java-cas-client 4.2.0 Spring boot Filters are not invoked

[Anu Chandran]

Hi Team,

I have tried to configure the java-cas-client 4.2.0 version for spring boot application using the following dependency.

<dependency>

 <groupId>org.apereo.cas.client</groupId>

   <artifactId>cas-client-support-springboot</artifactId>

   <version>4.2.0</version>

</dependency>

And then configured following properties in application.xml using my CAS and application URL.

cas.server-url-prefix=https://cashost.com/cas

cas.server-login-url=https://cashost.com/cas/login

cas.client-host-url=https://casclient.com

Then created a spring boot application configuration using following annotation

@SpringBootApplication
@Controller
@EnableCasClient
public class MyApplication

In addition, configured web security using below code,

@Configuration
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
            .authorizeHttpRequests((authz) -> authz
                .anyRequest().authenticated()
            );
    }

}

Then implemented a Spring Rest controller on /test URL. How ever, the CAS filters are not invoked and the redirection to CAS server didn't happen. Please note, I have not added any web.xml filters since I m using auto configuration via spring boot.Please help me to understand what is missing here. Mn

Regards,

Anu

[Anu Chandran]

Hi Team, 

Please find the corrections and findings.

<dependency>

 <groupId>org.apereo.cas.client</groupId>

   <artifactId>cas-client-support-springboot</artifactId>

   <version>4.0.2</version>

</dependency>

If I remove spring-boot-starter-security from the pom.xml and also remove @Configuration to configure authorized http requests, the filters are picked up and is working fine. 

But spring-security is another integral part of the solution which cannot be discarded.

Please help to understand if I m using the client spring boot dependencies wrongly here.

Regards,

Anu.