenewRequestCheckAction' completed execution; result event is [Event@1abc91d source = org.jasig.cas.web.flow.RenewRequestCheckAction@22b7f8, id = 'generateServiceTicket', stateId = [null], parameters = [null]]>
2007-02-27 13:32:19,940 DEBUG [org.jasig.cas.web.flow.GenerateServiceTicketAction] - <Action 'org.jasig.cas.web.flow.GenerateServiceTicketAction' beginning execution>
2007-02-27 13:32:19,940 DEBUG [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Attempting to retrieve ticket [TGT-2-EIft15Y2Ys5QzuqFdOROawOfKhmkh72y7sB-50]>
2007-02-27 13:32:19,940 DEBUG [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Ticket [TGT-2-EIft15Y2Ys5QzuqFdOROawOfKhmkh72y7sB-50] found in registry.>
2007-02-27 13:32:19,940 DEBUG [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Added ticket [ST-371-OPHRHQQmh5PToqv9Sci1xbHKcSQxEZqPsVf-20] to registry.>
2007-02-27 13:32:19,940 INFO [org.jasig.cas.CentralAuthenticationServiceImpl] - <Granted service ticket [ST-371-OPHRHQQmh5PToqv9Sci1xbHKcSQxEZqPsVf-20] for service [https://localhost:8443/concas/secure/j_acegi_cas_security_check] for user [marissa]>
2007-02-27 13:32:19,940 DEBUG [org.jasig.cas.web.flow.GenerateServiceTicketAction] - <Action 'org.jasig.cas.web.flow.GenerateServiceTicketAction' completed execution; result event is [Event@120bffd source = org.jasig.cas.web.flow.GenerateServiceTicketAction@b2e9be, id = 'success', stateId = [null], parameters = [null]]>
2007-02-27 13:32:19,940 DEBUG [org.jasig.cas.web.flow.WarnAction] - <Action 'org.jasig.cas.web.flow.WarnAction' beginning execution>
2007-02-27 13:32:19,940 DEBUG [org.jasig.cas.web.flow.WarnAction] - <Action 'org.jasig.cas.web.flow.WarnAction' completed execution; result event is [Event@11c7eb2 source = org.jasig.cas.web.flow.WarnAction@d4855d, id = 'redirect', stateId = [null], parameters = [null]]>
2007-02-27 13:32:19,956 DEBUG [org.jasig.cas.web.flow.TicketGrantingTicketExistsAction] - <Action 'org.jasig.cas.web.flow.TicketGrantingTicketExistsAction' beginning execution>
2007-02-27 13:32:19,956 DEBUG [org.jasig.cas.web.flow.TicketGrantingTicketExistsAction] - <Action 'org.jasig.cas.web.flow.TicketGrantingTicketExistsAction' completed execution; result event is [Event@1c21535 source = org.jasig.cas.web.flow.TicketGrantingTicketExistsAction@cca07b, id = 'ticketGrantingTicketExists', stateId = [null], parameters = [null]]>
2007-02-27 13:32:19,956 DEBUG [org.jasig.cas.web.flow.HasServiceCheckAction] - <Action 'org.jasig.cas.web.flow.HasServiceCheckAction' beginning execution>
2007-02-27 13:32:19,956 DEBUG [org.jasig.cas.web.flow.HasServiceCheckAction] - <Action 'org.jasig.cas.web.flow.HasServiceCheckAction' completed execution; result event is [Event@fe83e5 source = org.jasig.cas.web.flow.HasServiceCheckAction@150388c, id = 'hasService', stateId = [null], parameters = [null]]>
2007-02-27 13:32:19,956 DEBUG [org.jasig.cas.web.flow.RenewRequestCheckAction] - <Action 'org.jasig.cas.web.flow.RenewRequestCheckAction' beginning execution>
2007-02-27 13:32:19,956 DEBUG [org.jasig.cas.web.flow.RenewRequestCheckAction] - <Action 'org.jasig.cas.web.flow.RenewRequestCheckAction' completed execution; result event is [Event@185477d source = org.jasig.cas.web.flow.RenewRequestCheckAction@22b7f8, id = 'generateServiceTicket', stateId = [null], parameters = [null]]>
2007-02-27 13:32:19,956 DEBUG [org.jasig.cas.web.flow.GenerateServiceTicketAction] - <Action 'org.jasig.cas.web.flow.GenerateServiceTicketAction' beginning execution>
2007-02-27 13:32:19,956 DEBUG [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Attempting to retrieve ticket [TGT-2-EIft15Y2Ys5QzuqFdOROawOfKhmkh72y7sB-50]>
2007-02-27 13:32:19,956 DEBUG [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Ticket [TGT-2-EIft15Y2Ys5QzuqFdOROawOfKhmkh72y7sB-50] found in registry.>
2007-02-27 13:32:19,956 DEBUG [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Added ticket [ST-372-TThUb0EiyCUxk1o56OQ7qT9oIEIV6jIBMgs-20] to registry.>

---