404 error with /j_spring_cas_security_check using SWF + Spring Security + CAS
Spring web flow - 2.3.0.RELEASE
Spring security - 3.0.4.RELEASE
Spring - 3.0.4.RELEASE
Spring CAS Client - 3.0.4.RELEASE
CAS - 3.4.2
I have run into a problem integrating Spring web flow using spring security with CAS. There is a problem with the handshake between CAS Server and CAS Client (using spring security).
On accessing the secured resource, I am redirected to the CAS sever which generates a service ticket after successful login and CAS server redirects to the URL defined in the service properties bean which is /app/j_spring_cas_security_check which is the filterProcessesUrl set on the CasAuthenticationFilter bean.
The URL looks something like
However I get a 404 while trying to access /app/j_spring_cas_security_check, check the above URL, I am not sure what could be wrong, any help will be appreciated.PHP Code:http://localhost:8888/acme/app/j_spring_cas_security_check?ticket=ST-4-em0DC5e6ddbETKAATTri-cas
Please find the web.xml and spring security config below.
WEB.XML
security-config.xmlCode:<!-- Enables Spring Security --> <filter> <filter-name>springSecurityFilterChain</filter-name> <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class> </filter> <filter-mapping> <filter-name>springSecurityFilterChain</filter-name> <url-pattern>/*</url-pattern> <dispatcher>FORWARD</dispatcher> <dispatcher>REQUEST</dispatcher> </filter-mapping> <!-- SSO Entry start --> <context-param> <param-name>webAppRootKey</param-name> <param-value>cas.root</param-value> </context-param> <filter> <filter-name>CAS Single Sign Out Filter</filter-name> <filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class> </filter> <filter-mapping> <filter-name>CAS Single Sign Out Filter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <listener> <listener-class>org.jasig.cas.client.session.SingleSignOutHttpSessionListener</listener-class> </listener> <error-page> <error-code>403</error-code> <location>/app/casfailed</location> </error-page> <!-- SSO Entry end --> <!-- The front controller of this Spring Web application, responsible for handling all application requests --> <servlet> <servlet-name>Spring MVC Dispatcher Servlet</servlet-name> <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class> <init-param> <param-name>contextConfigLocation</param-name> <param-value></param-value> </init-param> <load-on-startup>2</load-on-startup> </servlet> <!-- Map all /spring requests to the Dispatcher Servlet for handling --> <servlet-mapping> <servlet-name>Spring MVC Dispatcher Servlet</servlet-name> <url-pattern>/app/*</url-pattern> </servlet-mapping>
Code:<?xml version="1.0" encoding="UTF-8"?> <beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:security="http://www.springframework.org/schema/security" xsi:schemaLocation=" http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.xsd"> <security:http entry-point-ref="casProcessingFilterEntryPoint" use-expressions="true" access-denied-page="/app/casfailed" auto-config="true"> <security:intercept-url pattern="/app/casfailed" access="permitAll()" requires-channel="any" /> <security:intercept-url pattern="/app/cas-logout" access="permitAll()" requires-channel="any" /> <security:intercept-url pattern="/app/**" access="hasAnyRole('ROLE_USER')" requires-channel="any" /> <security:logout logout-success-url="/app/cas-logout" /> <security:custom-filter position="CAS_FILTER" ref="casAuthenticationFilter" /> </security:http> <bean id="casAuthenticationFilter" class="org.springframework.security.cas.web.CasAuthenticationFilter"> <property name="filterProcessesUrl" value="/app/j_spring_cas_security_check" /> <property name="authenticationManager" ref="authenticationManager" /> <property name="authenticationFailureHandler"> <bean class="org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler"> <property name="defaultFailureUrl" value="/app/casfailed" /> </bean> </property> <property name="authenticationSuccessHandler"> <bean class="org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler"> <property name="defaultTargetUrl" value="/app/home" /> </bean> </property> </bean> <bean id="casProcessingFilterEntryPoint" class="org.springframework.security.cas.web.CasAuthenticationEntryPoint"> <property name="loginUrl" value="https://localhost:8446/cas/login" /> <property name="serviceProperties" ref="serviceProperties" /> </bean> <bean id="casAuthenticationProvider" class="org.springframework.security.cas.authentication.CasAuthenticationProvider"> <property name="userDetailsService" ref="userService" /> <property name="serviceProperties" ref="serviceProperties" /> <property name="ticketValidator"> <bean class="org.jasig.cas.client.validation.Cas20ServiceTicketValidator"> <constructor-arg index="0" value="https://localhost:8446/cas" /> </bean> </property> <property name="key" value="an_id_for_this_auth_provider_only" /> </bean> <bean id="serviceProperties" class="org.springframework.security.cas.ServiceProperties"> <property name="service" value="http://localhost:8888/acme/app/j_spring_cas_security_check" /> <property name="sendRenew" value="false" /> </bean> <security:authentication-manager alias="authenticationManager"> <security:authentication-provider ref="casAuthenticationProvider"/> </security:authentication-manager> <security:user-service id="userService"> <security:user name="rod" password="rod" authorities="ROLE_SUPERVISOR,ROLE_USER" /> <security:user name="demo" password="demo" authorities="ROLE_USER" /> <security:user name="scott" password="scott" authorities="ROLE_USER" /> </security:user-service> </beans>
Reply With Quote
