Angular frontend with CAS 7.1.3 backend
57 views
Skip to first unread message
Ankit Kumar
Jan 31, 2025, 5:10:45 PM1/31/25
to CAS Community
Hello all,
We have frontend as angular app which sends login credentials as username, password along with few other request headers that helps us to construct the right credentials to search for so we had to write an new REST endpoint which calls the service class which extends AbstractUsernamePasswordAuthenticationHandler to override authenticateUsernamePasswordInternal
rest of the flow we want it to be same as create TGT, call service url with ST and then redirect to the service url but i wondering instead of recreating the whole flow what could i logically do to hook onto existing flow for TGT and ST after AbstractUsernamePasswordAuthenticationHandler
Appreciate the help as always :) Thanks
We have frontend as angular app which sends login credentials as username, password along with few other request headers that helps us to construct the right credentials to search for so we had to write an new REST endpoint which calls the service class which extends AbstractUsernamePasswordAuthenticationHandler to override authenticateUsernamePasswordInternal
rest of the flow we want it to be same as create TGT, call service url with ST and then redirect to the service url but i wondering instead of recreating the whole flow what could i logically do to hook onto existing flow for TGT and ST after AbstractUsernamePasswordAuthenticationHandler
Appreciate the help as always :) Thanks
Ray Bon
Jan 31, 2025, 10:48:29 PM1/31/25
to cas-...@apereo.org
Ankit Kumar
Feb 6, 2025, 8:45:34 AM2/6/25
to CAS Community, Ray Bon
Thank you so much Ray.
Now i am finally able to get TGT, ST and do service validation but eventually it fails with
2025-02-06T18:53:04.126+05:30 WARN 62372 --- [cas] [mcat-handler-15] cyAwareServiceTicketValidationAuthorizer : No successful authentication handlers are recorded for the authentication attempt
2025-02-06T18:53:04.153+05:30 INFO 62372 --- [cas] [mcat-handler-15] PROTOCOL_MESSAGE :
============================================================
CAS Validation Response
============================================================
<cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'>
<cas:authenticationFailure code="INVALID_SERVICE">Ticket 'ST-1-dacL40LxkOWWh7th3nGPtCbRgLM-root310' does not match supplied service. The original service was 'https://localhost:8444/home' and the supplied service was 'https://localhost:8444/home'.</cas:authenticationFailure>
</cas:serviceResponse>
Would you have pointers into what might be happening here?
Now i am finally able to get TGT, ST and do service validation but eventually it fails with
2025-02-06T18:53:04.126+05:30 WARN 62372 --- [cas] [mcat-handler-15] cyAwareServiceTicketValidationAuthorizer : No successful authentication handlers are recorded for the authentication attempt
2025-02-06T18:53:04.153+05:30 INFO 62372 --- [cas] [mcat-handler-15] PROTOCOL_MESSAGE :
============================================================
CAS Validation Response
============================================================
<cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'>
<cas:authenticationFailure code="INVALID_SERVICE">Ticket 'ST-1-dacL40LxkOWWh7th3nGPtCbRgLM-root310' does not match supplied service. The original service was 'https://localhost:8444/home' and the supplied service was 'https://localhost:8444/home'.</cas:authenticationFailure>
</cas:serviceResponse>
Would you have pointers into what might be happening here?
Ray Bon
Feb 6, 2025, 10:13:31 PM2/6/25
to cas-...@apereo.org, ankit....@savvas.com
Ankit,
Enable debug logging for https://github.com/apereo/cas/blob/master/core/cas-server-core-services-authentication/src/main/java/org/apereo/cas/authentication/principal/DefaultServiceMatchingStrategy.java
That should be the class that is performing the comparison.
Ray
On Thu, 2025-02-06 at 05:32 -0800, Ankit Kumar wrote:
Reply all
Reply to author
Forward
0 new messages