Well, a first reply as you seem to be in a hurry. Your CAS server works : it delivers service tickets and redirects your to the service url with a service ticket. The CasRealm (post CAS successful authentication) computes the default roles ROLE_USER (in your case). But for you, as you expects the role user or admin, it doesn't work and you get some unauthorized error page.
So first, you should change the CasRealm configuration with : casRealm.defaultRoles = user This way, you will be able to access the /secure/** urls. But you won't be able to access /admin/** urls. My question is : how do you compute the admin role ? Because if you want to do some roles computation, you will certainly need to create a new CasRealm with the requested behaviour for the roles computation. Best regards, Jérôme -- View this message in context: http://shiro-user.582556.n2.nabble.com/Cant-Integrate-Shiro-with-CAS-tp7579234p7579245.html Sent from the Shiro User mailing list archive at Nabble.com.
