Authenticate user for secure spring service with CAS RESTful API ticket -


i have successfuly setup cas server. want authenticate user secure service (in spring application), used restful api tickets user. able tickets 2 step call cas/v1/tickets , cas/v1/tickets/{tgt} secure service, when tried call service using generated ticket

localhost:8080/secure1?ticket?st-ttyyy..." returns response content of cas login page.

i think, missing point in configuration either

"services.xml" of spring application or in cas configuration.

spring app settings.xml

<bean id="pgtstorage"     class="org.jasig.cas.client.proxy.proxygrantingticketstorageimpl"/>      <bean id="serviceproperties" class="org.springframework.security.cas.serviceproperties">         <property name="service" value="http://localhost:8080/eformrestserver/business/user/10000007" />         <property name="sendrenew" value="false" />         <property name="artifactparameter" value="ticket"/>     </bean>  <security:http create-session="stateless" use-expressions="true" entry-point-ref="casentrypoint">                     <security:anonymous enabled="true" />             <security:custom-filter position="cas_filter" ref="casfilter" />         </security:http>           <bean id="casfilter"         class="org.springframework.security.cas.web.casauthenticationfilter">         <property name="authenticationmanager" ref="authenticationmanager" />         <property name="proxygrantingticketstorage" ref="pgtstorage"/>     <property name="proxyreceptorurl" value="/business/test"/>     <property name="serviceproperties" ref="serviceproperties"/>     <property name="authenticationdetailssource">       <bean class=         "org.springframework.security.cas.web.authentication.serviceauthenticationdetailssource"/>     </property>     </bean> <bean id="casentrypoint"         class="org.springframework.security.cas.web.casauthenticationentrypoint">         <property name="loginurl"             value="http://localhost:8080/cas/login" />             <property name="serviceproperties" ref="serviceproperties" />     </bean>  <!-- delegate authorization method calls rather urls -->  <!-- (thus, don't need set url-interceptor in conf) -->  <security:global-method-security pre-post-annotations="enabled" />     <bean id="restauthenticationentrypoint" class="com.eform.rest.service.restauthenticationentrypoint" />     <bean id="myfilter" class="org.springframework.security.web.authentication.usernamepasswordauthenticationfilter">         <property name="authenticationmanager" ref="authenticationmanager" />     </bean>        <bean id="casauthenticationprovider"         class="org.springframework.security.cas.authentication.casauthenticationprovider">         <property name="userdetailsservice" ref="userservice" />         <property name="serviceproperties" ref="serviceproperties" />         <property name="ticketvalidator">       <bean class="org.jasig.cas.client.validation.cas20proxyticketvalidator">         <constructor-arg value="https://localhost:8443/cas"/>         <property name="proxycallbackurl"             value="localhost:8080/eformrestserver/business"/>         <property name="proxygrantingticketstorage" ref="pgtstorage"/>       </bean>     </property>     <property name="statelessticketcache">       <bean class="org.springframework.security.cas.authentication.ehcachebasedticketcache">         <property name="cache">           <bean class="net.sf.ehcache.cache"               init-method="initialise" destroy-method="dispose">             <constructor-arg value="castickets"/>             <constructor-arg value="50"/>             <constructor-arg value="true"/>             <constructor-arg value="false"/>             <constructor-arg value="3600"/>             <constructor-arg value="900"/>           </bean>         </property>       </bean>     </property>         <property name="key" value="an_id_for_this_auth_provider_only" />     </bean>     <bean name="http403forbiddenentrypoint"         class="org.springframework.security.web.authentication.http403forbiddenentrypoint" />     <security:authentication-manager alias="authenticationmanager">         <security:authentication-provider             ref="casauthenticationprovider" />     </security:authentication-manager>     <security:jdbc-user-service id="userservice"         data-source-ref="datasource"         users-by-username-query="select user_name, password, true user user_name = ?"         authorities-by-username-query="select u.user_name, r.role user u,user_role r u.role_id=r.role , user_name = ?" /> 

please me resolve problem.

thanks

after comparing study demo, think missing following configuration :

<bean id="serviceproperties"       class="org.springframework.security.cas.serviceproperties">   ...   <property name="authenticateallartifacts"       value="true"/> </bean> 

see spring security reference documentation 22.3.4 proxy ticket authentication.


Comments

Popular posts from this blog

css - Which browser returns the correct result for getBoundingClientRect of an SVG element? -

gcc - Calling fftR4() in c from assembly -

.htaccess - Matching full URL in RewriteCond -