我已经过了一个月的CAS服务器和CAS客户端,但还没有为我的应用程序找到合适的解决方案,请帮忙。
以下是我的简要说明: -
我有两个应用程序,一个是Java,另一个是ROR。我在JAVA中设置了CAS SERVER,我使用CAS服务器的自签名证书,它运行良好。
ROR应用程序: - 已安装的RubyCAS客户端,它也运行良好。
我在JAVA cas客户端遇到问题。我已经在http和https上尝试了这个,但每次它都停留在重定向循环中。我的应用程序(客户端)已启动,但日志中没有信息发布,另一方面CAS服务器每次发出11张票。这是日志:
2014-03-01 00:50:02,540 INFO [org.jasig.cas.authentication.AuthenticationManagerImpl] - <AuthenticationHandler: org.jasig.cas.adaptors.jdbc.QueryDatabaseAuthenticationHandler successfully authenticated the user which provided the following credentials: [username: ankit@yopmail.com]>
2014-03-01 00:50:02,574 INFO [org.jasig.cas.CentralAuthenticationServiceImpl] - <Granted service ticket [ST-1-h6DqHWTp273M0N3IQTC5-localhost] for service [https://localhost:8444/Testing/j_spring_cas_security_check] for user [ankit@yopmail.com]>
2014-03-01 00:50:02,606 INFO [org.jasig.cas.CentralAuthenticationServiceImpl] - <Granted service ticket [ST-2-Qh2p1wolMX3j2UcVVeaF-localhost] for service [https://localhost:8444/Testing/j_spring_cas_security_check] for user [ankit@yopmail.com]>
2014-03-01 00:50:02,617 INFO [org.jasig.cas.CentralAuthenticationServiceImpl] - <Granted service ticket [ST-3-LiZI7QvcB43bKQiwi3xs-localhost] for service [https://localhost:8444/Testing/j_spring_cas_security_check] for user [ankit@yopmail.com]>
2014-03-01 00:50:02,630 INFO [org.jasig.cas.CentralAuthenticationServiceImpl] - <Granted service ticket [ST-4-QaXXQFaBc3CUIBJR1Woe-localhost] for service [https://localhost:8444/Testing/j_spring_cas_security_check] for user [ankit@yopmail.com]>
2014-03-01 00:50:02,645 INFO [org.jasig.cas.CentralAuthenticationServiceImpl] - <Granted service ticket [ST-5-cRQHG2R4nZpM3ezooIEf-localhost] for service [https://localhost:8444/Testing/j_spring_cas_security_check] for user [ankit@yopmail.com]>
2014-03-01 00:50:02,675 INFO [org.jasig.cas.CentralAuthenticationServiceImpl] - <Granted service ticket [ST-6-6e5UloJAcWVZjcc50q75-localhost] for service [https://localhost:8444/Testing/j_spring_cas_security_check] for user [ankit@yopmail.com]>
2014-03-01 00:50:02,687 INFO [org.jasig.cas.CentralAuthenticationServiceImpl] - <Granted service ticket [ST-7-5p3xSzrmkti5NkywLHfY-localhost] for service [https://localhost:8444/Testing/j_spring_cas_security_check] for user [ankit@yopmail.com]>
2014-03-01 00:50:02,699 INFO [org.jasig.cas.CentralAuthenticationServiceImpl] - <Granted service ticket [ST-8-fIDLeujFBsT9c0ftx4iR-localhost] for service [https://localhost:8444/Testing/j_spring_cas_security_check] for user [ankit@yopmail.com]>
2014-03-01 00:50:02,710 INFO [org.jasig.cas.CentralAuthenticationServiceImpl] - <Granted service ticket [ST-9-x1sldmLaHMe9bfhbNwEX-localhost] for service [https://localhost:8444/Testing/j_spring_cas_security_check] for user [ankit@yopmail.com]>
2014-03-01 00:50:02,734 INFO [org.jasig.cas.CentralAuthenticationServiceImpl] - <Granted service ticket [ST-10-vaGd3Obh9sBeKDDJoHPf-localhost] for service [https://localhost:8444/Testing/j_spring_cas_security_check] for user [ankit@yopmail.com]>
2014-03-01 00:50:02,745 INFO [org.jasig.cas.CentralAuthenticationServiceImpl] - <Granted service ticket [ST-11-5mnVJS4AabPKx2vXxrWy-localhost] for service [https://localhost:8444/Testing/j_spring_cas_security_check] for user [ankit@yopmail.com]>
现在我的问题是我没有正确地重定向到目的地。这是我的application-security-context.xml文件: -
<security:global-method-security secured-annotations="disabled"></security:global-method-security>
<security:http auto-config="false" entry-point-ref="casAuthenticationEntryPoint">
<security:intercept-url pattern="/js/**" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
<security:intercept-url pattern="/css/**" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
<security:intercept-url pattern="/img/**" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
<security:intercept-url pattern="/emailtemplate/**" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
<security:intercept-url pattern="/index.jsp" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
<security:intercept-url pattern="/p/**" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
<security:intercept-url pattern="/dashboard" access="ROLE_USER, ROLE_ADMIN"/>
<security:intercept-url pattern="/admin/**" access="ROLE_ADMIN"/>
<security:intercept-url pattern="/user/**" access="ROLE_USER"/>
<security:intercept-url pattern="/**" access="ROLE_USER, ROLE_ADMIN"/>
<security:custom-filter after="CAS_FILTER" ref="casAuthenticationFilter"/>
<security:logout logout-success-url="/login"/>
</security:http>
<bean id="successHandler" class="com.testing.security.AuthenticationSuccessHandler">
<property name="defaultTargetUrl" value="/dashboard"/>
</bean>
<bean id="failureHandler" class="org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler">
<property name="defaultFailureUrl" value="/login"/>
</bean>
<security:authentication-manager alias="authenticationManager">
<security:authentication-provider ref="casAuthenticationProvider"/>
</security:authentication-manager>
<bean id="serviceProperties" class="org.springframework.security.cas.ServiceProperties">
<property name="service" value="https://localhost:8444/Testing/j_spring_cas_security_check"/>
<property name="sendRenew" value="false"></property>
</bean>
<bean id="casAuthenticationFilter" class="org.springframework.security.cas.web.CasAuthenticationFilter">
<property name="authenticationManager" ref="authenticationManager"/>
<property name="filterProcessesUrl" value="https://localhost:8444/Testing/j_spring_cas_security_check" />
<property name="authenticationSuccessHandler">
<bean class="org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler"
p:alwaysUseDefaultTargetUrl="true"
p:defaultTargetUrl="/dashboard"/>
<bean id="casAuthenticationEntryPoint" class="org.springframework.security.cas.web.CasAuthenticationEntryPoint">
<property name="loginUrl" value="https://localhost:8443/casserver3421/login"/>
<property name="serviceProperties" ref="serviceProperties"/>
<bean id="casAuthenticationProvider" class="org.springframework.security.cas.authentication.CasAuthenticationProvider">
<property name="userDetailsService" ref="userDetailsService"/>
<property name="serviceProperties" ref="serviceProperties"/>
<property name="ticketValidator">
<bean class="org.jasig.cas.client.validation.Cas20ServiceTicketValidator">
<constructor-arg index="0" value="https://localhost:8443/casserver3421"/>
</bean>
</property>
<property name="key" value="my_password_for_this_auth_provider_only"/>
</bean>
请帮忙。提前谢谢。
答案 0 :(得分:0)
我看到了Spring CAS的文档和关于CasAuthenticationFilter的示例等于
<bean id="casFilter"
class="org.springframework.security.cas.web.CasAuthenticationFilter">
<property name="authenticationManager" ref="authenticationManager"/>
</bean>
也许您应该排除额外的配置,例如 SavedRequestAwareAuthenticationSuccessHandler