Hi,
I'm using CAS to authenticate both with web interface and rest calls.
While trying to configure Surrogate authentication, it works with web interface but it doesn't with rest.
e.g.
curl -k -X POST \
-H 'Content-Type: application/x-www-form-urlencoded' \
-H 'cache-control: no-cache' \
-d 'token=true&username=myuser&password=mypwd'
it works
while
curl -k -X POST \
-H 'Content-Type: application/x-www-form-urlencoded' \
-H 'cache-control: no-cache' \
-d 'token=true&username=myuser+myprincipal&password=myprincipalpwd'
returns 401 (even with url-encoded parameters) with the following log:
2019-12-16 14:34:03,861 ERROR [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - <Authentication has failed. Credentials may be incorrect or CAS cannot find authentication handler that supports [UsernamePasswordCredential(username=myuser+myprincipal, source=null)] of type [UsernamePasswordCredential]. Examine the configuration to ensure a method of authentication is defined and analyze CAS logs at DEBUG level to trace the authentication event.>
2019-12-16 14:34:03,862 DEBUG [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - <[QueryDatabaseAuthenticationHandler] exception details: [myuser+myprincipal not found with SQL query].>
2019-12-16 14:34:03,862 INFO [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHO: myuser+myprincipal
WHAT: Supplied credentials: [UsernamePasswordCredential(username=myuser+myprincipal, source=null)]
ACTION: AUTHENTICATION_FAILED
APPLICATION: CAS
WHEN: Mon Dec 16 14:34:03 CET 2019
any experience with this?
thanks in advance
Michele