Jasig CAS4.0, Proxy Authentication Exception

Question

I am trying to configure Jasig CAS4.0 with Facebook OAuth2.0. Without using facebook, The default username 'casuser' and password "Mellon" was working correctly. I replaced

<bean id="primaryAuthenticationHandler"
          class="org.jasig.cas.authentication.AcceptUsersAuthenticationHandler">
        <property name="users">
            <map>
                <entry key="casuser" value="Mellon"/>
            </map>
        </property>
    </bean>

with

<bean id="primaryAuthenticationHandler" class="org.jasig.cas.support.pac4j.authentication.handler.support.ClientAuthenticationHandler">
            <constructor-arg index="0" ref="clients"/>
</bean>

and the id="registeredServicesList" is

<util:list id="registeredServicesList">
        <bean class="org.jasig.cas.services.RegexRegisteredService"
              p:id="0" p:name="HTTP and IMAP" 
              p:description="Allows HTTP(S) and IMAP(S) protocols"
              p:serviceId="^(https?|imaps?)://.*" 
              p:evaluationOrder="10000001" 
              p:enabled="true"
              p:allowedToProxy="true"
              p:ssoEnabled="true"
/>

But still, after redirecting after authenticating from facebook to my CAS-server then to my application, I am getting ticketValidationException.

type Exception report

message org.jasig.cas.client.validation.TicketValidationException:

description The server encountered an internal error that prevented it from fulfilling this request.

exception

javax.servlet.ServletException: org.jasig.cas.client.validation.TicketValidationException: 
        The supplied service 'https://rajan.com:2443/CasClientSimple/' is not authorized to use CAS proxy authentication.

    org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(AbstractTicketValidationFilter.java:194)
    org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(AuthenticationFilter.java:116)

What should I do to solve this issue?

Answer 1

In the deployerconfigcontext.xml file of the CAS server, I add a few attributes (like allowedToProxy, ssoEnables, enabled) which were not there by default, and It worked.

<bean class="org.jasig.cas.services.RegisteredServiceImpl">
           <property name="id" value="0" />
           <property name="name" value="HTTP" />
           <property name="description" value="Only Allows HTTP Urls" />
           <property name="serviceId" value="https://**" />
           <property name="evaluationOrder" value="10000001" />
           <property name="enabled" value="true" />
           <property name="allowedToProxy" value="true" />
           <property name="ssoEnabled" value="true" />
</bean>