How to make Spring Security and cas work with Multiples urls pointing to the same server

Question

Im facing a really tricky situation on my job. Users can acess our site by using 2 distincts urls:

http://mycorporation.com/myapp/ and http://portal.mycorporation.com/myapp/

The problem i am facing is that spring security and cas configuration seems to only work for a single url hard coded:

<bean id="serviceProperties"
        class="org.springframework.security.cas.ServiceProperties">
        <property name="service" value="http://${myapp.hostname}/${myapp.appname}/j_spring_cas_security_check"/>
        <property name="sendRenew" value="false"/>
        <property name="setAuthenticateAllArtifacts" value= "true"/>
    </bean>

So my question is, there is any way of detecting the url used at runtime? During my research i came across this answer but the part where he seems to retrieve the current url i could'nt get it right since i dont use HATEOAS.

I can give any addicional info if required. Also, forgive my english. I am not a native.

here is the whole spring security config:

<security:global-method-security secured-annotations="enabled" />

    <security:http auto-config="true" use-expressions="true" entry-point-ref="casEntryPoint">
        <security:intercept-url pattern="/" access="permitAll" />
        <security:intercept-url pattern="/protected/**" access="isAuthenticated()" />
        <security:custom-filter position="CAS_FILTER" ref="casFilter"/>
        <security:custom-filter ref="ajaxTimeoutRedirectFilter" after="EXCEPTION_TRANSLATION_FILTER"/>
        <security:custom-filter ref="requestSingleLogoutFilter" before="LOGOUT_FILTER"/>
        <security:custom-filter ref="singleLogoutFilter" before="CAS_FILTER"/>
    </security:http>

    <!-- Carrega configuracoes do Ambiente em Execucao -->          
    <context:property-placeholder location="classpath:environment.properties"/>

    <!-- Definicao da aplicacao, cuja autenticacao sera gerenciada pelo CAS -->
    <bean id="serviceProperties"
        class="org.springframework.security.cas.ServiceProperties">
        <property name="service" value="http://${example.hostname}/${example.appname}/j_spring_cas_security_check"/>
        <property name="sendRenew" value="false"/>
    </bean>

    <!-- Definicao da filtro das requisições ajax para verificar se a sessão expirou -->
    <bean id="ajaxTimeoutRedirectFilter" class="com.example.util.AjaxTimeoutRedirectFilter">
        <property name="customSessionExpiredErrorCode" value="901"/>
    </bean>

    <!-- Filtro de Autenticacao utilizado pelo CAS -->
    <bean id="casFilter"
        class="org.springframework.security.cas.web.CasAuthenticationFilter">
        <property name="authenticationManager" ref="authenticationManager"/>
    </bean>

    <!-- Ponto de entrada do CAS - Pagina de Login -->
    <bean id="casEntryPoint"
        class="org.springframework.security.cas.web.CasAuthenticationEntryPoint">
        <property name="loginUrl" value="https://login.example.com/cas/login"/>
        <property name="serviceProperties" ref="serviceProperties"/>
    </bean>

    <!-- Definicao do Gerenciador de Autenticacao -->
    <security:authentication-manager alias="authenticationManager">
        <security:authentication-provider ref="casAuthenticationProvider" />
    </security:authentication-manager>

    <!-- Configuracao da Autenticacao realizada pelo CAS -->
    <bean id="casAuthenticationProvider"
        class="org.springframework.security.cas.authentication.CasAuthenticationProvider">
        <property name="authenticationUserDetailsService">
        <bean class="org.springframework.security.core.userdetails.UserDetailsByNameServiceWrapper">             
            <constructor-arg ref="userService" />
        </bean>
        </property>
        <property name="serviceProperties" ref="serviceProperties" />
        <property name="ticketValidator">
            <bean class="org.jasig.cas.client.validation.Cas20ServiceTicketValidator">
                <constructor-arg index="0" value="https://login.example.mp.br/cas" />
            </bean>
        </property>
        <property name="key" value="an_id_for_this_auth_provider_only"/>
    </bean>

    <!-- Retorna o usuario do LDAP a partir do login e senha passado ao CAS -->
    <bean id="CustomLDAPUserContextMapper" class="com.example.util.CustomLDAPUserContextMapper"></bean>
    <security:ldap-server url="ldap://11.111.1.111:389/o=example"/>
    <security:ldap-user-service id="userService"
        user-search-filter="(&amp; (objectclass=person) (mail={0}) )" 
        group-search-filter="(uniqueMember={0})"
        user-context-mapper-ref="CustomLDAPUserContextMapper"
        />

    <!-- Este filtro lanca um requisicao de Single Sign-out a partir do servidor CAS -->
    <bean id="singleLogoutFilter" class="org.jasig.cas.client.session.SingleSignOutFilter"/>

    <!-- Este filtro redireciona para o servidor CAS para que o Single Sign-out seja tratado -->
    <bean id="requestSingleLogoutFilter"
        class="org.springframework.security.web.authentication.logout.LogoutFilter">
        <constructor-arg value="https://example.com/cas/logout"/>
        <constructor-arg>
            <bean class="org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler"/>
        </constructor-arg>
        <property name="filterProcessesUrl" value="/j_spring_cas_security_logout"/>
    </bean>

Answer 1

The CasAuthenticationEntryPoint (casEntryPoint bean) has a createServiceUrl() method.
You could override that to pick the correct service (by calling CommonUtils.constructServiceUrl() with appropriate parameters).