Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

springboot + spring mvc + cas = 404?

I'm trying to setup CAS authentication in a Spring Boot + Spring MVC app, but there is something missing and I can't figure out.

as of now, my app starts, and I can browse successfuly controller pages not protected by auth (the pages render ok). when I try to browse protected pages, I get correctly redirected to my CAS login page, type my login/pass, and get correctly sent back to my app. but then, I get a 404 error.

I'm getting sent back to http://localhost:8080/cas/j_spring_cas_security_check?ticket=ST-16627-0xpiyvJ2xJojjKEIerUd and the page shows:

Whitelabel Error Page

This application has no explicit mapping for /error, so you are seeing this as a fallback.
Fri Sep 04 10:14:55 BRT 2015
There was an unexpected error (type=Not Found, status=404).
Not Found

I imagine that there should be somewhere a mapping to handle http://localhost:8080/cas/j_spring_cas_security_check?ticket= and it is missing, so I get the 404.

my Spring Boot application is like this:

main class:

@SpringBootApplication
public class Application {
    public static void main(String[] args) {
        SpringApplication.run(ApplicationConfiguration.class, args);
    }
}

then ApplicationConfiguration:

@Configuration
@EnableWebSecurity
@EnableWebMvcSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Bean
    public ServiceProperties serviceProperties() {
        ServiceProperties serviceProperties = new ServiceProperties();
        serviceProperties.setService("http://localhost:8080/cas/j_spring_cas_security_check");
        serviceProperties.setSendRenew(false);
        return serviceProperties;
    }

    @Bean
    public CasAuthenticationProvider casAuthenticationProvider() {
        CasAuthenticationProvider casAuthenticationProvider = new CasAuthenticationProvider();
        casAuthenticationProvider.setAuthenticationUserDetailsService(authenticationUserDetailsService());
        casAuthenticationProvider.setServiceProperties(serviceProperties());
        casAuthenticationProvider.setTicketValidator(cas20ServiceTicketValidator());
        casAuthenticationProvider.setKey("my_app_key");
        return casAuthenticationProvider;
    }

    @Bean
    public AuthenticationUserDetailsService authenticationUserDetailsService() {
        return new UserDetailsServiceImpl();
    }

    @Bean
    public Cas20ServiceTicketValidator cas20ServiceTicketValidator() {
        return new Cas20ServiceTicketValidator("https://login.mydomain.com/cas/");
    }

    @Bean
    public CasAuthenticationFilter casAuthenticationFilter() throws Exception {
        CasAuthenticationFilter casAuthenticationFilter = new CasAuthenticationFilter();
        casAuthenticationFilter.setAuthenticationManager(authenticationManager());
        return casAuthenticationFilter;
    }

    @Bean
    public CasAuthenticationEntryPoint casAuthenticationEntryPoint() {
        CasAuthenticationEntryPoint casAuthenticationEntryPoint = new CasAuthenticationEntryPoint();
        casAuthenticationEntryPoint.setLoginUrl("https://login.mydomain.com/cas/login");
        casAuthenticationEntryPoint.setServiceProperties(serviceProperties());
        return casAuthenticationEntryPoint;
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.addFilter(casAuthenticationFilter());
        http.exceptionHandling().authenticationEntryPoint(casAuthenticationEntryPoint());
        http.csrf().disable();

        http.authorizeRequests()
        .antMatchers("/home").authenticated()
        //.anyRequest().authenticated()
        ;
    }

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.authenticationProvider(casAuthenticationProvider());
    }

}

also UserDetailsServiceImpl:

public class UserDetailsServiceImpl implements AuthenticationUserDetailsService {

    @Override
    public UserDetails loadUserDetails(Authentication token) throws UsernameNotFoundException {
        User user = new User(token.getName(), "ROLE_DEFAULT");
        return user;
    }
}

and my Controller, with protected (/home) and unprotected (/index) pages:

@Controller
public class HomeController {

    @RequestMapping("/home")
    public String home() {
        return "home";
    }

    @RequestMapping("/index")
    public String index() {
        return "index";
    }

}

when I try to access /home initially, my log shows:

[DEBUG] [2015-09-04 10:40:47,081] [] [o.s.s.w.FilterChainProxy$VirtualFilterChain->doFilter:337] | /home at position 1 of 11 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter'
[DEBUG] [2015-09-04 10:40:47,082] [] [o.s.s.w.FilterChainProxy$VirtualFilterChain->doFilter:337] | /home at position 2 of 11 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
[DEBUG] [2015-09-04 10:40:47,082] [] [o.s.s.w.c.HttpSessionSecurityContextRepository->readSecurityContextFromSession:140] | No HttpSession currently exists
[DEBUG] [2015-09-04 10:40:47,082] [] [o.s.s.w.c.HttpSessionSecurityContextRepository->loadContext:91] | No SecurityContext was available from the HttpSession: null. A new one will be created.
[DEBUG] [2015-09-04 10:40:47,084] [] [o.s.s.w.FilterChainProxy$VirtualFilterChain->doFilter:337] | /home at position 3 of 11 in additional filter chain; firing Filter: 'HeaderWriterFilter'
[DEBUG] [2015-09-04 10:40:47,085] [] [o.s.s.w.h.w.HstsHeaderWriter->writeHeaders:129] | Not injecting HSTS header since it did not match the requestMatcher org.springframework.security.web.header.writers.HstsHeaderWriter$SecureRequestMatcher@335af467
[DEBUG] [2015-09-04 10:40:47,085] [] [o.s.s.w.FilterChainProxy$VirtualFilterChain->doFilter:337] | /home at position 4 of 11 in additional filter chain; firing Filter: 'LogoutFilter'
[DEBUG] [2015-09-04 10:40:47,085] [] [o.s.s.w.u.m.AntPathRequestMatcher->matches:145] | Checking match of request : '/home'; against '/logout'
[DEBUG] [2015-09-04 10:40:47,085] [] [o.s.s.w.FilterChainProxy$VirtualFilterChain->doFilter:337] | /home at position 5 of 11 in additional filter chain; firing Filter: 'CasAuthenticationFilter'
[DEBUG] [2015-09-04 10:40:47,085] [] [o.s.s.c.w.CasAuthenticationFilter->serviceTicketRequest:341] | serviceTicketRequest = false
[DEBUG] [2015-09-04 10:40:47,085] [] [o.s.s.c.w.CasAuthenticationFilter->proxyReceptorConfigured:399] | proxyReceptorConfigured = false
[DEBUG] [2015-09-04 10:40:47,085] [] [o.s.s.c.w.CasAuthenticationFilter->proxyReceptorRequest:384] | proxyReceptorRequest = false
[DEBUG] [2015-09-04 10:40:47,085] [] [o.s.s.c.w.CasAuthenticationFilter->proxyTicketRequest:359] | proxyTicketRequest = false
[DEBUG] [2015-09-04 10:40:47,086] [] [o.s.s.c.w.CasAuthenticationFilter->requiresAuthentication:290] | requiresAuthentication = false
[DEBUG] [2015-09-04 10:40:47,086] [] [o.s.s.w.FilterChainProxy$VirtualFilterChain->doFilter:337] | /home at position 6 of 11 in additional filter chain; firing Filter: 'RequestCacheAwareFilter'
[DEBUG] [2015-09-04 10:40:47,086] [] [o.s.s.w.FilterChainProxy$VirtualFilterChain->doFilter:337] | /home at position 7 of 11 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
[DEBUG] [2015-09-04 10:40:47,087] [] [o.s.s.w.FilterChainProxy$VirtualFilterChain->doFilter:337] | /home at position 8 of 11 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
[DEBUG] [2015-09-04 10:40:47,089] [] [o.s.s.w.a.AnonymousAuthenticationFilter->doFilter:102] | Populated SecurityContextHolder with anonymous token: 'org.springframework.security.authentication.AnonymousAuthenticationToken@9055e4a6: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@957e: RemoteIpAddress: 127.0.0.1; SessionId: null; Granted Authorities: ROLE_ANONYMOUS'
[DEBUG] [2015-09-04 10:40:47,089] [] [o.s.s.w.FilterChainProxy$VirtualFilterChain->doFilter:337] | /home at position 9 of 11 in additional filter chain; firing Filter: 'SessionManagementFilter'
[DEBUG] [2015-09-04 10:40:47,089] [] [o.s.s.w.s.SessionManagementFilter->doFilter:92] | Requested session ID JrbPx8JWxXJ7-NpmwEhxRojG.note-020 is invalid.
[DEBUG] [2015-09-04 10:40:47,089] [] [o.s.s.w.FilterChainProxy$VirtualFilterChain->doFilter:337] | /home at position 10 of 11 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
[DEBUG] [2015-09-04 10:40:47,089] [] [o.s.s.w.FilterChainProxy$VirtualFilterChain->doFilter:337] | /home at position 11 of 11 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
[DEBUG] [2015-09-04 10:40:47,090] [] [o.s.s.w.u.m.AntPathRequestMatcher->matches:145] | Checking match of request : '/home'; against '/home'
[DEBUG] [2015-09-04 10:40:47,090] [] [o.s.s.a.i.AbstractSecurityInterceptor->beforeInvocation:218] | Secure object: FilterInvocation: URL: /home; Attributes: [authenticated]
[DEBUG] [2015-09-04 10:40:47,091] [] [o.s.s.a.i.AbstractSecurityInterceptor->authenticateIfRequired:347] | Previously Authenticated: org.springframework.security.authentication.AnonymousAuthenticationToken@9055e4a6: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@957e: RemoteIpAddress: 127.0.0.1; SessionId: null; Granted Authorities: ROLE_ANONYMOUS
[DEBUG] [2015-09-04 10:40:47,099] [] [o.s.s.a.v.AffirmativeBased->decide:65] | Voter: org.springframework.security.web.access.expression.WebExpressionVoter@5a9298b2, returned: -1
[TRACE] [2015-09-04 10:40:47,103] [] [o.s.c.s.AbstractApplicationContext->publishEvent:329] | Publishing event in org.springframework.boot.context.embedded.AnnotationConfigEmbeddedWebApplicationContext@394bc20: org.springframework.security.access.event.AuthorizationFailureEvent[source=FilterInvocation: URL: /home]
[DEBUG] [2015-09-04 10:40:47,103] [] [o.s.b.f.s.AbstractBeanFactory->doGetBean:248] | Returning cached instance of singleton bean 'delegatingApplicationListener'
[DEBUG] [2015-09-04 10:40:47,104] [] [o.s.s.w.a.ExceptionTranslationFilter->handleSpringSecurityException:165] | Access is denied (user is anonymous); redirecting to authentication entry point
org.springframework.security.access.AccessDeniedException: Acesso negado
    at org.springframework.security.access.vote.AffirmativeBased.decide(AffirmativeBased.java:83) ~[spring-security-core-4.0.2.RELEASE.jar:4.0.2.RELEASE]
    ... lots of stack ...
    at java.lang.Thread.run(Thread.java:745) [na:1.8.0_20]

then I get redirected to CAS to login, and after I'm sent back the log shows:

==> log/spring.log <==
[DEBUG] [2015-09-04 10:43:45,974] [] [o.s.s.w.FilterChainProxy$VirtualFilterChain->doFilter:337] | /cas/j_spring_cas_security_check?ticket=ST-16635-afTz1gs3R5sv4eRjleKc-login.movile.com at position 1 of 11 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter'
[DEBUG] [2015-09-04 10:43:45,974] [] [o.s.s.w.FilterChainProxy$VirtualFilterChain->doFilter:337] | /cas/j_spring_cas_security_check?ticket=ST-16635-afTz1gs3R5sv4eRjleKc-login.movile.com at position 2 of 11 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
[DEBUG] [2015-09-04 10:43:45,975] [] [o.s.s.w.c.HttpSessionSecurityContextRepository->readSecurityContextFromSession:152] | HttpSession returned null object for SPRING_SECURITY_CONTEXT
[DEBUG] [2015-09-04 10:43:45,975] [] [o.s.s.w.c.HttpSessionSecurityContextRepository->loadContext:91] | No SecurityContext was available from the HttpSession: org.eclipse.jetty.server.session.HashedSession:lx934b5jvixoittaje24iulh@495908524. A new one will be created.
[DEBUG] [2015-09-04 10:43:45,975] [] [o.s.s.w.FilterChainProxy$VirtualFilterChain->doFilter:337] | /cas/j_spring_cas_security_check?ticket=ST-16635-afTz1gs3R5sv4eRjleKc-login.movile.com at position 3 of 11 in additional filter chain; firing Filter: 'HeaderWriterFilter'
[DEBUG] [2015-09-04 10:43:45,975] [] [o.s.s.w.h.w.HstsHeaderWriter->writeHeaders:129] | Not injecting HSTS header since it did not match the requestMatcher org.springframework.security.web.header.writers.HstsHeaderWriter$SecureRequestMatcher@335af467
[DEBUG] [2015-09-04 10:43:45,975] [] [o.s.s.w.FilterChainProxy$VirtualFilterChain->doFilter:337] | /cas/j_spring_cas_security_check?ticket=ST-16635-afTz1gs3R5sv4eRjleKc-login.movile.com at position 4 of 11 in additional filter chain; firing Filter: 'LogoutFilter'
[DEBUG] [2015-09-04 10:43:45,975] [] [o.s.s.w.u.m.AntPathRequestMatcher->matches:145] | Checking match of request : '/cas/j_spring_cas_security_check'; against '/logout'
[DEBUG] [2015-09-04 10:43:45,975] [] [o.s.s.w.FilterChainProxy$VirtualFilterChain->doFilter:337] | /cas/j_spring_cas_security_check?ticket=ST-16635-afTz1gs3R5sv4eRjleKc-login.movile.com at position 5 of 11 in additional filter chain; firing Filter: 'CasAuthenticationFilter'
[DEBUG] [2015-09-04 10:43:45,976] [] [o.s.s.c.w.CasAuthenticationFilter->serviceTicketRequest:341] | serviceTicketRequest = false
[DEBUG] [2015-09-04 10:43:45,976] [] [o.s.s.c.w.CasAuthenticationFilter->proxyReceptorConfigured:399] | proxyReceptorConfigured = false
[DEBUG] [2015-09-04 10:43:45,976] [] [o.s.s.c.w.CasAuthenticationFilter->proxyReceptorRequest:384] | proxyReceptorRequest = false
[DEBUG] [2015-09-04 10:43:45,976] [] [o.s.s.c.w.CasAuthenticationFilter->proxyTicketRequest:359] | proxyTicketRequest = false
[DEBUG] [2015-09-04 10:43:45,976] [] [o.s.s.c.w.CasAuthenticationFilter->requiresAuthentication:290] | requiresAuthentication = false
[DEBUG] [2015-09-04 10:43:45,976] [] [o.s.s.w.FilterChainProxy$VirtualFilterChain->doFilter:337] | /cas/j_spring_cas_security_check?ticket=ST-16635-afTz1gs3R5sv4eRjleKc-login.movile.com at position 6 of 11 in additional filter chain; firing Filter: 'RequestCacheAwareFilter'
[DEBUG] [2015-09-04 10:43:45,976] [] [o.s.s.w.s.DefaultSavedRequest->propertyEquals:309] | pathInfo: both null (property equals)
[DEBUG] [2015-09-04 10:43:45,976] [] [o.s.s.w.s.DefaultSavedRequest->propertyEquals:317] | queryString: arg1=null; arg2=ticket=ST-16635-afTz1gs3R5sv4eRjleKc-login.movile.com (property not equals)
[DEBUG] [2015-09-04 10:43:45,976] [] [o.s.s.w.s.HttpSessionRequestCache->getMatchingRequest:75] | saved request doesn't match
[DEBUG] [2015-09-04 10:43:45,977] [] [o.s.s.w.FilterChainProxy$VirtualFilterChain->doFilter:337] | /cas/j_spring_cas_security_check?ticket=ST-16635-afTz1gs3R5sv4eRjleKc-login.movile.com at position 7 of 11 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
[DEBUG] [2015-09-04 10:43:45,977] [] [o.s.s.w.FilterChainProxy$VirtualFilterChain->doFilter:337] | /cas/j_spring_cas_security_check?ticket=ST-16635-afTz1gs3R5sv4eRjleKc-login.movile.com at position 8 of 11 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
[DEBUG] [2015-09-04 10:43:45,977] [] [o.s.s.w.a.AnonymousAuthenticationFilter->doFilter:102] | Populated SecurityContextHolder with anonymous token: 'org.springframework.security.authentication.AnonymousAuthenticationToken@90545b24: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@12afc: RemoteIpAddress: 127.0.0.1; SessionId: lx934b5jvixoittaje24iulh; Granted Authorities: ROLE_ANONYMOUS'
[DEBUG] [2015-09-04 10:43:45,977] [] [o.s.s.w.FilterChainProxy$VirtualFilterChain->doFilter:337] | /cas/j_spring_cas_security_check?ticket=ST-16635-afTz1gs3R5sv4eRjleKc-login.movile.com at position 9 of 11 in additional filter chain; firing Filter: 'SessionManagementFilter'
[DEBUG] [2015-09-04 10:43:45,977] [] [o.s.s.w.FilterChainProxy$VirtualFilterChain->doFilter:337] | /cas/j_spring_cas_security_check?ticket=ST-16635-afTz1gs3R5sv4eRjleKc-login.movile.com at position 10 of 11 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
[DEBUG] [2015-09-04 10:43:45,977] [] [o.s.s.w.FilterChainProxy$VirtualFilterChain->doFilter:337] | /cas/j_spring_cas_security_check?ticket=ST-16635-afTz1gs3R5sv4eRjleKc-login.movile.com at position 11 of 11 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
[DEBUG] [2015-09-04 10:43:45,977] [] [o.s.s.w.u.m.AntPathRequestMatcher->matches:145] | Checking match of request : '/cas/j_spring_cas_security_check'; against '/home'
[DEBUG] [2015-09-04 10:43:45,977] [] [o.s.s.a.i.AbstractSecurityInterceptor->beforeInvocation:209] | Public object - authentication not attempted
[TRACE] [2015-09-04 10:43:45,978] [] [o.s.c.s.AbstractApplicationContext->publishEvent:329] | Publishing event in org.springframework.boot.context.embedded.AnnotationConfigEmbeddedWebApplicationContext@394bc20: org.springframework.security.access.event.PublicInvocationEvent[source=FilterInvocation: URL: /cas/j_spring_cas_security_check?ticket=ST-16635-afTz1gs3R5sv4eRjleKc-login.movile.com]
[DEBUG] [2015-09-04 10:43:45,978] [] [o.s.b.f.s.AbstractBeanFactory->doGetBean:248] | Returning cached instance of singleton bean 'delegatingApplicationListener'
[DEBUG] [2015-09-04 10:43:45,978] [] [o.s.s.w.FilterChainProxy$VirtualFilterChain->doFilter:323] | /cas/j_spring_cas_security_check?ticket=ST-16635-afTz1gs3R5sv4eRjleKc-login.movile.com reached end of additional filter chain; proceeding with original chain
[DEBUG] [2015-09-04 10:43:45,978] [] [o.s.s.c.w.CasAuthenticationFilter->serviceTicketRequest:341] | serviceTicketRequest = false
[DEBUG] [2015-09-04 10:43:45,978] [] [o.s.s.c.w.CasAuthenticationFilter->proxyReceptorConfigured:399] | proxyReceptorConfigured = false
[DEBUG] [2015-09-04 10:43:45,978] [] [o.s.s.c.w.CasAuthenticationFilter->proxyReceptorRequest:384] | proxyReceptorRequest = false
[DEBUG] [2015-09-04 10:43:45,978] [] [o.s.s.c.w.CasAuthenticationFilter->proxyTicketRequest:359] | proxyTicketRequest = false
[DEBUG] [2015-09-04 10:43:45,979] [] [o.s.s.c.w.CasAuthenticationFilter->requiresAuthentication:290] | requiresAuthentication = false
[TRACE] [2015-09-04 10:43:45,984] [] [o.s.w.s.FrameworkServlet->initContextHolders:1049] | Bound request context to thread: SecurityContextHolderAwareRequestWrapper[ org.springframework.security.web.context.HttpSessionSecurityContextRepository$Servlet3SaveToSessionRequestWrapper@138d79b0]
[DEBUG] [2015-09-04 10:43:45,984] [] [o.s.w.s.DispatcherServlet->doService:861] | DispatcherServlet with name 'dispatcherServlet' processing GET request for [/cas/j_spring_cas_security_check]
[TRACE] [2015-09-04 10:43:45,985] [] [o.s.w.s.DispatcherServlet->getHandler:1117] | Testing handler map [org.springframework.web.servlet.handler.SimpleUrlHandlerMapping@e1d777] in DispatcherServlet with name 'dispatcherServlet'
[TRACE] [2015-09-04 10:43:45,988] [] [o.s.w.s.h.AbstractUrlHandlerMapping->getHandlerInternal:126] | No handler mapping found for [/cas/j_spring_cas_security_check]
[TRACE] [2015-09-04 10:43:45,989] [] [o.s.w.s.DispatcherServlet->getHandler:1117] | Testing handler map [org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping@1e2c4be5] in DispatcherServlet with name 'dispatcherServlet'
[DEBUG] [2015-09-04 10:43:45,989] [] [o.s.w.s.h.AbstractHandlerMethodMapping->getHandlerInternal:294] | Looking up handler method for path /cas/j_spring_cas_security_check
[DEBUG] [2015-09-04 10:43:45,994] [] [o.s.w.s.h.AbstractHandlerMethodMapping->getHandlerInternal:302] | Did not find handler method for [/cas/j_spring_cas_security_check]
[TRACE] [2015-09-04 10:43:45,994] [] [o.s.w.s.DispatcherServlet->getHandler:1117] | Testing handler map [org.springframework.web.servlet.handler.BeanNameUrlHandlerMapping@73f998ad] in DispatcherServlet with name 'dispatcherServlet'
[TRACE] [2015-09-04 10:43:45,994] [] [o.s.w.s.h.AbstractUrlHandlerMapping->getHandlerInternal:126] | No handler mapping found for [/cas/j_spring_cas_security_check]
[TRACE] [2015-09-04 10:43:45,995] [] [o.s.w.s.DispatcherServlet->getHandler:1117] | Testing handler map [org.springframework.web.servlet.handler.SimpleUrlHandlerMapping@2354dcae] in DispatcherServlet with name 'dispatcherServlet'
[DEBUG] [2015-09-04 10:43:45,995] [] [o.s.w.s.h.AbstractUrlHandlerMapping->lookupHandler:168] | Matching patterns for request [/cas/j_spring_cas_security_check] are [/**]
[DEBUG] [2015-09-04 10:43:45,997] [] [o.s.w.s.h.AbstractUrlHandlerMapping->lookupHandler:193] | URI Template variables for request [/cas/j_spring_cas_security_check] are {}
[DEBUG] [2015-09-04 10:43:45,999] [] [o.s.w.s.h.AbstractUrlHandlerMapping->getHandlerInternal:123] | Mapping [/cas/j_spring_cas_security_check] to HandlerExecutionChain with handler [ResourceHttpRequestHandler [locations=[ServletContext resource [/], class path resource [META-INF/resources/], class path resource [resources/], class path resource [static/], class path resource [public/]], resolvers=[org.springframework.web.servlet.resource.PathResourceResolver@3a8581bc]]] and 1 interceptor
[TRACE] [2015-09-04 10:43:46,000] [] [o.s.w.s.DispatcherServlet->getHandlerAdapter:1157] | Testing handler adapter [org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter@6c27a2d3]
[TRACE] [2015-09-04 10:43:46,001] [] [o.s.w.s.DispatcherServlet->getHandlerAdapter:1157] | Testing handler adapter [org.springframework.web.servlet.mvc.HttpRequestHandlerAdapter@1e8e8287]
[DEBUG] [2015-09-04 10:43:46,002] [] [o.s.w.s.DispatcherServlet->doDispatch:947] | Last-Modified value for [/cas/j_spring_cas_security_check] is: -1
[TRACE] [2015-09-04 10:43:46,003] [] [o.s.w.s.r.ResourceHttpRequestHandler->isInvalidPath:327] | Applying "invalid path" checks to path: cas/j_spring_cas_security_check
[TRACE] [2015-09-04 10:43:46,004] [] [o.s.w.s.r.AbstractResourceResolver->resolveResource:44] | Resolving resource: requestPath="cas/j_spring_cas_security_check"
[TRACE] [2015-09-04 10:43:46,005] [] [o.s.w.s.r.PathResourceResolver->getResource:92] | Checking location: ServletContext resource [/]
[TRACE] [2015-09-04 10:43:46,005] [] [o.s.w.s.r.PathResourceResolver->getResource:102] | No match for location: ServletContext resource [/]
[TRACE] [2015-09-04 10:43:46,006] [] [o.s.w.s.r.PathResourceResolver->getResource:92] | Checking location: class path resource [META-INF/resources/]
[TRACE] [2015-09-04 10:43:46,006] [] [o.s.w.s.r.PathResourceResolver->getResource:102] | No match for location: class path resource [META-INF/resources/]
[TRACE] [2015-09-04 10:43:46,007] [] [o.s.w.s.r.PathResourceResolver->getResource:92] | Checking location: class path resource [resources/]
[TRACE] [2015-09-04 10:43:46,008] [] [o.s.w.s.r.PathResourceResolver->getResource:102] | No match for location: class path resource [resources/]
[TRACE] [2015-09-04 10:43:46,008] [] [o.s.w.s.r.PathResourceResolver->getResource:92] | Checking location: class path resource [static/]
[TRACE] [2015-09-04 10:43:46,009] [] [o.s.w.s.r.PathResourceResolver->getResource:102] | No match for location: class path resource [static/]
[TRACE] [2015-09-04 10:43:46,009] [] [o.s.w.s.r.PathResourceResolver->getResource:92] | Checking location: class path resource [public/]
[TRACE] [2015-09-04 10:43:46,009] [] [o.s.w.s.r.PathResourceResolver->getResource:102] | No match for location: class path resource [public/]
[TRACE] [2015-09-04 10:43:46,010] [] [o.s.w.s.r.ResourceHttpRequestHandler->handleRequest:212] | No matching resource found - returning 404
[DEBUG] [2015-09-04 10:43:46,010] [] [o.s.s.w.c.HttpSessionSecurityContextRepository$SaveToSessionResponseWrapper->saveContext:304] | SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession.
[TRACE] [2015-09-04 10:43:46,012] [] [o.s.w.s.FrameworkServlet->initContextHolders:1049] | Bound request context to thread: (GET /cas/j_spring_cas_security_check?ticket=ST-16635-afTz1gs3R5sv4eRjleKc-login.movile.com)@743898861 org.eclipse.jetty.server.Request@2c56feed
[DEBUG] [2015-09-04 10:43:46,013] [] [o.s.w.s.DispatcherServlet->doService:861] | DispatcherServlet with name 'dispatcherServlet' processing GET request for [/error]
[TRACE] [2015-09-04 10:43:46,013] [] [o.s.w.s.DispatcherServlet->getHandler:1117] | Testing handler map [org.springframework.web.servlet.handler.SimpleUrlHandlerMapping@e1d777] in DispatcherServlet with name 'dispatcherServlet'
[TRACE] [2015-09-04 10:43:46,013] [] [o.s.w.s.h.AbstractUrlHandlerMapping->getHandlerInternal:126] | No handler mapping found for [/error]

anyone could spot what is missing?

thanks in advance :)

like image 769
weeanon Avatar asked Nov 09 '22 05:11

weeanon


1 Answers

Spring Security 4 updated this and several other paths and attributes (frankly, for the better). See here:

https://jira.spring.io/browse/SEC-2783

j_spring_cas_security_check -> login/cas

As pointed out by a user in the comments, you simply need to update the service URL.

like image 170
Luke Avatar answered Nov 15 '22 13:11

Luke