I need to secure my RESTful stateless webservices with CAS and right now I'm trying to follow this Spring Stateless CAS demo but continuously getting a following error:
22:42:27.885 [http-nio-8443-exec-8] [first-spring-stateless] DEBUG o.s.s.c.web.CasAuthenticationFilter - Authentication request failed: org.springframework.security.authentication.BadCredentialsException:
The supplied proxy callback url 'https://localhost:8443/first-spring-stateless/j_spring_cas_security_proxyreceptor' could not be authenticated.
when accessing https://localhost:8443/first-spring-cas/testProxy.do
url
This is for example my appointmentServiceUrl
- https://localhost:8443/first-spring-stateless/appointment.jsp?ticket=PT-110-a2a6eOE3lwImcwGpZ2Jp-cas.example.com
What can be a reason of that ?
Solved by adding
<property name="proxyReceptorUrl" value="/j_spring_cas_security_proxyreceptor"/>
to casFilter
This is casFilter
in the applicationContext-security.xml
:
<bean id="casFilter"
class="org.springframework.security.cas.web.CasAuthenticationFilter">
<property name="authenticationManager" ref="authenticationManager"/>
<property name="proxyGrantingTicketStorage" ref="pgtStorage"/>
<property name="serviceProperties" ref="serviceProperties"/>
<property name="proxyReceptorUrl" value="/j_spring_cas_security_proxyreceptor"/>
<property name="authenticationDetailsSource">
<bean class="org.springframework.security.cas.web.authentication.ServiceAuthenticationDetailsSource"/>
</property>
</bean>