Not sure from your stack trace. Are you including the “caused by” stack traces? In my setup, it goes back to the login page, but I don’t use CAS, perhaps there is something CAS-specific you need to do to redirect to a login page when unauthenticated. No exceptions show up in the logs when user is redirected to login paage
> On Mar 14, 2016, at 3:34 PM, jonathan.labin <[email protected]> wrote: > > Sure. But while I get those together. What is the result when you have > exceptions? > > [main] > subjectFactory = io.buji.pac4j.ClientSubjectFactory > securityManager.subjectFactory = $subjectFactory > > # CAS Provider > casClient = org.pac4j.cas.client.CasClient > casClient.casLoginUrl = casUrl > rolesFromLdap = my.org.RolesFromLdapMemberOfAuthGen > casClient.authorizationGenerator = $rolesFromLdap > resolver=my.org.GswCallbackUrlResolver > casClient.callbackUrlResolver = $resolver > > clients = org.pac4j.core.client.Clients > clients.callbackUrl = callback > clients.clientsList = $casClient > > clientsRealm = io.buji.pac4j.ClientRealm > clientsRealm.defaultRoles = ROLE_USER > clientsRealm.clients = $clients > > clientsFilter = io.buji.pac4j.ClientFilter > clientsFilter.clients = $clients > > casRoles = io.buji.pac4j.filter.ClientRolesAuthorizationFilter > casRoles.client = $casClient > casRoles.unauthorizedUrl = 401error.jsp > > jpaRealm = my.org.AuthzOnlyJpaRealm > > securityManager.realms = $clientsRealm, $jpaRealm > > roles.unauthorizedUrl = /401error.jsp > perms.unauthorizedUrl = /401error.jsp > > ssl.port = 8181 > > [urls] > /callback = clientsFilter > /logout = logout > /401error.jsp = anon > /** = ssl, casRoles[ROLE_USER], roles[observer] > > > 2016-03-14T17:54:09.748+0000|Info: 2016-03-14 17:54:09,747 ERROR [Process > 116760@hostname:38] --- | --- | --- | my.org.AuthzOnlyJpaRealm | There was a > JPA error while authorizing user [test] > org.apache.shiro.authz.AuthorizationException: User: test is not enabled > at > my.org.AuthzOnlyJpaRealm.doGetAuthorizationInfo(AuthzOnlyJpaRealm.java:193) > at > org.apache.shiro.realm.AuthorizingRealm.getAuthorizationInfo(AuthorizingRealm.java:341) > at > org.apache.shiro.realm.AuthorizingRealm.hasRole(AuthorizingRealm.java:573) > at > org.apache.shiro.authz.ModularRealmAuthorizer.hasRole(ModularRealmAuthorizer.java:374) > at > org.apache.shiro.authz.ModularRealmAuthorizer.hasAllRoles(ModularRealmAuthorizer.java:407) > at > org.apache.shiro.mgt.AuthorizingSecurityManager.hasAllRoles(AuthorizingSecurityManager.java:161) > at > org.apache.shiro.subject.support.DelegatingSubject.hasAllRoles(DelegatingSubject.java:236) > at > org.apache.shiro.web.filter.authz.RolesAuthorizationFilter.isAccessAllowed(RolesAuthorizationFilter.java:52) > at > org.apache.shiro.web.filter.AccessControlFilter.onPreHandle(AccessControlFilter.java:162) > at > org.apache.shiro.web.filter.PathMatchingFilter.isFilterChainContinued(PathMatchingFilter.java:203) > at > org.apache.shiro.web.filter.PathMatchingFilter.preHandle(PathMatchingFilter.java:178) > at > org.apache.shiro.web.servlet.AdviceFilter.doFilterInternal(AdviceFilter.java:131) > at > org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125) > at > org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:66) > at > org.apache.shiro.web.servlet.AdviceFilter.executeChain(AdviceFilter.java:108) > at > org.apache.shiro.web.servlet.AdviceFilter.doFilterInternal(AdviceFilter.java:137) > at > org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125) > at > org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:66) > at > org.apache.shiro.web.servlet.AdviceFilter.executeChain(AdviceFilter.java:108) > at > org.apache.shiro.web.servlet.AdviceFilter.doFilterInternal(AdviceFilter.java:137) > at > org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125) > at > org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:66) > at > org.apache.shiro.web.servlet.AbstractShiroFilter.executeChain(AbstractShiroFilter.java:449) > at > org.apache.shiro.web.servlet.AbstractShiroFilter$1.call(AbstractShiroFilter.java:365) > at > org.apache.shiro.subject.support.SubjectCallable.doCall(SubjectCallable.java:90) > at > org.apache.shiro.subject.support.SubjectCallable.call(SubjectCallable.java:83) > at > org.apache.shiro.subject.support.DelegatingSubject.execute(DelegatingSubject.java:383) > at > org.apache.shiro.web.servlet.AbstractShiroFilter.doFilterInternal(AbstractShiroFilter.java:362) > at > org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125) > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:256) > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214) > at > org.jasig.cas.client.session.SingleSignOutFilter.doFilter(SingleSignOutFilter.java:97) > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:256) > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214) > at > org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:316) > at > org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:160) > at > org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:734) > at > org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:673) > at com.sun.enterprise.web.WebPipeline.invoke(WebPipeline.java:99) > at > org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:174) > at > org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:416) > at > org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:283) > at > com.sun.enterprise.v3.services.impl.ContainerMapper$HttpHandlerCallable.call(ContainerMapper.java:459) > at > com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:167) > at > org.glassfish.grizzly.http.server.HttpHandler.runService(HttpHandler.java:206) > at > org.glassfish.grizzly.http.server.HttpHandler.doHandle(HttpHandler.java:180) > at > org.glassfish.grizzly.http.server.HttpServerFilter.handleRead(HttpServerFilter.java:235) > at > org.glassfish.grizzly.filterchain.ExecutorResolver$9.execute(ExecutorResolver.java:119) > at > org.glassfish.grizzly.filterchain.DefaultFilterChain.executeFilter(DefaultFilterChain.java:283) > at > org.glassfish.grizzly.filterchain.DefaultFilterChain.executeChainPart(DefaultFilterChain.java:200) > at > org.glassfish.grizzly.filterchain.DefaultFilterChain.execute(DefaultFilterChain.java:132) > at > org.glassfish.grizzly.filterchain.DefaultFilterChain.process(DefaultFilterChain.java:111) > at > org.glassfish.grizzly.ProcessorExecutor.execute(ProcessorExecutor.java:77) > at > org.glassfish.grizzly.nio.transport.TCPNIOTransport.fireIOEvent(TCPNIOTransport.java:536) > at > org.glassfish.grizzly.strategies.AbstractIOStrategy.fireIOEvent(AbstractIOStrategy.java:112) > at > org.glassfish.grizzly.strategies.WorkerThreadIOStrategy.run0(WorkerThreadIOStrategy.java:117) > at > org.glassfish.grizzly.strategies.WorkerThreadIOStrategy.access$100(WorkerThreadIOStrategy.java:56) > at > org.glassfish.grizzly.strategies.WorkerThreadIOStrategy$WorkerThreadRunnable.run(WorkerThreadIOStrategy.java:137) > at > org.glassfish.grizzly.threadpool.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:591) > at > org.glassfish.grizzly.threadpool.AbstractThreadPool$Worker.run(AbstractThreadPool.java:571) > at java.lang.Thread.run(Thread.java:745) > > > > > -- > View this message in context: > http://shiro-user.582556.n2.nabble.com/Realm-Exception-Handling-tp7580979p7580981.html > Sent from the Shiro User mailing list archive at Nabble.com. >
