AnsweredAssumed Answered

WebScript from HttpClient in CAS third party application

Question asked by plinio on Mar 23, 2011
Latest reply on Mar 26, 2011 by openpj
Hi all,
I implement CAS SSO across both Alfresco (3.3E) and a third party sample application.(a simple servelt)
I need call a webscript (for example …alfresco/wcservice/office/getUsers) through HttpClient get.
The problem is:CAS server return CAS login page
( i retrieve the page from method.getResponseBodyAsString())
It should be noted that if i try to call the same webscript from browser (after SSO CAS login) i retrieve the correct result and the authentication is correctly managed.

For example:

-from browser i call a simple servlet (A) filtered by CAS.
-CAS login prompt appear
-Log in with admin/admin
-CAS authentication ok
-Call simple servlet (A) with request param (?goto=callAlf) .The servlet run the HttpClient above:

HttpClient client = new HttpClient();
String ticketProxed = assertion1
.getPrincipal()
.getProxyTicketFor(
"https://localhost:8443/alfresco/wcservice/office/getUsers");

GetMethod method = new GetMethod(
"https://localhost:8443/alfresco/wcservice/office/getUsers");
method.getParams().setParameter("ticket", ticket);

// method.setDoAuthentication(true);
int statusCode = client.executeMethod(method);
if (statusCode != HttpStatus.SC_OK) {
System.err.println("Method failed: " + method.getStatusLine());
}
String res = method.getResponseBodyAsString();
System.out.println("ESITO:" + res);
JSONArray jsonOut = new JSONArray(res);
System.out.println(jsonOut);
return jsonOut.toString();

-I retrive Login CAS page in res.


I attach the Alfresco web.xml configuration file for CAS filter

Thanks for support!!!

Matteo


<filter>
<filter-name>CAS Authentication Filter</filter-name>
<filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class>
<init-param>
<param-name>casServerLoginUrl</param-name>
<param-value>https://localhost:9443/cas-server-webapp-3.4.2/login</param-value>
</init-param>
<init-param>
<param-name>serverName</param-name>
<param-value>https://localhost:8443</param-value>
</init-param>
<init-param>
<param-name>renew</param-name>
<param-value>false</param-value>
</init-param>
<init-param>
<param-name>gateway</param-name>
<param-value>false</param-value>
</init-param>
</filter>
<filter>
<filter-name>CAS Validation Filter</filter-name>
<filter-class>org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter</filter-class>
<init-param>
<param-name>casServerUrlPrefix</param-name>
<param-value>https://localhost:9443/cas-server-webapp-3.4.2/</param-value>
</init-param>
<init-param>
<param-name>serverName</param-name>
<param-value>https://localhost:8443</param-value>
</init-param>
<init-param>
<param-name>proxyCallbackUrl</param-name>
<param-value>https://localhost:8443/alfresco/MTCallback</param-value>
</init-param>
<init-param>
<param-name>proxyReceptorUrl</param-name>
<param-value>/MTCallback</param-value>
</init-param>
<init-param>
<param-name>acceptAnyProxy</param-name>
<param-value>true</param-value>
</init-param>
</filter>
<filter>
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
<filter-class>org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filter-class>
</filter>
<filter>
<filter-name>CAS Assertion Thread Local Filter</filter-name>
<filter-class>org.jasig.cas.client.util.AssertionThreadLocalFilter</filter-class>
</filter>

<filter-mapping>
<filter-name>CAS Authentication Filter</filter-name>
<url-pattern>/faces/*</url-pattern>
<url-pattern>/wcservice/*</url-pattern>
</filter-mapping>

<filter-mapping>
<filter-name>CAS Validation Filter</filter-name>
<url-pattern>/faces/*</url-pattern>
<url-pattern>/wcservice/*</url-pattern>
</filter-mapping>

<filter-mapping>
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
<url-pattern>/faces/*</url-pattern>
<url-pattern>/wcservice/*</url-pattern>
</filter-mapping>

<filter-mapping>
<filter-name>CAS Assertion Thread Local Filter</filter-name>
<url-pattern>/faces/*</url-pattern>
<url-pattern>/wcservice/*</url-pattern>
</filter-mapping>

<filter-mapping>
<filter-name>CAS Validation Filter</filter-name>
<url-pattern>/MTCallback</url-pattern>
</filter-mapping>

<filter>
<filter-name>Authentication Filter</filter-name>
<description>dp2k filter</description>
<filter-class>it.dp2000.alfresco.cas.CASAuthenticationFilter</filter-class>
</filter>

<!– END –>

Outcomes