Getting AnonymousAuthenticationToken cannot be cast to ClientAuthenticationToken

3,024 views

Skip to first unread message

Rokin Gala

unread,

Feb 23, 2016, 5:35:25 PM2/23/16

to pac4j-users

I have implemented the CasOAuthWrapperClient , to perform Oauth against a local CAS server , the authentication is successfull but the context always returns AnonymousAuthenticationToken .

I am not sure what I am doing wrong or what configuration I am missing.

I am using spring security configuration.

This is the log that gets when i do the authentication

Also attached is my spring-security.xml file.

Please help stuck at this point for long.

23 Feb 2016 17:24:25,916 DEBUG ClientAuthenticationEntryPoint:50 - client: <CasOAuthWrapperClient> | name: CasOAuthWrapperClient |

23 Feb 2016 17:24:25,939 DEBUG BaseOAuth20Client:44 - authorizationUrl : https://qual.cas.laureate.net/cas/oauth2.0/authorize?response_type=code&client_id=25352e85-3a0d-40c8-9cb2-2900b1bbe2dc&redirect_uri=http%3A%2F%2Frokin-pc%3A8080%2Fportal%2Foauth%2Fcallback%3Fclient_name%3DCasOAuthWrapperClient

Feb 23, 2016 5:24:58 PM org.apache.catalina.core.StandardWrapperValve invoke

SEVERE: Servlet.service() for servlet [mvc-dispatcher] in context with path [/portal] threw exception [Request processing failed; nested exception is java.lang.ClassCastException: org.springframework.security.authentication.AnonymousAuthenticationToken cannot be cast to org.pac4j.springframework.security.authentication.ClientAuthenticationToken] with root cause

java.lang.ClassCastException: org.springframework.security.authentication.AnonymousAuthenticationToken cannot be cast to org.pac4j.springframework.security.authentication.ClientAuthenticationToken

at net.laureate.core.web.SessionInterceptor.preHandle(SessionInterceptor.java:80)

at org.springframework.web.servlet.HandlerExecutionChain.applyPreHandle(HandlerExecutionChain.java:134)

at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:954)

at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:893)

at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:970)

at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:861)

at javax.servlet.http.HttpServlet.service(HttpServlet.java:624)

at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:846)

at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)

at org.apache.catalina.core.ApplicationFilterChain.internalDoFilte

spring-security.xml

Jérôme LELEU

unread,

Feb 24, 2016, 4:02:06 AM2/24/16

to Rokin Gala, pac4j-users

Hi,

You should clean your Spring context from the useless authentication providers: hard to see something currently.

I guess the clientFilter does not apply (or does not apply on the appropriate url): its role is to finish the login process.

Thanks.

Best regards,

Jérôme

--
You received this message because you are subscribed to the Google Groups "pac4j-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to pac4j-users...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Reply all

Reply to author

Forward

0 new messages