堆栈内存溢出
  繁体   English   中英

cas + spring安全

[英]cas+spring security

 原文  2012-09-28 10:19:59       java/ spring/ spring-security/ cas/ jasig

问题描述

我正在尝试在我的应用程序中实现SSO,到目前为止,我遇到了下一个问题: 

HTTP Status 401 - Authentication Failed: Failed to provide a CAS service ticket to validate

type Status report

message Authentication Failed: Failed to provide a CAS service ticket to validate

description This request requires HTTP authentication (Authentication Failed: Failed to provide a CAS service ticket to validate).

我在不同的tomcat上启动cas服务器,然后在其中登录,然后在我的应用程序中登录页面时,然后:1.然后没有自动登录2.当我输入凭据时,我看到上面显示的stacktrace我从该站点举了一个例子。

这是我的春季安全上下文: 

<security:global-method-security  pre-post-annotations="enabled" />

    <security:http use-expressions="true" auto-config="true"
        entry-point-ref="casAuthenticationEntryPoint" >

    <security:custom-filter position="CAS_FILTER" ref="casAuthenticationFilter"></security:custom-filter>

        <security:access-denied-handler  ref="accessDeniedHandler" />

        <security:form-login login-page="/login.html"
            authentication-failure-url="/login.html?login_error=1"
            default-target-url="/index.html" 
            always-use-default-target="false"
            login-processing-url="/j_spring_security_check"
            authentication-failure-handler-ref="failureHandler"
            authentication-success-handler-ref="successHandler" />
        <security:logout logout-url="/logout" logout-success-url="/login.html" />

        <security:intercept-url pattern="/member/**" access="hasRole('viewer')" />
        <security:intercept-url pattern="/admin/**" access="hasRole('SiteAdmin')" />
        <security:intercept-url pattern="/admin/**" access="hasRole('SystemAdmin')" />

        <security:remember-me />
    </security:http>

    <security:authentication-manager alias="authenticationManager">
        <security:authentication-provider user-service-ref="myUserDetailsService" />
        <security:authentication-provider ref="casAuthenticationProvider"></security:authentication-provider>
    </security:authentication-manager>

    <bean id="myUserDetailsService"
        class="com.mypackage.MyUserDetailsService">
    </bean>

    <bean id="authenticationEntryPoint"
        class="org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint">
        <property name="loginFormUrl" value="/login.html" />
        <property name="forceHttps" value="false" />
    </bean>

    <bean id="successHandler"
        class="org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler">
        <property name="defaultTargetUrl" value="/member/index.html" />
    </bean>

    <bean id="failureHandler"
        class="org.springframework.security.web.authentication.ExceptionMappingAuthenticationFailureHandler">
        <property name="defaultFailureUrl" value="/login.html?error=auth_fail" />
    </bean>

    <bean id="bannedHandler"
        class="org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler">
        <property name="defaultFailureUrl" value="/login.html?error=banned" />
    </bean>

    <bean id="accessDeniedHandler"
        class="org.springframework.security.web.access.AccessDeniedHandlerImpl">
        <property name="errorPage" value="/403.jsp"></property>
    </bean>


    <bean id="serviceProperties" class="org.springframework.security.cas.ServiceProperties">
        <property name="service" value="http://localhost:8080/spring-security-cas/j_spring_cas_security_check"></property>
        <property name="sendRenew" value="false"></property>
    </bean> 

    <bean id="casAuthenticationFilter" class="org.springframework.security.cas.web.CasAuthenticationFilter">
        <property name="authenticationManager" ref="authenticationManager"></property>
    </bean>

    <bean id="casAuthenticationEntryPoint" class="org.springframework.security.cas.web.CasAuthenticationEntryPoint">
        <property name="loginUrl" value="http://localhost:9080/cas-server-webapp-3.4.10/login"></property>
        <property name="serviceProperties" ref="serviceProperties"></property>
    </bean>

    <bean id="casAuthenticationProvider" class="org.springframework.security.cas.authentication.CasAuthenticationProvider">
        <property name="userDetailsService" ref="myUserDetailsService"></property>
        <property name="serviceProperties" ref="serviceProperties"></property>
        <property name="ticketValidator">
            <bean class="org.jasig.cas.client.validation.Cas20ServiceTicketValidator">
                <constructor-arg index="0" value="http://localhost:9080/cas-server-webapp-3.4.10"></constructor-arg>
            </bean>
        </property>
        <property name="key" value="cas"></property>
    </bean>

在web.xml中,我包含了spring安全上下文并设置了适当的侦听器等。在pom(我使用maven)中,我添加了必需的依赖项,如本文所述。 但是问题仍然存在。 我很高兴有任何建议

2 个解决方案

解决方案1
 0 已采纳  2012-09-28 10:38:46

从错误消息“此请求需要HTTP身份验证”看来,您的CAS服务器已启用身份验证。 您需要停用它并通过HTML页面登录(即,它将是JSP,ASP或类似名称)。

解决方案2
 0  2017-11-03 02:19:48

我得到相同的踪迹 

<servlet-mapping>
    <servlet-name>springmvc</servlet-name>
    <url-pattern>*.do</url-pattern>
</servlet-mapping>

但是cas登录网址没有* .do后缀。当我添加.do时,效果很好。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 使用Spring Security 3实施CAS CAS + Spring安全性 Spring Security和CAS集成 CAS,Spring Security和不受保护的页面 Spring Security + CAS SSO AuthenticationManager CAS + Spring Security Detect本地主机 使用带有CAS的Spring Security过滤器的authenticationUserDetailsS​​ervice错误 带有CAS rest的Spring Security(直接登录) 使用cas进行Spring Security身份验证但是使用数据库进行授权 使用CAS的Spring Security会跳过会话固定保护
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM