I need to set up Acegi + CAS, and I'm having problem. I don't fully control the application I'm working on so switching from Acegi to Spring Security isn't an option at this point.
The problem: the authentication process is blocked in the CasAuthenticationProvider. "blocked" here means the process does not move forward. Here's the last Acegi log lines I see:
The CAS server logs do not include much. I can see the granting of the ticket:
12 Jan 14:38:06 DEBUG [util.FilterChainProxy] - /j_acegi_cas_security_check?ticket=ST-19-AyGHiFFOc5XknShmeCTo-cas at position 4 of 6 in additional filter cha
in; firing Filter: 'org.acegisecurity.ui.cas.CasProcessingFilter@618821'
12 Jan 14:38:06 DEBUG [cas.CasProcessingFilter] - Request is to process authentication
12 Jan 14:38:06 DEBUG [providers.ProviderManager] - Authentication attempt using org.acegisecurity.providers.cas.CasAuthenticationProvider
12 Jan 14:38:06 WARN [ticketvalidator.CasProxyTicketValidator] - The current CAS ProxyTicketValidator does not support the 'renew' property. The ticket cannot be validated as having been issued by a 'renew' authentication. It is expected this will be corrected in a future version of CAS' ProxyTicketValidator.
and I also see SSLSocket exceptions (Warnings):
2010-01-12 14:38:06,342 INFO [org.jasig.cas.CentralAuthenticationServiceImpl] - <Granted service ticket [ST-19-AyGHiFFOc5XknShmeCTo-cas] for service [https://localhost:8443/geoserver/j_acegi_cas_security_check] for user [jeichar]>
but I don't know if there are harmful.
2010-01-12 15:04:42.177::WARN: handle failed
java.lang.UnsupportedOperationException: The method shutdownOutput() is not supported in SSLSocket
My security context file is derived from the cas-contacts sample. It is attached to this post (applicationContext-acegi-security-cas.txt).
As I said the process is blocked and I get no exception in Acegi. The browser is redirected to j_acegi_cas_security_check but waits for ever.
I've tried multiple casclient.jar files that I've found here and there, but I always get the same issue.
Does anyone know where the problem could come from? Any hint would be highly appreciated. And please tell me if my post misses important information.