SPNEGO with CAS running on Windows Machine

classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|

SPNEGO with CAS running on Windows Machine

nathan
This post has NOT been accepted by the mailing list yet.
Hi,

I want to authenticate in CAS using users windows credentials. i.e. Do not prompt the domain user for the password.

I was following https://wiki.jasig.org/display/CASUM/SPNEGO to try to enable NTLM with CAS, but I had no luck with it at all.

My Env:
Active Directory Server/Domain Controller:
- Win 2003
- Realm: convoy.local

CAS server:
- tomcat 6
- jdk 1.6.20
- cas version 3.4.7
- hostname is convoy-cas.wealth-tec.com
- win 2008 R2 64bit

1. I have create a SPN account called cas in my AD/DC and ensure using DES encryption


2. I run ktpass to map the server to the SPN user
ktpass.exe /princ HTTP/convoy-cas.wealth-tec.com@convoy.local /pass * /mapuser
cas@convoy.local /ptype KRB5_NT_PRINCIPAL /crypto RC4-HMAC-NT

3. I setup the login webflow as described in the wiki
login-webflow.xml

4. update the cas-servlet
cas-servlet.xml

5. update the deployerConfigContaext
deployerConfigContext.xml

6. I added tomcat windows server to domain convoy.local

7. I can see the following error in cas log:
2011-04-09 19:36:51,031 INFO [org.jasig.cas.authentication.AuthenticationManagerImpl] - AuthenticationHandler: org.jasig.cas.support.spnego.authentication.handler.support.JCIFSSpnegoAuthenticationHandler failed to authenticate the user which provided the following credentials: unknown

2011-04-09 19:36:51,036 INFO [com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit trail record BEGIN
=============================================================
WHO: unknown
WHAT: supplied credentials: unknown
ACTION: AUTHENTICATION_FAILED
APPLICATION: CAS
WHEN: Sat Apr 09 19:36:51 CST 2011
CLIENT IP ADDRESS: 192.168.116.157
SERVER IP ADDRESS: unknown
=============================================================

Any help?
login.conf
Reply | Threaded
Open this post in threaded view
|

Re: SPNEGO with CAS running on Windows Machine

maul_oke
This post has NOT been accepted by the mailing list yet.
any solution to this problem yet?
Reply | Threaded
Open this post in threaded view
|

Re: SPNEGO with CAS running on Windows Machine

halbert
This post has NOT been accepted by the mailing list yet.
In reply to this post by nathan
hi
did you solve the issue? I am meeting the same issue as you have. I use  CAS/SPNEGO/Windows7.
Reply | Threaded
Open this post in threaded view
|

Re: SPNEGO with CAS running on Windows Machine

martijnbuger
This post has NOT been accepted by the mailing list yet.
Hi,

Any of upu guys found the solution yet? Same problem over here. Would help me a lot if you could post the solution!
Reply | Threaded
Open this post in threaded view
|

Re: SPNEGO with CAS running on Windows Machine

changhui_luo
This post has NOT been accepted by the mailing list yet.
hi
did you solve the issue? I am meeting the same issue as you have. I use  CAS/SPNEGO/Windows server 2008.
Reply | Threaded
Open this post in threaded view
|

Re: SPNEGO with CAS running on Windows Machine

kxuaostar
This post has NOT been accepted by the mailing list yet.
did u solve the issue?
 Pls contact me : xukaiaostar@126.com
谢谢