CAS 4.1.3 disable /status/config

30 views

Skip to first unread message

Quentin Loizelet

unread,

May 20, 2016, 6:34:23 AM5/20/16

to CAS Community

Hi everyone,

I'm in intership on a French factory and i need to deploy the CAS authentication for all the used applications.

I'm facing a big problem :

The /status/config page is displays no matter what.

I have the base configuration on spring-configuration/securityContext.xml :

<sec:authentication-manager />
<sec:http pattern="/status/**" entry-point-ref="notAuthorizedEntryPoint" use-expressions="true" auto-config="true">
<sec:intercept-url pattern="/status/**" access="${cas.securityContext.status.access}" />
</sec:http>
<sec:http pattern="/statistics/**" entry-point-ref="notAuthorizedEntryPoint" use-expressions="true" auto-config="true">
<sec:intercept-url pattern="/statistics/**" access="${cas.securityContext.statistics.access}" />
</sec:http>
<bean id="notAuthorizedEntryPoint" class="org.springframework.security.web.authentication.Http403ForbiddenEntryPoint" />

It works fine for the /status service ( Forbiden )

but not for the /status/config.

Have you any idea ?

thx

Quentin

Reply all

Reply to author

Forward

0 new messages