Here's my situation.
I have a CAS web application and a ACEGI web application that also exposes web services to be protected by ACEGI. There is another application that uses CAS on a different machine that will make a web service call to my ACEGI web application. The CAS authentication is working fine, however the web service call does not.
When a logged in user on the other machine makes a web service call, I get the following message in my logs:
Authentication not added to ContextHolder (could not extract an authentication object from the container which is an instance of Authentication)
and this error eventually occurs:
DEBUG [2004-09-01 11:31:45,008] (SecurityEnforcementFilter.java:191) - Authentication failed - adding target URL to Session: https://hostname.domain.edu:8443/s3d...CuTZa9rVObSKjT
net.sf.acegisecurity.AuthenticationCredentialsNotF oundException: A valid SecureContext was not provided in the RequestContext
My guess is that the CASProcessingFilter is not getting run because the request does not end in /j_acegi_cas_security_check. Is that correct?
How am I supossed to validate a proxy ticket for a web service using the ACEGI framework? Any suggestions would be greatly appreciated!