[jboss-user] [JBoss Portal] - Unauthenticated /sec Access with CAS enabled
iliap
do-not-reply at jboss.com
Mon Dec 1 17:38:46 EST 2008
Hello All,
I'm having some trouble configuring what url patterns Portal deems worthy of CAS authentication. Specifically, I have a registration section of the portal that is SSL encrypted under a "/sec" URL, but does not require the user to be authenticated. This works fine with CAS disabled by commenting out the CAS Valve snippet in jboss-portal.sar/portal-server.war/WEB-INF/context.xml:
|
| <Valve className="org.jboss.portal.identity.sso.cas.CASAuthenticationValve"
| casLogin="https://MYHOST:8443/cas/login"
| casLogout="https://MYHOST:8443/cas/logout"
| casValidate="https://MYHOST:8443/cas/serviceValidate"
| casServerName="MYHOST:8443"
| authType="FORM"
| />
|
If I enable CAS, the user is redirected to the CAS login page once they hit a URL with "/sec" in it. In the logs, there is the following debug message:
| 2008-12-01 22:29:25,140 DEBUG [org.jboss.portal.identity.sso.cas.CASAuthenticationValve] Checking if requested uri '/portal/sec/portal/default/registration/Registration+Request' matches secured url patterns: [/sec/, /authsec/, /auth/]
|
Why would it try to authenticate on "/sec" with CAS enabled, but not when it is disabled?
Thanks,
Ilia
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4193599#4193599
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4193599
More information about the jboss-user
mailing list