Comments (17)
kakawait
commented on June 11, 2024
@Panmax Thank you for feedback, can you please share with me your configuration file?
The strange thing is the multiple '?' char between url.
And if you have more log on log output :)
from cas-security-spring-boot-starter.
Panmax
commented on June 11, 2024
this is my config file:
server:
port: 8081
security:
cas:
server:
base-url: http://127.0.0.1:8080/cas/
service:
resolution-mode: dynamic
ignored: /ignored
and there is no error log in terminal.
this config is ok:
server:
port: 8081
security:
cas:
server:
base-url: http://127.0.0.1:8080/cas/
service:
base-url: http://127.0.0.1:8081
ignored: /ignored
from cas-security-spring-boot-starter.
kakawait
commented on June 11, 2024
In fact it's more an issue with static mode which does not compute URL correctly
http://localhost:8781/cas/p3/proxyValidate?pgtUrl=%2Fcas%2Fproxy-callback&ticket=ST-12-jcxNnklCEm3bIEIdjbb7-6caae9445ce0&service=http%3A%2F%2F127.0.0.1%3A8080%2Flogin
Check pgtUrl parameter is not a valid url, thus is disabling pgt callback.
I think when fixed you will have same problem with static and dynamic.
Does your CAS server is able to contact your service, during PGT callback process?
from cas-security-spring-boot-starter.
kakawait
commented on June 11, 2024
@Panmax When 0.1.2 will be released can you please upgrade your configuration like following:
server:
port: 8081
security:
cas:
server:
base-url: http://127.0.0.1:8080/cas/
service:
proxy-callback-enabled: false
resolution-mode: dynamic
ignored: /ignoredfrom cas-security-spring-boot-starter.
Panmax
commented on June 11, 2024
ok, i will try. thank you.
from cas-security-spring-boot-starter.
kakawait
commented on June 11, 2024
I will release it in 5min (+ time to maven central to be fresh)
from cas-security-spring-boot-starter.
Panmax
commented on June 11, 2024
i am a new CAS user, i don't know what's PGT callback process.
from cas-security-spring-boot-starter.
Panmax
commented on June 11, 2024
My CAS config :
server.context-path=/cas
cas.server.port=
cas.server.http.port=8080
cas.server.name: http://127.0.0.1:8080
cas.server.prefix: http://127.0.0.1:8080/cas
cas.adminPagesSecurity.ip=127\.0\.0\.1
logging.config: file:/etc/cas/config/log4j2.xml
# cas.serviceRegistry.config.location: classpath:/services
cas.authn.accept.users=
server.ssl.enabled=false
cas.tgc.secure=false
cas.warningCookie.secure=false
cas.logout.followServiceRedirects=true
cas.authn.jdbc.query[0].sql=select password from account where username=?
cas.authn.jdbc.query[0].healthQuery=SELECT 1 FROM INFORMATION_SCHEMA.VIEWS
cas.authn.jdbc.query[0].isolateInternalQueries=false
cas.authn.jdbc.query[0].url=jdbc:mysql://localhost:3306/jupiter?&useUnicode=true&characterEncoding=UTF-8&autoReconnect=true&useSSL=false
cas.authn.jdbc.query[0].failFast=true
cas.authn.jdbc.query[0].isolationLevelName=ISOLATION_READ_COMMITTED
cas.authn.jdbc.query[0].dialect=org.hibernate.dialect.MySQL56InnoDBDialect
cas.authn.jdbc.query[0].leakThreshold=10
cas.authn.jdbc.query[0].propagationBehaviorName=PROPAGATION_REQUIRED
cas.authn.jdbc.query[0].batchSize=1
cas.authn.jdbc.query[0].user=root
cas.authn.jdbc.query[0].ddlAuto=update
cas.authn.jdbc.query[0].maxAgeDays=180
cas.authn.jdbc.query[0].password=
cas.authn.jdbc.query[0].autocommit=false
cas.authn.jdbc.query[0].driverClass=com.mysql.jdbc.Driver
cas.authn.jdbc.query[0].idleTimeout=500
cas.authn.jdbc.query[0].passwordEncoder.type=DEFAULT
cas.authn.jdbc.query[0].passwordEncoder.encodingAlgorithm=MD5
from cas-security-spring-boot-starter.
kakawait
commented on June 11, 2024
@Panmax Unfortunately I'm most a CAS client user than CAS server power user so I can't help you with CAS server configuration.
About proxy callback you may find some useful information here https://wiki.jasig.org/display/CAS/Proxy+CAS+Walkthrough
But to summaries, when client validate the ticket using /serviceValidate or /proxyValidate API if you add pgtUrl as parameter (see specification) then CAS server will contact your server (is new request, CAS server will use its own http client) to send you PGT proxy granting ticket ticket (ticket that in mandatory to ask PT proxy ticket ticket). But if CAS server is not able to contact your server (network issue, DNS issue, etc?) it will break the flow.
from cas-security-spring-boot-starter.
Panmax
commented on June 11, 2024
i understood, thank you very much.
from cas-security-spring-boot-starter.
kakawait
commented on June 11, 2024
@Panmax After more thinking I will change configuration, I will delete proxy-callback-enabled property instead I will do other way. I will keep you in touch
from cas-security-spring-boot-starter.
Panmax
commented on June 11, 2024
ππ»
from cas-security-spring-boot-starter.
Panmax
commented on June 11, 2024
i upgrade to 0.1.2 but when i visit my site, it doesn't redirect to CAS login page, but shows Hello anonymous.
from cas-security-spring-boot-starter.
kakawait
commented on June 11, 2024
Artifact is not yet upload. I think maven simply just not find the artifact that has disable starter since maven can't fetch it
from cas-security-spring-boot-starter.
Panmax
commented on June 11, 2024
alrightπ
from cas-security-spring-boot-starter.
kakawait
commented on June 11, 2024
@Panmax with this new PR you will no need to change your initial configuration, so please keep
server:
port: 8081
security:
cas:
server:
base-url: http://127.0.0.1:8080/cas/
service:
resolution-mode: dynamic
ignored: /ignoredfrom cas-security-spring-boot-starter.
kakawait
commented on June 11, 2024
@Panmax Just deploy to maven central, you should now use 0.1.2 version
from cas-security-spring-boot-starter.
Related Issues (20)
- Securing CORS RestAPI HOT 1
- Where is 1.0.0-beta-1 built from? HOT 6
- Cannot get targetUrl HOT 5
- Does it support set `ignorePattern` HOT 4
- Integration tests
- Invalid custom permission validation HOT 5
- Support for Saml11TicketValidator HOT 1
- Endpoint which authenticate from CAS Server HOT 1
- Whether it is suitable for front-end projects HOT 4
- Configuration question HOT 1
- Proxy Ticket Validator Configuration Property HOT 1
- Replace PostConstruct
- Fix JDK11 build
- Compilation error java-cas-client 3.6.1 HOT 1
- [Question] How to extract attributes from XML document return by ticket validation? HOT 1
- CAS logout custom configuration logout success url ? HOT 1
- CAS Proxy Authentication HOT 6
- Problem with Logout HOT 3
- Use springboot 2.7.0+ with SecurityFilterChain instead of deprecated WebSecurityConfigurerAdapter HOT 1
- When will it be possible to use this library with spring boot 3?
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. πππ
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google β€οΈ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from cas-security-spring-boot-starter.