Re: [cas-user] CAS and OpenKM Role

Mon, 18 Jun 2012 08:11:14 -0700 

I am trying to install a CAS Server on OpenKM.



I'm not familiar with OpenKM.  A cursory google makes me wonder how 
you'd install CAS server on it.  Are you sure that's what you mean?



  <application-policy name="OpenKM">
  <authentication>
  <login-module code="org.jasig.cas.client.jaas.CasLoginModule"
flag="required">
  <module-option
name="ticketValidatorClass">org.jasig.cas.client.validation.Saml11TicketValidator</module-option>
  <module-option
name="casServerUrlPrefix">https://***.***.***.***:8443/cas</module-option>
  <module-option name="tolerance">20000</module-option>
  <module-option
name="service">https://***.***.***.***:8443/OpenKM</module-option>
  <module-option name="defaultRoles">UserRole</module-option>
  <module-option name="roleAttributeNames">groupMembership</module-option>
  <module-option name="principalGroupName">CallerPrincipal</module-option>
  <module-option name="roleGroupName">Roles</module-option>
  <module-option name="cacheAssertions">true</module-option>
  <module-option name="cacheTimeout">480</module-option>
  </login-module>
  </authentication>
  </application-policy>



This is CAS client configuration using the Java CAS client JAAS login 
module.  Where does this configuration live?



[org.jasig.cas.client.jaas.CasLoginModule] Performing login.
  2012-06-07 11:48:20,418 INFO [org.jasig.cas.client.jaas.CasLoginModule]
Login failed due to unsupported callback:
javax.security.auth.callback.UnsupportedCallbackException



That looks like the root cause of your integration problems.  The 
CasLoginModule requires both a NameCallback (to hold the service) and a 
PasswordCallback (to hold service ticket); any other type of callback 
passed to it results in an error. [1]  Looks like OpenKM is passing 
additional unsupported callbacks.  You'd have to turn up the logging to 
see what kind exactly, then investigate whether it's possible to disable 
them.


M


[1] 
https://github.com/Jasig/java-cas-client/blob/master/cas-client-core/src/main/java/org/jasig/cas/client/jaas/ServiceAndTicketCallbackHandler.java


--
You are currently subscribed to [email protected] as: 
[email protected]
To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user






















					Reply via email to