SEC-1344: CAS Documentation Errors #1589

Closed
spring-issuemaster opened this Issue Dec 28, 2009 · 1 comment

Projects

None yet

1 participant

@spring-issuemaster

Stephan Oudmaijer (Migrated from SEC-1344) said:

The CAS documentation for Spring Security is vague and contains a few errors.

First, the element contains the tag <security:custom-authentication-provider /> which is not allowed by the spring-security-3.0.xsd.

I have configured the authentication provider accordingly:

<security:authentication-manager alias="authenticationManager">
<security:authentication-provider ref="casAuthenticationProvider">/security:authentication-provider
/security:authentication-manager

Second, the security:http section can be more specific IMHO. I have configured it like shown below. I don`t know if this is 'the' way to configure it, but it works.

<security:http entry-point-ref="casAuthenticationEntryPoint" auto-config="true">
...
<security:custom-filter position="CAS_FILTER" ref="casAuthenticationFilter">/security:custom-filter
/security:http

Third, the contains the properties and which do not exist anymore.

Once you have figured this out, it works really great ;-)

Cheers, Stephan

@spring-issuemaster

Luke Taylor said:

Thanks for reporting these. I've updated the CAS section to correct the configurations.

@spring-issuemaster spring-issuemaster added this to the 3.0.1 milestone Feb 5, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment