Originally Posted by
rwinch
[*] What URL are you submitting the proxy ticket to? If the request was submitted to the filterProcessUrl (/j_spring_cas_security_check) regular service ticket authentication is performed which will do redirects.
Exactly - my request is submitted to filterProcessUrl (/j_spring_cas_security_check)
Code:
public class CasAuthenticationCommonsHttpInvokerRequestExecutor extends
CommonsHttpInvokerRequestExecutor {
@Override
protected PostMethod createPostMethod(HttpInvokerClientConfiguration config) throws IOException {
PostMethod postMethod = super.createPostMethod(config);
String ticket = ((CasAuthenticationToken)SecurityContextHolder.getContext().getAuthentication()).getAssertion().getPrincipal().getProxyTicketFor("https://10.128.17.191:8443/securityTest2/j_spring_cas_security_check");
postMethod.addRequestHeader("ticket", new String(Base64.encode(ticket.getBytes())));
// postMethod.addParameter("ticket", new String(Base64.encode(ticket.getBytes())));
return postMethod;
}
}
Originally Posted by
rwinch
Yes, it was set to true
Originally Posted by
rwinch
[*] I also noticed that you are looking in the request headers for the proxy ticket. I am not aware of this being part of the specification. As far as I know the proxy ticket should be present as a HTTP parameter. Is there any documentation that you have found that allows the ticket to be specified as a header?
I didn't find that in documentation. When I was setting ticket as parameter
Code:
postMethod.addParameter("ticket", new String(Base64.encode(ticket.getBytes())));
I was getting null when trying to get it out from request in filter. My guess is that why is difference in URL in filter. It was not /j_spring_cas_security_check but it was remote method's I invoke: /remoting/RemoteTestService. Parameter was somehow stripped off while processing? Not really sure, but when I changed it to request header it was present in request. Hope this will be helpful.
Reply With Quote
