Getting stuck in redirection loop after successful login in Java cas client

Question

I have given past one month to CAS server and CAS client as well but not get proper solution for my application yet, Please help.

Here is my brief explanation:-

I have two applications, one in Java and other is in ROR. I have setup CAS SERVER in JAVA, I am using self-signed certificate for CAS server and it is working well.

ROR application:- Installed RubyCAS-client and it is also working well.

I am facing problem in JAVA cas client. I have tried this on http and https both but every time it stuck in the redirection loop. My application(client) has started but no information is publishing in the logs on the other hand CAS server issued 11 tickets every time. here is the log:

2014-03-01 00:50:02,540 INFO [org.jasig.cas.authentication.AuthenticationManagerImpl] -  <AuthenticationHandler: org.jasig.cas.adaptors.jdbc.QueryDatabaseAuthenticationHandler successfully authenticated the user which provided the following credentials: [username: ankit@yopmail.com]>
2014-03-01 00:50:02,574 INFO [org.jasig.cas.CentralAuthenticationServiceImpl] - <Granted service ticket [ST-1-h6DqHWTp273M0N3IQTC5-localhost] for service [https://localhost:8444/Testing/j_spring_cas_security_check] for user [ankit@yopmail.com]>
2014-03-01 00:50:02,606 INFO [org.jasig.cas.CentralAuthenticationServiceImpl] - <Granted service ticket [ST-2-Qh2p1wolMX3j2UcVVeaF-localhost] for service [https://localhost:8444/Testing/j_spring_cas_security_check] for user [ankit@yopmail.com]>
2014-03-01 00:50:02,617 INFO [org.jasig.cas.CentralAuthenticationServiceImpl] - <Granted service ticket [ST-3-LiZI7QvcB43bKQiwi3xs-localhost] for service [https://localhost:8444/Testing/j_spring_cas_security_check] for user [ankit@yopmail.com]>
2014-03-01 00:50:02,630 INFO [org.jasig.cas.CentralAuthenticationServiceImpl] - <Granted service ticket [ST-4-QaXXQFaBc3CUIBJR1Woe-localhost] for service [https://localhost:8444/Testing/j_spring_cas_security_check] for user [ankit@yopmail.com]>
2014-03-01 00:50:02,645 INFO [org.jasig.cas.CentralAuthenticationServiceImpl] - <Granted service ticket [ST-5-cRQHG2R4nZpM3ezooIEf-localhost] for service [https://localhost:8444/Testing/j_spring_cas_security_check] for user [ankit@yopmail.com]>
2014-03-01 00:50:02,675 INFO [org.jasig.cas.CentralAuthenticationServiceImpl] - <Granted service ticket [ST-6-6e5UloJAcWVZjcc50q75-localhost] for service [https://localhost:8444/Testing/j_spring_cas_security_check] for user [ankit@yopmail.com]>
2014-03-01 00:50:02,687 INFO [org.jasig.cas.CentralAuthenticationServiceImpl] - <Granted service ticket [ST-7-5p3xSzrmkti5NkywLHfY-localhost] for service [https://localhost:8444/Testing/j_spring_cas_security_check] for user [ankit@yopmail.com]>
2014-03-01 00:50:02,699 INFO [org.jasig.cas.CentralAuthenticationServiceImpl] - <Granted service ticket [ST-8-fIDLeujFBsT9c0ftx4iR-localhost] for service [https://localhost:8444/Testing/j_spring_cas_security_check] for user [ankit@yopmail.com]>
2014-03-01 00:50:02,710 INFO [org.jasig.cas.CentralAuthenticationServiceImpl] - <Granted service ticket [ST-9-x1sldmLaHMe9bfhbNwEX-localhost] for service [https://localhost:8444/Testing/j_spring_cas_security_check] for user [ankit@yopmail.com]>
2014-03-01 00:50:02,734 INFO [org.jasig.cas.CentralAuthenticationServiceImpl] - <Granted service ticket [ST-10-vaGd3Obh9sBeKDDJoHPf-localhost] for service [https://localhost:8444/Testing/j_spring_cas_security_check] for user [ankit@yopmail.com]>
2014-03-01 00:50:02,745 INFO [org.jasig.cas.CentralAuthenticationServiceImpl] - <Granted service ticket [ST-11-5mnVJS4AabPKx2vXxrWy-localhost] for service [https://localhost:8444/Testing/j_spring_cas_security_check] for user [ankit@yopmail.com]>

now my problem is I am not redirecting on the destination properly. Here is my application-security-context.xml file:-

<security:global-method-security secured-annotations="disabled"></security:global-method-security>
<security:http auto-config="false" entry-point-ref="casAuthenticationEntryPoint">
<security:intercept-url pattern="/js/**" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
<security:intercept-url pattern="/css/**" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
<security:intercept-url pattern="/img/**" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
<security:intercept-url pattern="/emailtemplate/**" access="IS_AUTHENTICATED_ANONYMOUSLY"/>

<security:intercept-url pattern="/index.jsp" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
<security:intercept-url pattern="/p/**" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
<security:intercept-url pattern="/dashboard" access="ROLE_USER, ROLE_ADMIN"/>
<security:intercept-url pattern="/admin/**" access="ROLE_ADMIN"/>
<security:intercept-url pattern="/user/**" access="ROLE_USER"/>

<security:intercept-url pattern="/**" access="ROLE_USER, ROLE_ADMIN"/>
<security:custom-filter after="CAS_FILTER" ref="casAuthenticationFilter"/>
<security:logout logout-success-url="/login"/>

</security:http>

<bean id="successHandler" class="com.testing.security.AuthenticationSuccessHandler">
<property name="defaultTargetUrl" value="/dashboard"/>
</bean>
<bean id="failureHandler" class="org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler">
<property name="defaultFailureUrl" value="/login"/>
</bean>

<security:authentication-manager alias="authenticationManager">
<security:authentication-provider ref="casAuthenticationProvider"/>
</security:authentication-manager>
<bean id="serviceProperties" class="org.springframework.security.cas.ServiceProperties">
<property name="service" value="https://localhost:8444/Testing/j_spring_cas_security_check"/>

  <property name="sendRenew" value="false"></property> 

</bean>

<bean id="casAuthenticationFilter" class="org.springframework.security.cas.web.CasAuthenticationFilter">
<property name="authenticationManager" ref="authenticationManager"/>
<property name="filterProcessesUrl" value="https://localhost:8444/Testing/j_spring_cas_security_check" />
    <property name="authenticationSuccessHandler">
       <bean class="org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler"
         p:alwaysUseDefaultTargetUrl="true"
         p:defaultTargetUrl="/dashboard"/>

<bean id="casAuthenticationEntryPoint" class="org.springframework.security.cas.web.CasAuthenticationEntryPoint">
<property name="loginUrl" value="https://localhost:8443/casserver3421/login"/>

<property name="serviceProperties" ref="serviceProperties"/>

<bean id="casAuthenticationProvider" class="org.springframework.security.cas.authentication.CasAuthenticationProvider">
<property name="userDetailsService" ref="userDetailsService"/>
<property name="serviceProperties" ref="serviceProperties"/>
<property name="ticketValidator">
<bean class="org.jasig.cas.client.validation.Cas20ServiceTicketValidator">
<constructor-arg index="0" value="https://localhost:8443/casserver3421"/>
</bean>
</property>
<property name="key" value="my_password_for_this_auth_provider_only"/>
</bean>

please help. Thanks in advance.

Answer 1

I saw the documentation of Spring CAS and in sample about CasAuthenticationFilter is equals to

  <bean id="casFilter"
    class="org.springframework.security.cas.web.CasAuthenticationFilter">
    <property name="authenticationManager" ref="authenticationManager"/>
  </bean>

Maybe you should exclude the extra configuration like SavedRequestAwareAuthenticationSuccessHandler

Documentation