Stack Overflow
Stack Overflow

Questions tagged [spring-security-cas]

Deals with questions specifically related to Spring Framework's Central Authentication Services (CAS).

Spring Security (formerly known as Acegi Security) is the Spring Framework's application security solution. Spring security can be used to secure URLs and method invocations. It is widely used to secure standalone web applications, portlets and increasingly REST applications. This deals with questions specifically related to Spring Framework's Central Authentication Services (CAS).

32 questions
1
vote
0 answers

(Grails plugin) Spring Security Single Signout

I'm trying to understand how Spring Security handles Single Signout. I'm using a CAS server with multiple Grails apps. Here is my scenario: App #1 & Login User navigates to Grails app #1. app #1 has no authentication data for the User, and…
Keith
  • 161
  • 2
  • 7
1
vote
0 answers

securing controller added to jasig cas 3.5.2

I have been tasked with adding password change functionality to our CAS Server, but am new to CAS as well as Spring. I have successfully added a multi action controller to the overlay, but I am at a loss as to how to secure the views and require…
user2638981
  • 11
  • 2
1
vote
1 answer

Grails-SpringSec depends on JARs that aren't in Maven Central?

I am trying to configure a Grails app to use the latest stable SpringSec-CAS plugin and for the life of me cannot find the proper version of both SpringSec and the plugin I should be using. I am on Grails 2.3.6. What should I include in…
DirtyMikeAndTheBoys
  • 1,077
  • 3
  • 15
  • 29
1
vote
1 answer

Spring Security with CAS and Forms login

I am writing an application that needs to use CAS authentication for employees, and a username/password form login (which validates against a database table) for customers. The idea is the front page would have a link to send them to CAS for…
Mark
  • 1,754
  • 3
  • 26
  • 43
1
vote
1 answer

Customizing Spring CAS j_spring_cas_security_check URL

I'm using CAS 3.5.2 and Spring CAS extension. I'm trying to change j_spring_cas_security_check (and similar one for logout) URL to something like security_check. I read in Spring documentation that Back in the service web application, the…
Swapnil
  • 8,201
  • 4
  • 38
  • 57
1
vote
1 answer

Setting up Pre auth filter for CasAuthenticationFilter

I've a Spring Jasig CAS SSO set up for a couple of applications. This uses CasAuthenticationFilter. So I've webapps set up like these - Cas Server (Cas 3.5.2) - Cas.war, App1 - App1.war and App2 - App2.war. Applications use Spring 3.2.3 and Spring…
Swapnil
  • 8,201
  • 4
  • 38
  • 57
0
votes
0 answers

Android CAS framework - Does it work for AOSP Settop box OR only for Android TV?

Problem - 1)Use of Android CAS framework to add "Security" for IPTV boxes 2)if i use this framework, will it work with widevine library 3) can we also generate our keys for encryption and decryption? 4) Each CAS guy like verimatrix, NSTV may have…
suraj1983
  • 1
  • 1
0
votes
1 answer

Grails 3.3.2 Spring Security CAS not working through load balancer but works fine through internal server it is deployed on

we have a Grails 3.3.2 app that is using Spring Security Core and Spring Security CAS plugins. With a custom userDetailsService class for getting the user information from a Oracle Database. This app logs in through CAS just fine when hitting the…
Michael Stockman
  • 15
  • 3
0
votes
1 answer

How the CAS client (spring boot + spring security) can get more fields from CAS Server?

I read this article CAS SSO With Spring Security and run successfully the source code, but this client only get username, I hope my client need more fields from CAS server. In my previous CAS client using traditional SpringMVC, I can get all fileds…
abelard2008
  • 1,984
  • 1
  • 20
  • 35
0
votes
1 answer

Spring Security CAS and HttpBasic, CasAuthentcationProvider not invoked after ticket granted

I have a maven multi-modules application where the main module depends on others. This main module is secured with Spring Security CAS and submodules required a basic authentication. This is a example of the security configuration of a…
akuma8
  • 4,160
  • 5
  • 46
  • 82
0
votes
1 answer

Spring Security CAS: show client error on login.jsp

I'm using Spring Security with CAS and have the following issue. When the authentication error is thrown from CAS Server (e.g. invalid username/password) it is shown well in form and is displayed correctly using tag:
yyunikov
  • 5,719
  • 2
  • 43
  • 78
0
votes
1 answer

jasig cas too many redirects issue

I'm trying to secure a spring-boot web application using spring security and spring-security-cas (SSO with Jasig CAS). I'm facing a too many redirects error when trying to access a protected resources. The project is available here Do you see any…
IKane
  • 275
  • 2
  • 8
  • 17
0
votes
1 answer

Determine CAS user automatically on public (permitAll()) page

I am using Spring Security with Spring Boot and authenticate my users via JASIG CAS. Some of the pages require explicitly authentication (.authenticated()) and some of them are for all users. Now there is a certain area in the menu, which indicates…
mailman
  • 149
  • 1
  • 10
0
votes
1 answer

Spring Security with CAS redirect loop

I've been stumbling for the last few days on a redirect loop when integrating a CAS SSO to one of my web app. This happens just after I've logged in thanks to the CAS I've been monitoring the requests that are being exchanged between the CAS and my…
Jonathan Taws
  • 1,168
  • 11
  • 24
0
votes
1 answer

Concurrent session control classes never invoked

This is using Spring Security 4.0 RELEASE and Spring Security CAS. I'm setting up session concurrency management using Java Config: http .sessionManagement() .maximumSessions(1) .maxSessionsPreventsLogin(false) …
user180940
  • 324
  • 1
  • 18
1
2
3