logo       
<prev   next>

Re: upgraded to 3.0.6 final, redirects stopped: msg#00155

java.jasig.cas.user

Subject: Re: upgraded to 3.0.6 final, redirects stopped

I went ahead and upgraded my Resin server from 3.0.17 to 3.0.22 (been meaning to for a while now)
all those previously null parameters are now visible!

The only issue I have right now is that a jstl/ognl error with this line:

<spring:message code="screen.confirmation.message" arguments="${param.service}${fn:indexOf(params.service, '?') eq -1 ? '?' : '&'}ticket=${ticket}" /></p>


I get:

Caused by: ognl.MethodFailedException: Method "indexOf" failed for object [Ljava.lang.String;@4896f7 [java.lang.NoSuchMethodException: indexOf(java.lang.Character)]

I'll keep digging.  Thanks for the hints thus far.



On 12/21/06, Vinny <xaymaca-Re5JQEeQqe8AvxtiuMwx3w@xxxxxxxxxxxxxxxx> wrote:
Another data point, I added the following to

<!--
<c:out value="<%=response.encodeRedirectURL("login" + (request.getQueryString() != null && request.getQueryString().length() > 0 ? "?" + request.getQueryString() : ""))%>"  />
The query string is <%=request.getQueryString() %>
The translated request path is <%=request.getPathTranslated() %>

-->


and got this result when I view source for the login page: 

<!-- 
login
The query string is null 
The translated request path is null 

-->
This may be some kind of Resin idiosyncrasy, I can't get anything but null from my request object's methods.




On 12/21/06, Vinny < xaymaca-Re5JQEeQqe8AvxtiuMwx3w@xxxxxxxxxxxxxxxx> wrote:
I haven't yet altered casLoginView.jsp at all. For some reason the scriptlet is not producing the correct String for action="">
My jsp code looks like this (under WEB-INF/view/jsp/simple/ui )

action="" response.encodeRedirectURL("login" + (StringUtils.hasText(request.getQueryString()) ? "?" + request.getQueryString() : ""))%>"

and this under WEB-INF/view/jsp/default/ui :

action="" + (request.getQueryString() != null && request.getQueryString().length() > 0 ? "?" + request.getQueryString() : ""))%>"




On 12/21/06, Scott Battaglia < scott.battaglia-Re5JQEeQqe8AvxtiuMwx3w@xxxxxxxxxxxxxxxx> wrote:
This isn't going to work:

<form method="post" action
="login">

you just eliminated all of the request parameters that are needed.





-Scott


On 12/21/06, Vinny < xaymaca-Re5JQEeQqe8AvxtiuMwx3w@xxxxxxxxxxxxxxxx> wrote:
I get taken to a url like this to login at the cas server (called loginServer in my app) 
https://myhost.com/loginServer/login?service=https%3A%2F%2Fmyhost.com%2FProjectBuilder%2Fj_acegi_cas_security_check%3Bjsessionid%3DaDin2QibMDA87FRoM_

When I examine the login form page's souce I don't see a variable that will post a "service" variable.

The form has :
<form method="post" action
="login">
and 2 hidden variables of:


<input type="hidden" 
name="lt" value=



"_c976FAEAA-E216-0AA6-4188-DD77CB6007B4_k2617A246-3C45-345A-E3FE-6CD8A8A0B0D3" 
/>
<input type="hidden" name
=



"_eventId" value="submit" />

I'm guessing 'lt' provides all the needed info?



I may have misunderstood your question.




On 12/21/06, Scott Battaglia < scott.battaglia-Re5JQEeQqe8AvxtiuMwx3w@xxxxxxxxxxxxxxxx > wrote:
Have you checked your jsp page to make sure its transferring the service parameter from the GET to the POST?

-Scott

I should clarify what I mean by redirecting stopping. When I go to my protected app, I get redirected to the CAS server.
I login, login is successful but instead of getting redirected back to my original webapp, I instead end up at
https://myhost/cas/login  with a success message. Any clues? I'm sure it's something minor. From the logs which seem normal to me:



2006-12-21 12:04:36,176 DEBUG [ org.acegisecurity.securechannel.ChannelProcessingFilter] - <Request: FilterInvocation: URL: /dwr/util.js; ConfigAttributes: [REQUIRES_SECURE_CHANNEL]>
2006-12-21 12:04:36,176 DEBUG [org.acegisecurity.util.FilterChainProxy ] - </dwr/util.js at position 2 of 6 in additional filter chain; firing Filter: 'org.acegisecurity.context.HttpSessionContextIntegrationFilter@a2e2e3'>
2006-12-21 12:04:36,176 DEBUG [org.acegisecurity.context.HttpSessionContextIntegrationFilter ] - <Obtained from ACEGI_SECURITY_CONTEXT a valid SecurityContext and set to SecurityContextHolder: 'org.acegisecurity.context.SecurityContextImpl@8f2b0ad0: Authentication: org.acegisecurity.providers.cas.CasAuthenticationToken@8f2b0ad0 : Username: org.acegisecurity.userdetails.User@fb966e00: Username: vstoessel; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: ROLE_1; Password: [PROTECTED]; Authenticated: true; Details: org.acegisecurity.ui.WebAuthenticationDetails@0: RemoteIpAddress: 24.30.19.9; SessionId: avFH1HLoWFfdosV7L_; Granted Authorities: ROLE_1; Credentials (Service/Proxy Ticket): ST-2-sA7FPC9QEFtyJUBrvKKUdU52erW6UpRQ73N-20; Proxy-Granting Ticket IOU: PGTIOU-2-BadSHcMQgeyZN7gTGDrV2AaxyEZGnXjFoJd; Proxy List: []'>
2006-12-21 12:04:36,176 DEBUG [org.acegisecurity.util.FilterChainProxy] - </dwr/util.js at position 3 of 6 in additional filter chain; firing Filter: 'org.acegisecurity.ui.cas.CasProcessingFilter@56e935'>
2006-12-21 12:04:36,177 DEBUG [org.acegisecurity.util.FilterChainProxy] - </dwr/util.js at position 4 of 6 in additional filter chain; firing Filter: 'org.acegisecurity.ui.basicauth.BasicProcessingFilter@e8d552 '>
2006-12-21 12:04:36,177 DEBUG [org.acegisecurity.ui.basicauth.BasicProcessingFilter] - <Authorization header: null>
2006-12-21 12:04:36,177 DEBUG [org.acegisecurity.util.FilterChainProxy] - </dwr/util.js at position 5 of 6 in additional filter chain; firing Filter: ' org.acegisecurity.ui.ExceptionTranslationFilter@d2baf'>
2006-12-21 12:04:36,177 DEBUG [org.acegisecurity.util.FilterChainProxy] - </dwr/util.js at position 6 of 6 in additional filter chain; firing Filter: ' org.acegisecurity.intercept.web.FilterSecurityInterceptor@af064b'>
2006-12-21 12:04:36,177 DEBUG [org.acegisecurity.intercept.web.PathBasedFilterInvocationDefinitionMap] - <Candidate is: '/dwr/util.js'; pattern is /acegilogin.jsp; matched=false>
2006-12-21 12:04:36,177 DEBUG [org.acegisecurity.intercept.web.PathBasedFilterInvocationDefinitionMap] - <Candidate is: '/dwr/util.js'; pattern is /casfailed.jsp; matched=false>
2006-12-21 12:04:36,177 DEBUG [ org.acegisecurity.intercept.web.PathBasedFilterInvocationDefinitionMap] - <Candidate is: '/dwr/util.js'; pattern is /logoff.jsp; matched=false>
2006-12-21 12:04:36,177 DEBUG [org.acegisecurity.intercept.web.PathBasedFilterInvocationDefinitionMap ] - <Candidate is: '/dwr/util.js'; pattern is /main.js; matched=false>
2006-12-21 12:04:36,178 DEBUG [org.acegisecurity.intercept.web.PathBasedFilterInvocationDefinitionMap] - <Candidate is: '/dwr/util.js'; pattern is /main.css; matched=false>
2006-12-21 12:04:36,178 DEBUG [org.acegisecurity.intercept.web.PathBasedFilterInvocationDefinitionMap] - <Candidate is: '/dwr/util.js'; pattern is /print.css; matched=false>
2006-12-21 12:04:36,178 DEBUG [ org.acegisecurity.intercept.web.PathBasedFilterInvocationDefinitionMap] - <Candidate is: '/dwr/util.js'; pattern is /js/**; matched=false>
2006-12-21 12:04:36,178 DEBUG [org.acegisecurity.intercept.web.PathBasedFilterInvocationDefinitionMap ] - <Candidate is: '/dwr/util.js'; pattern is /dwr/**; matched=true>
2006-12-21 12:04:36,178 DEBUG [org.acegisecurity.intercept.AbstractSecurityInterceptor] - <Secure object: FilterInvocation: URL: /dwr/util.js; ConfigAttributes: [ROLE_ANONYMOUS, ROLE_1, ROLE_2, ROLE_3, ROLE_4, ROLE_5]>
2006-12-21 12:04:36,178 DEBUG [org.acegisecurity.intercept.AbstractSecurityInterceptor] - <Previously Authenticated: org.acegisecurity.providers.cas.CasAuthenticationToken@8f2b0ad0: Username: org.acegisecurity.userdetails.User@fb966e00 : Username: vstoessel; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: ROLE_1; Password: [PROTECTED]; Authenticated: true; Details: org.acegisecurity.ui.WebAuthenticationDetails@0: RemoteIpAddress: 24.30.19.9; SessionId: avFH1HLoWFfdosV7L_; Granted Authorities: ROLE_1; Credentials (Service/Proxy Ticket): ST-2-sA7FPC9QEFtyJUBrvKKUdU52erW6UpRQ73N-20; Proxy-Granting Ticket IOU: PGTIOU-2-BadSHcMQgeyZN7gTGDrV2AaxyEZGnXjFoJd; Proxy List: []>
2006-12-21 12:04:36,178 DEBUG [org.acegisecurity.intercept.AbstractSecurityInterceptor] - <Authorization successful>
2006-12-21 12:04:36,179 DEBUG [org.acegisecurity.intercept.AbstractSecurityInterceptor] - <RunAsManager did not change Authentication object>
2006-12-21 12:04:36,179 DEBUG [org.acegisecurity.util.FilterChainProxy] - </dwr/util.js reached end of additional filter chain; proceeding with original chain>
2006-12-21 12:04:36,180 DEBUG [org.acegisecurity.ui.ExceptionTranslationFilter ] - <Chain processed normally>
2006-12-21 12:04:36,180 DEBUG [org.acegisecurity.context.HttpSessionContextIntegrationFilter] - <SecurityContextHolder set to new context, as request processing completed>



On 12/21/06, Vinny < xaymaca-Re5JQEeQqe8AvxtiuMwx3w@xxxxxxxxxxxxxxxx> wrote:
Hello all,
I was having some issues with my 3.0.6 RC cas server so I dropped in the new 3.0.6 final.
I use acegis org.acegisecurity.adapters.cas3.CasAuthenticationHandler and that is working well.
I get authenticated but I am not being directed back to my "service" url. I had every working on my localhost
but under the RC version but am getting stuck trying to deploy in production. Does the server need to know
about the "services: that want to connect to it? Does services.xml in WEB-INF/classes need to be edited?
I don't see where that file is referenced by anything.
Thanks in advance

 --
Ghetto Java: http://www.ghettojava.com

_______________________________________________
Yale CAS mailing list
cas-c5E7yoNEsvRIM2btvs0Z1A@xxxxxxxxxxxxxxxx
http://tp.its.yale.edu/mailman/listinfo/cas




_______________________________________________
Yale CAS mailing list
cas-c5E7yoNEsvRIM2btvs0Z1A@xxxxxxxxxxxxxxxx
http://tp.its.yale.edu/mailman/listinfo/cas





--
Ghetto Java: http://www.ghettojava.com

_______________________________________________
Yale CAS mailing list
cas-c5E7yoNEsvRIM2btvs0Z1A@xxxxxxxxxxxxxxxx
http://tp.its.yale.edu/mailman/listinfo/cas




_______________________________________________
Yale CAS mailing list
cas-c5E7yoNEsvRIM2btvs0Z1A@xxxxxxxxxxxxxxxx
http://tp.its.yale.edu/mailman/listinfo/cas





--
Ghetto Java: http://www.ghettojava.com



--
Ghetto Java: http://www.ghettojava.com



--
Ghetto Java: http://www.ghettojava.com

<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: upgraded to 3.0.6 final, redirects stopped, Vinny
Next by Date:  Re: upgraded to 3.0.6 final, redirects stopped, Vinny
Previous by Thread:  Re: upgraded to 3.0.6 final, redirects stopped, Vinny
Next by Thread:  Re: upgraded to 3.0.6 final, redirects stopped, Vinny
Indexes:  [Date] [Thread] [Top] [All Lists]

Google Custom Search
News | FAQ | advertise