Its poorly named because of the generalness of Spring Security. It comes into play normally in two scenarios (I think, if I recall correctly):
1. If there is a problem validating the ticket from CAS. 2. If there is an authorization problem. Cheers, Scott On Sun, Jan 10, 2010 at 11:42 AM, Estelle DeBlois <[email protected]>wrote: > Hello, > > I have a web application that uses Spring Security configured for CAS. From > the many examples I found online on how to set this up, you can configure a > "authenticationFailureUrl" parameter in the casProcessingFilter bean, e.g.: > > <bean id="casProcessingFilter" > class="org.springframework.security.ui.cas.CasProcessingFilter" > p:authenticationManager-ref="casAuthenticationManager" > p:authenticationFailureUrl="/badLogin.jsp" > p:alwaysUseDefaultTargetUrl="true" > p:filterProcessesUrl="/j_spring_cas_security_check" > p:defaultTargetUrl="/"> > <sec:custom-filter after="CAS_PROCESSING_FILTER" /> > </bean> > > The application works great when I provide valid credentials to CAS. I get > redirected to the service specified in the request. However, by default, the > casLoginView.jsp is redisplayed when invalid credentials are given (with an > error message informing the user of the failed login attempt). CAS does not > redirect the user back to the service if login fails, so where does the > "authenticationFailureUrl" option come into play? I'm new to CAS and Spring > Security overall, so if there's something obvious I'm missing, I would > appreciate any clarification. > > Thanks, > E. > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
