You are viewing a plain text version of this content. The canonical link for it is here.

Posted to user@shiro.apache.org by johnrellis <jo...@gmail.com> on 2016/05/30 16:33:47 UTC

Configuring Shiro CAS for SSO

Hey folks,

I have a cas server running, version 4.2.1.

I have the following test service loaded

{
        "@class" : "org.jasig.cas.services.RegexRegisteredService",
          "serviceId" : "http://localhost:8080/CasTest/person/",
          "name" : "Test Service",
          "id" : 10000001
}

I am using the default casuser to try and understand what is going on.

I have a grails application running shiro 1.2.2 but I am having some
difficulty. the shiro config is below.

The first is when I hit http://localhost:8080/CasTest/person/ it just goes
straight to the error.jsp, I would expect it to redirect to CAS at this
point, if anyone could help explain why it isn't that would be great.

Second, if I just go to
https://10.5.5.50:8080/cas/login?service=http://localhost:8080/CasTest/person/
in my browser and log in, i am redirected back to my application with a
ticketId.  I can see the CasFilter being invoked by setting a breakpoint in
the source but I cannot see any attempt for the ticket to be verified
against the CAS service and I just hit error.jsp again.

Any tips would be appreciated here, I fear grails is making this more
difficult than it should be but hopefully I can piece it together.


My shiro config is below

[main]
casFilter = org.apache.shiro.cas.CasFilter
casFilter.failureUrl = /error.jsp

casRealm = org.apache.shiro.cas.CasRealm
casRealm.defaultRoles = ROLE_USER
casRealm.casServerUrlPrefix = https://10.5.5.50:8080/cas/login
casRealm.casService = http://localhost:8080/CasTest/person/

casSubjectFactory = org.apache.shiro.cas.CasSubjectFactory
securityManager.subjectFactory = \$casSubjectFactory

roles.loginUrl =
https://10.5.5.50:8080/cas/login?service=http://localhost:8080/CasTest/person/

[urls]
/person/** = casFilter




--
View this message in context: http://shiro-user.582556.n2.nabble.com/Configuring-Shiro-CAS-for-SSO-tp7581056.html
Sent from the Shiro User mailing list archive at Nabble.com.

Re: Configuring Shiro CAS for SSO

Posted by johnrellis <jo...@gmail.com>.

It looks like there's a grails plugin for shiro cas
https://grails.org/plugin/shiro-cas and it looks like this has all the
complication dealt with.

Thanks folks.
John



--
View this message in context: http://shiro-user.582556.n2.nabble.com/Configuring-Shiro-CAS-for-SSO-tp7581056p7581061.html
Sent from the Shiro User mailing list archive at Nabble.com.