java - 如何配置 CAS 以验证代理票证
问题描述
我已经在一台服务器上将 CAS 设置为 tomcat webapp。我正在使用来自另一台服务器的此服务来验证用户。在调用服务时,它会成功生成票证,并且还会授予票证。
当票证被验证时,它会抛出一个异常 filenotfound。下面提供了其中的片段。
这是为了使用与配置 CAS 的服务器不同的服务器中的 CAS。当我使用 CAS 并将我的应用程序部署在同一台服务器上时,它工作正常。当我将应用程序部署在与 CAS 不同的服务器中时,它会引发 filenot found 异常。
这是我的 spring-security-cas.xml 文件
http://www.springframework.org/schema/mvc/spring-mvc-3.2.xsd http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring- beans.xsd http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.2.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.2.xsd ">
<bean id="serviceProperties" class="org.springframework.security.cas.ServiceProperties">
<property name="service" value="${service-url-login}" />
<property name="sendRenew" value="false" />
<property name="authenticateAllArtifacts" value="true" />
</bean>
<bean id="casFilter" class="org.springframework.security.cas.web.CasAuthenticationFilter">
<property name="authenticationManager" ref="authenticationManager" />
<property name="proxyGrantingTicketStorage" ref="pgtStorage" />
<property name="proxyReceptorUrl" value="/j_spring_cas_security_proxyreceptor" />
<property name="serviceProperties" ref="serviceProperties" />
<property name="authenticationDetailsSource">
<bean class="org.springframework.security.cas.web.authentication.ServiceAuthenticationDetailsSource">
<constructor-arg ref="serviceProperties" />
</bean>
</property>
</bean>
<bean id="casEntryPoint" class="org.springframework.security.cas.web.CasAuthenticationEntryPoint">
<property name="loginUrl" value="${cas-url-login}" />
<property name="serviceProperties" ref="serviceProperties" />
</bean>
<bean id="casAuthenticationProvider"
class="org.springframework.security.cas.authentication.CasAuthenticationProvider">
<property name="authenticationUserDetailsService">
<bean
class="org.springframework.security.core.userdetails.UserDetailsByNameServiceWrapper">
<constructor-arg ref="userService" />
</bean>
</property>
<property name="serviceProperties" ref="serviceProperties" />
<property name="ticketValidator">
<bean class="org.jasig.cas.client.validation.Cas20ProxyTicketValidator">
<constructor-arg value="${cas-url-prefix}" />
<property name="acceptAnyProxy" value="true" />
</bean>
</property>
<property name="statelessTicketCache" ref="ehcacheBasedTicketCache" />
<property name="key" value="an_id_for_this_auth_provider_only" />
<property name="authoritiesMapper" ref="simpleAuthorityMapper" />
</bean>
<bean id="simpleAuthorityMapper" class="org.springframework.security.core.authority.mapping.SimpleAuthorityMapper">
<property name="defaultAuthority" value="ROLE_NORMAL_USER"></property>
<property name="prefix" value="ROLE_"></property>
</bean>
<bean id="ehcacheBasedTicketCache" class="org.springframework.security.cas.authentication.EhCacheBasedTicketCache">
<property name="cache">
<bean class="net.sf.ehcache.Cache" init-method="initialise" destroy-method="dispose">
<constructor-arg value="casTickets" />
<constructor-arg value="50" />
<constructor-arg value="true" />
<constructor-arg value="false" />
<constructor-arg value="3600" />
<constructor-arg value="900" />
<property name="cacheManager">
<bean class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean"></bean>
</property>
</bean>
</property>
</bean>
<bean id="singleLogoutFilter" class="org.jasig.cas.client.session.SingleSignOutFilter" />
<bean id="requestSingleLogoutFilter"
class="org.springframework.security.web.authentication.logout.LogoutFilter">
<constructor-arg value="${cas-url-logout-service}" />
<constructor-arg>
<bean class="org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler" >
<property name="invalidateHttpSession" value="true"></property>
<property name="clearAuthentication" value="true"></property>
</bean>
</constructor-arg>
<property name="filterProcessesUrl" value="/j_spring_cas_security_logout" />
</bean>
<bean id="pgtStorage" class="org.jasig.cas.client.proxy.ProxyGrantingTicketStorageImpl" />
这是正在引发的错误。
java.lang.RuntimeException: java.io.FileNotFoundException: https://test.nycompany.in/cas/proxyValidate?ticket=ST-10-YA1Eqcdz2lI57fojFazr-&service=https%3A%2F%2Fhub.mycompany.in%2Fj_spring_cas_security_check org.jasig.cas.client.util.CommonUtils.getResponseFromServer(CommonUtils.java:443) org.jasig.cas.client.validation.AbstractCasProtocolUrlBasedTicketValidator.retrieveResponseFromServer(AbstractCasProtocolUrlBasedTicketValidator.java:41) org.jasig.cas.client.validation。 AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:193) org.springframework.security.cas.authentication.CasAuthenticationProvider.authenticateNow(CasAuthenticationProvider.java:158) org.springframework.security.cas.authentication.CasAuthenticationProvider.authenticate(CasAuthenticationProvider.java:143) org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:174) org.springframework.security.cas.web.CasAuthenticationFilter.attemptAuthentication(CasAuthenticationFilter.java:270) org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:217) org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330) org.jasig.cas.client.session.SingleSignOutFilter。 doFilter(SingleSignOutFilter.java:97) org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330) org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:120) org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330) org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:120) org.springframework.security.web。 FilterChainProxy$VirtualFilterChain。doFilter(FilterChainProxy.java:330) org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:64) org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) org.springframework。 security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330) org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:53) org.springframework.web.filter.OncePerRequestFilter。 doFilter(OncePerRequestFilter.java:107) org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330) org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:91) org.弹簧框架。security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330) org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:213) org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java: 176) org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:344) org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:261) org.springframework.orm.hibernate4.support.OpenSessionInViewFilter。 doFilterInternal(OpenSessionInViewFilter.java:152) org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) 根本原因doFilterInternal(FilterChainProxy.java:213) org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:176) org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:344) org.springframework.web。 filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:261) org.springframework.orm.hibernate4.support.OpenSessionInViewFilter.doFilterInternal(OpenSessionInViewFilter.java:152) org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)根本原因doFilterInternal(FilterChainProxy.java:213) org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:176) org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:344) org.springframework.web。 filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:261) org.springframework.orm.hibernate4.support.OpenSessionInViewFilter.doFilterInternal(OpenSessionInViewFilter.java:152) org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)根本原因doFilter(DelegatingFilterProxy.java:261) org.springframework.orm.hibernate4.support.OpenSessionInViewFilter.doFilterInternal(OpenSessionInViewFilter.java:152) org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) 根本原因doFilter(DelegatingFilterProxy.java:261) org.springframework.orm.hibernate4.support.OpenSessionInViewFilter.doFilterInternal(OpenSessionInViewFilter.java:152) org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) 根本原因
java.io.FileNotFoundException: https://test.mycompany.in/cas/proxyValidate?ticket=ST-10-YA1Eqcdz2lI57fojFazr-&service=https%3A%2F%2Fhub.mycompany.in%2Fj_spring_cas_security_check sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1890) sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1492) sun.net.www.protocol.https。 HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:263) org.jasig.cas.client.util.CommonUtils.getResponseFromServer(CommonUtils.java:429) org.jasig.cas.client.validation.AbstractCasProtocolUrlBasedTicketValidator.retrieveResponseFromServer(AbstractCasProtocolUrlBasedTicketValidator.java:41) org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:193) org.springframework.security.cas.authentication.CasAuthenticationProvider.authenticateNow(CasAuthenticationProvider.java:158) org.springframework.security.cas.authentication。 CasAuthenticationProvider。authenticate(CasAuthenticationProvider.java:143) org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:174) org.springframework.security.cas.web.CasAuthenticationFilter.attemptAuthentication(CasAuthenticationFilter.java:270) org.springframework。 security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:217) org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330) org.jasig.cas.client.session.SingleSignOutFilter.doFilter( SingleSignOutFilter.java:97) org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330) org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:120) org.弹簧框架。security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330) org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:120) org.springframework.security.web.FilterChainProxy$VirtualFilterChain。 doFilter(FilterChainProxy.java:330) org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:64) org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) org.springframework。 security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330) org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:53) org.springframework.web.filter.OncePerRequestFilter。 doFilter(OncePerRequestFilter.java:107) org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330) org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:91) org.springframework.security.web。 FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330) org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:213) org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:176) org. springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:344) org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:261) org.springframework.orm.hibernate4.support.OpenSessionInViewFilter.doFilterInternal(OpenSessionInViewFilter.爪哇:152) org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
我在我的 CAS 中取消了 host.name 属性,例如 host.name= 以便它接受来自不同域服务器的请求。
我希望这可以验证我的应用程序中的代理票证。
解决方案
我只是有同样的问题。来自浏览器的消息中的 URL,java.lang.RuntimeException: java.io.FileNotFoundException was reachable它与 CAS 6.0 一起正常工作,登录用户。
几次尝试后,我看到运行该应用程序的机器可以 ping 请求的域,但curl整个 URL 的结果为 404。
所以检查系统设置。
推荐阅读
- regex - 为什么这个正则表达式在我的骆驼路线中不匹配?
- python - 过滤numpy随机选择的结果
- python - 如何使用 numpy-quaternion 计算角速度
- android - RxJava:从数据库中检索数据并返回一个列表
- ruby-on-rails - 设计电子邮件加密
- python-3.x - Python 取消导入模块
- android - Firebase RecyclerView 中的 SearchView
- c# - 如何处理 System.Runtime.InteropServices.COMException (0x800706BA):RPC 服务器不可用。(来自 HRESULT 的异常:0x800706BA)
- java - 所有功能文件均未执行
- javascript - 如何仅使用 Nodejs 和 Express 通过 API 将数据发送到其他服务器?