SEC-1344: CAS Documentation Errors #1589

Closed
spring-issuemaster opened this Issue Dec 28, 2009 · 1 comment

Comments

Projects
None yet
1 participant

Stephan Oudmaijer (Migrated from SEC-1344) said:

The CAS documentation for Spring Security is vague and contains a few errors.

First, the element contains the tag <security:custom-authentication-provider /> which is not allowed by the spring-security-3.0.xsd.

I have configured the authentication provider accordingly:

<security:authentication-manager alias="authenticationManager">
<security:authentication-provider ref="casAuthenticationProvider">/security:authentication-provider
/security:authentication-manager

Second, the security:http section can be more specific IMHO. I have configured it like shown below. I don`t know if this is 'the' way to configure it, but it works.

<security:http entry-point-ref="casAuthenticationEntryPoint" auto-config="true">
...
<security:custom-filter position="CAS_FILTER" ref="casAuthenticationFilter">/security:custom-filter
/security:http

Third, the contains the properties and which do not exist anymore.

Once you have figured this out, it works really great ;-)

Cheers, Stephan

Luke Taylor said:

Thanks for reporting these. I've updated the CAS section to correct the configurations.

spring-issuemaster added this to the 3.0.1 milestone Feb 5, 2016

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment