topic Re: Alfresco 4.0d + CAS in Alfresco Archive

Alfresco 4.0d + CAS

luca — Fri, 29 Jun 2012 14:46:18 GMT

Hi all,I'm trying to enable authentication through CAS in Alfresco 4.0d, but I have some problems.When I restart Alfresco I get this error:Cannot create JDBC driver of class '' for connect URL 'null'java.lang.NullPointerException at sun.jdbc.odbc.JdbcOdbcDriver.getProtocol(JdbcOdbcDriver.java:507)

Re: Alfresco 4.0d + CAS

afaust — Sun, 01 Jul 2012 14:15:19 GMT

Hello,

it appears your database connection configuration might be wrong - nothing to do with CAS at first glance. Please check your alfresco-global.properties for database URL as well as JDBC driver and make sure you have your JDBC driver JAR on the classpath.

Regards
Axel

Re: Alfresco 4.0d + CAS

luca — Mon, 02 Jul 2012 07:18:32 GMT

The database configuration is ok, if I start Alfresco without CAS, I get no errors and I can access Alfresco explorer without problems.

This error appears only when I set up the CAS filter.

Re: Alfresco 4.0d + CAS

afaust — Mon, 02 Jul 2012 08:27:45 GMT

Can you provide an account of the configuration steps you have taken to set up your CAS integration? It would appear that some of it interferes with the normal behaviour of the database initialisation / connection handling. Also, could you provide more logging information on the exception? The previous one has been cut off / shortened using an ellipsis, and it might be helpful to see more of the context. (Maybe my interpretation of it until now based upon the available information is not even correct at all.)

Regards
Axel

Re: Alfresco 4.0d + CAS

luca — Mon, 02 Jul 2012 09:06:47 GMT

Hi Axel,
I'm upgrading a CAS authentcation that worked in Alfresco 3.2 and I'm missing something in Alfresco 4 with its subsystem.

For now I have done this:
1. add filters in web.xml
2. create filter classes and added to Alfresco lib as jar
3. modified alfresco-global.properties like this:

authentication.chain=cas:external
external.authentication.proxyHeader=x-alfresco-remote-user
external.authentication.enabled=true
external.authentication.userIdPattern=‍‍‍‍

I think I have to instantiate my filter in another way, maybe using a webscript like they have done here:
http://ecmstuff.blogspot.it/2011/06/configuring-alfresco-for-sso-with-cas.html

Down here the files I have touched:

Web.xml:


<!–       Commented out Alfresco's default authentication filter in order to be able to configure CAS filters
   <filter>
      <filter-name>Authentication Filter</filter-name>
      <description>Authentication filter mapped only to faces URLs. Other URLs generally use proprietary means to talk to the AuthenticationComponent</description>
      <filter-class>org.alfresco.repo.web.filter.beans.BeanProxyFilter</filter-class>
      <init-param>
         <param-name>beanName</param-name>
         <param-value>AuthenticationFilter</param-value>
      </init-param>
</filter>
   –>‍‍‍‍‍‍‍‍‍‍‍‍

and

<!– CAS Authentication Filter for casclient.jar (pre cas-client 3.1.3) –>
      <filter>
     <filter-name>CAS Filter</filter-name>
     <filter-class>edu.yale.its.tp.cas.client.filter.CASFilter</filter-class>
     <init-param>
         <param-name>edu.yale.its.tp.cas.client.filter.loginUrl</param-name>
         <param-value>https://apitest1.engilab.ewebpd.eng.it/cas/login</param-value>
     </init-param>
     <init-param>
         <param-name>edu.yale.its.tp.cas.client.filter.validateUrl</param-name>
         <param-value>https://apitest1.engilab.ewebpd.eng.it/cas/serviceValidate</param-value>
     </init-param>
     <init-param>
         <param-name>edu.yale.its.tp.cas.client.filter.serverName</param-name>
         <param-value>apitest1.engilab.ewebpd.eng.it</param-value>
     </init-param>
   </filter>
     
   <filter>
      <filter-name>Authentication Filter</filter-name>
      <filter-class>it.eng.api.alfresco.authentication.cas.CASAuthenticationFilter</filter-class>
      <init-param>
         <param-name>cas.user.label</param-name>
         <param-value>edu.yale.its.tp.cas.client.filter.user</param-value>
      </init-param>
   </filter>
   <filter>
      <filter-name>CAS Content Filter</filter-name>
      <filter-class>it.eng.api.alfresco.authentication.cas.CASContentFilter</filter-class>
   </filter>‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

and

<!–
   <filter-mapping>
      <filter-name>Global Authentication Filter</filter-name>
      <url-pattern>/navigate/*</url-pattern>
   </filter-mapping>

   <filter-mapping>
      <filter-name>Global Authentication Filter</filter-name>
      <url-pattern>/command/*</url-pattern>
   </filter-mapping>

   <filter-mapping>
      <filter-name>Global Authentication Filter</filter-name>
      <url-pattern>/download/*</url-pattern>
   </filter-mapping>
   
   <filter-mapping>
      <filter-name>Global Authentication Filter</filter-name>
      <url-pattern>/template/*</url-pattern>
   </filter-mapping>
   
   <filter-mapping>
      <filter-name>Global Authentication Filter</filter-name>
      <url-pattern>/n/*</url-pattern>
   </filter-mapping>
   
   <filter-mapping>
      <filter-name>Global Authentication Filter</filter-name>
      <url-pattern>/c/*</url-pattern>
   </filter-mapping>

   <filter-mapping>
      <filter-name>Global Authentication Filter</filter-name>
      <url-pattern>/t/*</url-pattern>
   </filter-mapping>
   
   <filter-mapping>
      <filter-name>Global Authentication Filter</filter-name>
      <url-pattern>/d/*</url-pattern>
   </filter-mapping>
   –>
   <!– The WebScript Authentication filter sits in front of web service URLs in addition to the global authentication filter –>
   <!–
   <filter-mapping>
      <filter-name>WebScript Authentication Filter</filter-name>
      <url-pattern>/wcservice/*</url-pattern>
   </filter-mapping>
   
   <filter-mapping>
      <filter-name>WebScript Authentication Filter</filter-name>
      <url-pattern>/wcs/*</url-pattern>
   </filter-mapping>
   
   <filter-mapping>
      <filter-name>Global Authentication Filter</filter-name>
      <url-pattern>/wcservice/*</url-pattern>
   </filter-mapping>
   
   <filter-mapping>
      <filter-name>Global Authentication Filter</filter-name>
      <url-pattern>/wcs/*</url-pattern>
   </filter-mapping>

   <filter-mapping>
      <filter-name>Global Authentication Filter</filter-name>
      <url-pattern>/ajax/*</url-pattern>
   </filter-mapping>
   
   <filter-mapping>
      <filter-name>Global Authentication Filter</filter-name>
      <url-pattern>/faces/*</url-pattern>
   </filter-mapping>

   <filter-mapping>
      <filter-name>Authentication Filter</filter-name>
      <url-pattern>/faces/*</url-pattern>
   </filter-mapping>
   –>

   <!– CAS Filter–>
   <filter-mapping>
      <filter-name>CAS Filter</filter-name>
      <url-pattern>/navigate/*</url-pattern>
   </filter-mapping>
   <filter-mapping>
      <filter-name>Authentication Filter</filter-name>
      <url-pattern>/navigate/*</url-pattern>
   </filter-mapping>
   <filter-mapping>
      <filter-name>CAS Content Filter</filter-name>
      <url-pattern>/navigate/*</url-pattern>
   </filter-mapping>
   
      <filter-mapping>
      <filter-name>CAS Filter</filter-name>
      <url-pattern>/faces/*</url-pattern>
   </filter-mapping>
   <filter-mapping>
      <filter-name>Authentication Filter</filter-name>
      <url-pattern>/faces/*</url-pattern>
   </filter-mapping>
   <filter-mapping>
      <filter-name>CAS Content Filter</filter-name>
      <url-pattern>/faces/*</url-pattern>
   </filter-mapping>
   
      <filter-mapping>
      <filter-name>CAS Filter</filter-name>
      <url-pattern>/command/*</url-pattern>
   </filter-mapping>
   <filter-mapping>
      <filter-name>Authentication Filter</filter-name>
      <url-pattern>/command/*</url-pattern>
   </filter-mapping>
   <filter-mapping>
      <filter-name>CAS Content Filter</filter-name>
      <url-pattern>/command/*</url-pattern>
   </filter-mapping>
   
   <filter-mapping>
      <filter-name>CAS Filter</filter-name>
      <url-pattern>/download/*</url-pattern>
   </filter-mapping>
   <filter-mapping>
      <filter-name>Authentication Filter</filter-name>
      <url-pattern>/download/*</url-pattern>
   </filter-mapping>
   <filter-mapping>
      <filter-name>CAS Content Filter</filter-name>
      <url-pattern>/download/*</url-pattern>
   </filter-mapping>
   
      <filter-mapping>
      <filter-name>CAS Filter</filter-name>
      <url-pattern>/template/*</url-pattern>
   </filter-mapping>
   <filter-mapping>
      <filter-name>Authentication Filter</filter-name>
      <url-pattern>/template/*</url-pattern>
   </filter-mapping>
   <filter-mapping>
      <filter-name>CAS Content Filter</filter-name>
      <url-pattern>/template/*</url-pattern>
   </filter-mapping>
   
      <filter-mapping>
      <filter-name>CAS Filter</filter-name>
      <url-pattern>/n/*</url-pattern>
   </filter-mapping>
   <filter-mapping>
      <filter-name>Authentication Filter</filter-name>
      <url-pattern>/n/*</url-pattern>
   </filter-mapping>
   <filter-mapping>
      <filter-name>CAS Content Filter</filter-name>
      <url-pattern>/n/*</url-pattern>
   </filter-mapping>
   
      <filter-mapping>
      <filter-name>CAS Filter</filter-name>
      <url-pattern>/c/*</url-pattern>
   </filter-mapping>
   <filter-mapping>
      <filter-name>Authentication Filter</filter-name>
      <url-pattern>/c/*</url-pattern>
   </filter-mapping>
   <filter-mapping>
      <filter-name>CAS Content Filter</filter-name>
      <url-pattern>/c/*</url-pattern>
   </filter-mapping>
   
      <filter-mapping>
      <filter-name>CAS Filter</filter-name>
      <url-pattern>/t/*</url-pattern>
   </filter-mapping>
   <filter-mapping>
      <filter-name>Authentication Filter</filter-name>
      <url-pattern>/t/*</url-pattern>
   </filter-mapping>
   <filter-mapping>
      <filter-name>CAS Content Filter</filter-name>
      <url-pattern>/t/*</url-pattern>
   </filter-mapping>
   
   <filter-mapping>
      <filter-name>CAS Filter</filter-name>
      <url-pattern>/d/*</url-pattern>
   </filter-mapping>
   <filter-mapping>
      <filter-name>Authentication Filter</filter-name>
      <url-pattern>/d/*</url-pattern>
   </filter-mapping>
   <filter-mapping>
      <filter-name>CAS Content Filter</filter-name>
      <url-pattern>/d/*</url-pattern>
   </filter-mapping>
   <!– New CAS filter mappings end here –>‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

My filter classes are here:

package it.eng.api.alfresco.authentication.cas;

import java.io.IOException;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.alfresco.repo.security.authentication.AuthenticationException;
import org.alfresco.util.ApplicationContextHelper;
import org.alfresco.web.app.Application;
import org.alfresco.web.app.servlet.AbstractAuthenticationFilter;
import org.alfresco.web.bean.repository.User;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.context.ApplicationContext;

public class CASAuthenticationFilter extends AbstractAuthenticationFilter implements Filter {

   private static final String LOCALE = "locale";
   private static final String MESSAGE_BUNDLE = "alfresco.messages.webclient";
   private static final String CAS_USER_INIT_PARAM_NAME = "cas.user.label";
   private static Log logger = LogFactory.getLog(CASAuthenticationFilter.class);
   private ServletContext context;
   private String loginPage;
//   private AuthenticationComponent authComponent;
//   private AuthenticationService authService;
//   private TransactionService transactionService;
//   private PersonService personService;
//   private NodeService nodeService;
//   private List<String> m_languages;
//   private String casUserSessionAttributeName;

   private static ApplicationContext applicationContext;

   public CASAuthenticationFilter() {
   }

   public void destroy() {
   }

   /**
    * Run the filter
    *
    * @param sreq  ServletRequest
    * @param sresp ServletResponse
    * @param chain FilterChain
    *
    * @exception IOException
    * @exception ServletException
    */
   public void doFilter(ServletRequest sreq, ServletResponse sresp, FilterChain chain) throws IOException, ServletException {
      // Get the HTTP request/response/session
      HttpServletRequest req = (HttpServletRequest) sreq;
      HttpServletResponse resp = (HttpServletResponse) sresp;
      HttpSession httpSess = req.getSession(true);

      applicationContext = ApplicationContextHelper.getApplicationContext();

      if (logger.isDebugEnabled()) {
         logger.debug("req.getRequestURI(): "+req.getRequestURI());
      }

      // Retrieve the CAS username from the session
      String userName = null;
      String casUserSessionAttributeName = "edu.yale.its.tp.cas.client.filter.user";
      Object o = httpSess.getAttribute(casUserSessionAttributeName);
      if (o == null) {
         logger.error("CAS : Attribute named "+casUserSessionAttributeName+" not found in the session. ");
      } else {
         userName = o.toString();
      }

      if (logger.isDebugEnabled()) {
         logger.debug("CAS : User = " + userName);
         logger.debug("HttpServletRequest Ticket = " + req.getParameter("ticket"));
         logger.debug("HttpServletRequest alf_ticket = " + req.getParameter("alf_ticket"));
         logger.debug("HttpServletRequest alfTicket = " + req.getParameter("alfTicket"));
      }

      // See if there is a user in the session and test if it matches
      User user = (User) httpSess.getAttribute("_alfAuthTicket");
      if (user == null) {
         if (logger.isDebugEnabled()) {
            logger.debug("Alfresco user is null.");
         }
      }

      if (user != null) {
         try {
            if (logger.isDebugEnabled()) {
               logger.debug("CAS : User " + user.getUserName() + " validate ticket");
            }

            if (user.getUserName().equals(userName)) {
//               authComponent.setCurrentUser(user.getUserName());
//               I18NUtil.setLocale(Application.getLanguage(applicationContext));
               chain.doFilter(sreq, sresp);
               return;

            } else {
               // No match
               setAuthenticatedUser(req, httpSess, userName);
            }

         } catch (AuthenticationException ex) {
            if (logger.isErrorEnabled()) {
               logger.error("Failed to validate user " + user.getUserName(), ex);
            }
         }
      }

      setAuthenticatedUser(req, httpSess, userName);

      // Redirect the login page as it is never seen as we always login by name
      if (req.getRequestURI().endsWith(getLoginPage())) {

         if (logger.isDebugEnabled()) {
            logger.debug("Login page requested, chaining …");
            logger.debug(" Redirect without chaining to: "+req.getContextPath() + "/faces/jsp/browse/browse.jsp");
         }

         resp.sendRedirect(req.getContextPath() + "/faces/jsp/browse/browse.jsp");

         return;

      } else {
         chain.doFilter(sreq, sresp);
         return;
      }
   }

   private void setAuthenticatedUser(HttpServletRequest req, HttpSession httpSess, String userName) {
      // Set the authentication
      
      // Here I have to log in the user in Alfresco
   }

   public void init(FilterConfig config) throws ServletException {
      context = config.getServletContext();

      // This line will cause the exception:
      WebApplicationContextUtils.getWebApplicationContext(servletContext);
   }

   /**
    * Return the login page address
    *
    * @return String
    */
   private String getLoginPage() {
      if (loginPage == null) {
         loginPage = Application.getLoginPage(context);
      }
      return loginPage;
   }

}
‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

And this is the other filter to manage redirects:

package it.eng.api.alfresco.authentication.cas;

import java.io.IOException;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

public class CASContentFilter implements Filter {

   private static final Log logger = LogFactory.getLog(CASContentFilter.class);

   public CASContentFilter() {
   }

   public void destroy() {
   }

   public void doFilter(ServletRequest sreq, ServletResponse sresp, FilterChain chain) throws IOException, ServletException {
      // Get the HTTP request/response/session
      HttpServletRequest httpServletRequest = (HttpServletRequest) sreq;
      HttpServletResponse httpServletResponse = (HttpServletResponse) sresp;
      HttpSession session = httpServletRequest.getSession();
      
      if (logger.isDebugEnabled()) {
         logger.debug("req.getRequestURI(): "+httpServletRequest.getRequestURI());
      }
      
      String redirectURL = (String) session.getAttribute("_alfRedirect");
      if (redirectURL != null) {
         
         if (logger.isDebugEnabled()) {
            logger.debug("Redirect URL found: "+redirectURL);
         }
         
         session.removeAttribute("_alfRedirect");
         
         if (session.getAttribute("_alfRedirect")==null)
            logger.debug("Redirect URL removed from session. ");
         
         try {
            httpServletResponse.sendRedirect(redirectURL);
            return;
            
         } catch (IOException ioErr) {
            logger.warn("Unable to redirect to url: "+redirectURL);
         }
         
      } else {
         if (logger.isDebugEnabled()) {
            logger.debug("No Redirect URL found");
         }
      }
      
      chain.doFilter(sreq, sresp);
   }

   public void init(FilterConfig filterconfig) throws ServletException {
   }

}
‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

And last the stacktrace:

Cannot create JDBC driver of class '' for connect URL 'null'
java.lang.NullPointerException
   at sun.jdbc.odbc.JdbcOdbcDriver.getProtocol(JdbcOdbcDriver.java:507)
   at sun.jdbc.odbc.JdbcOdbcDriver.knownURL(JdbcOdbcDriver.java:476)
   at sun.jdbc.odbc.JdbcOdbcDriver.acceptsURL(JdbcOdbcDriver.java:307)
   at java.sql.DriverManager.getDriver(DriverManager.java:253)
   at org.apache.tomcat.dbcp.dbcp.BasicDataSource.createConnectionFactory(BasicDataSource.java:1437)
   at org.apache.tomcat.dbcp.dbcp.BasicDataSource.createDataSource(BasicDataSource.java:1371)
   at org.apache.tomcat.dbcp.dbcp.BasicDataSource.getConnection(BasicDataSource.java:1044)
   at org.alfresco.config.JndiObjectFactoryBean.lookup(JndiObjectFactoryBean.java:44)
   at org.springframework.jndi.JndiObjectFactoryBean.lookupWithFallback(JndiObjectFactoryBean.java:201)
   at org.springframework.jndi.JndiObjectFactoryBean.afterPropertiesSet(JndiObjectFactoryBean.java:187)
   at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.invokeInitMethods(AbstractAutowireCapableBeanFactory.java:1477)
   at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1417)
   at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:519)
   at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:456)
   at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:291)
   at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:222)
   at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:288)
   at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:190)
   at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:322)
   at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:106)
   at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyPropertyValues(AbstractAutowireCapableBeanFactory.java:1325)
   at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:1086)
   at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:517)
   at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:456)
   at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:291)
   at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:222)
   at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:288)
   at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:190)
   at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:322)
   at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:106)
   at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyPropertyValues(AbstractAutowireCapableBeanFactory.java:1325)
   at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:1086)
   at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:517)
   at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:456)
   at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:291)
   at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:222)
   at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:288)
   at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:190)
   at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:322)
   at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:106)
   at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyPropertyValues(AbstractAutowireCapableBeanFactory.java:1325)
   at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:1086)
   at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:517)
   at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:456)
   at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:291)
   at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:222)
   at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:288)
   at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:190)
   at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:322)
   at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:106)
   at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyPropertyValues(AbstractAutowireCapableBeanFactory.java:1325)
   at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:1086)
   at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:517)
   at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:456)
   at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:291)
   at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:222)
   at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:288)
   at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:190)
   at org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:580)
   at org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:895)
   at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:425)
   at org.springframework.web.context.ContextLoader.createWebApplicationContext(ContextLoader.java:276)
   at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:197)
   at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:47)
   at org.alfresco.web.app.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:63)
   at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4135)
   at org.apache.catalina.core.StandardContext.start(StandardContext.java:4630)
   at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:791)
   at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:771)
‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

Re: Alfresco 4.0d + CAS

afaust — Mon, 02 Jul 2012 09:20:52 GMT

Hello,

on a third glance, I noticed that this is not really a database related issue, but a JNDI-reated one which involves some database-related code. I still cannot see a relation with your CAS modifications though, although the amount of changes necessary to enable CAS seems excessive (as I haven't done a CAS integration myself, this is just a subjective observation, and should not be considered to be any kind of judgment). Have you tried running Alfresco 4 without your modifications before you applied your CAS integration? If the same issue occured then, we can stop focussing on CAS changes …

Regards
Axel

Re: Alfresco 4.0d + CAS

luca — Mon, 02 Jul 2012 09:47:58 GMT

Hi Axel,
as I previuos said if I start Alfresco without CAS modification, everything runs well. I think that the problem is in my Filter class and how I instantiate it.

Now I will try to instatiate it through a webscript and I will inform you if I succeed.

Thanks for your help!

Re: Alfresco 4.0d + CAS

luca — Mon, 02 Jul 2012 10:40:41 GMT

I tryed to follow the steps described here:
http://ecmstuff.blogspot.it/2011/06/configuring-alfresco-for-sso-with-cas.html

I want only to authenticate in Alfresco Explorer, so I tryed to use only the CasAuthenticationfilter.java, but I'm stucked trying to find an equivalent for Alfresco 4.0d for this line to get the services that I need:

WebApplicationContext ctx = WebApplicationContextUtils.getRequiredWebApplicationContext(context);‍

If I use ApplicationContextHelper.getApplicationContext() I get the nullpointer error of my starting post.

The webscript LoginCas is only to used by Share, so it is not of help to me. :cry:

Re: Alfresco 4.0d + CAS

afaust — Mon, 02 Jul 2012 11:04:07 GMT

Hello,

try using the bean proxy filter bean as the filter and declare your custom filter as a Spring bean. This way you can inject your services via Spring and don't need to manually access the application context.
Please see the Alfresco "Authentication Filter" as a reference, which uses this approach.

Regards
Axel

Re: Alfresco 4.0d + CAS

luca — Wed, 04 Jul 2012 13:25:07 GMT

Thanks AFaust,
with your suggestion I made some more steps in the right direction.

Now when I access in Alfresco I'm redirect to the CAS login page, I log in and I return to Alfresco. I then enter in the filter with the CAS ticket and the name of the user, but I cannot find a right way to authenticate in Alfresco.
I tried calling AuthenticationHelper.setUser(context, req, currentUsername, ticket, externalAuth), but I get this error:

net.sf.acegisecurity.AuthenticationCredentialsNotFoundException: A valid SecureContext was not provided in the RequestContext
at net.sf.acegisecurity.intercept.AbstractSecurityInterceptor.credentialsNotFound(AbstractSecurityInterceptor.java:481)
at net.sf.acegisecurity.intercept.AbstractSecurityInterceptor.beforeInvocation(AbstractSecurityInterceptor.java:359)
at net.sf.acegisecurity.intercept.method.aopalliance.MethodSecurityInterceptor.invoke(MethodSecurityInterceptor.java:77)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at org.alfresco.repo.security.permissions.impl.ExceptionTranslatorMethodInterceptor.invoke(ExceptionTranslatorMethodInterceptor.java:46)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at org.alfresco.repo.audit.AuditMethodInterceptor.invoke(AuditMethodInterceptor.java:147)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:110)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:202)
at $Proxy60.getCurrentTicket(Unknown Source)
at it.eng.api.alfresco.authentication.cas.CASAuthenticationFilterBean.doFilter(CASAuthenticationFilterBean.java:159)
at sun.reflect.GeneratedMethodAccessor406.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.alfresco.repo.management.subsystems.ChainingSubsystemProxyFactory$1.invoke(ChainingSubsystemProxyFactory.java:116)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:202)
at $Proxy231.doFilter(Unknown Source)
at org.alfresco.repo.web.filter.beans.BeanProxyFilter.doFilter(BeanProxyFilter.java:82)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at edu.yale.its.tp.cas.client.filter.CASFilter.doFilter(CASFilter.java:317)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.alfresco.web.app.servlet.GlobalLocalizationFilter.doFilter(GlobalLocalizationFilter.java:58)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:470)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:298)
at org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:190)
at org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:291)
at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:774)
at org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:703)
at org.apache.jk.common.ChannelSocket$SocketConnection.runIt(ChannelSocket.java:896)
at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:690)
at java.lang.Thread.run(Thread.java:662)‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

I think that first I need to create a SecureContext, but I don't know how, could you help me?

This is how I set up the filter:

<filter>
      <filter-name>Authentication Filter</filter-name>
      <description>Authentication CAS filter.</description>
      <filter-class>org.alfresco.repo.web.filter.beans.BeanProxyFilter</filter-class>
      <init-param>
         <param-name>beanName</param-name>
         <param-value>CASAuthenticationFilter</param-value>
      </init-param>
   </filter>‍‍‍‍‍‍‍‍‍

And this is how I configured the CASAuthenticationFilter bean:

<bean id="CASAuthenticationFilter" class="org.alfresco.repo.management.subsystems.ChainingSubsystemProxyFactory">
      <property name="applicationContextManager">
         <ref bean="Authentication" />
      </property>
      <property name="interfaces">
         <list>
            <value>org.alfresco.repo.web.filter.beans.DependencyInjectedFilter</value>
         </list>
      </property>
      <property name="sourceBeanName">
         <value>cASAuthenticationFilter</value>
      </property>
      <!– Fall back to a benign default implementation –>
      <property name="defaultTarget">
         <ref bean="defaultCASAuthenticationFilter"/>
      </property>
   </bean>

   <bean id="defaultCASAuthenticationFilter" class="it.eng.api.alfresco.authentication.cas.CASAuthenticationFilterBean">
      <property name="configService">
         <ref bean="webClientConfigService" />
      </property>
   </bean>‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

Re: Alfresco 4.0d + CAS

afaust — Wed, 04 Jul 2012 14:15:33 GMT

Hello,

you cannot manually create the SecureContext - it is provided once the user has been authenticated. A SecureContext is also automatically set for operations you call in a runAsSystem context. Alternatively, when you use the service implementation beans instead of the public service beans (i.e. "authenticationService" instead of "AuthenticationService"), you don't need a SecureContext as this is only checked by the security interceptors.

In your case, I would choose to use runAsSystem since I think it would be inappropriate to use service implementation beans in this case (which would also circumvent transaction management, exception translation and auditing, which are all handled by the public service beans).

Regards
Axel

Re: Alfresco 4.0d + CAS

luca — Thu, 05 Jul 2012 09:22:13 GMT

More details on the error:

The exception is thrown when I call (username has the value of the user logged through CAS, and casTicket is the ticket given by the CAS like ST-355-RzBwnI0vgGRpKsZEfzzY-cas2 😞

AuthenticationHelper.setUser(context, req, username, casTicket, true);‍

Going deeper I see that the error is thrown inside the method AuthenticationHelper.createUser and in particular when it calls

 NodeRef homeRef = (NodeRef) nodeService.getProperty(personRef, ContentModel.PROP_HOMEFOLDER);‍

The property is successfull retrieved, but before returning it it is fired the MethodSecurityInterceptor which tells me that "A valid SecureContext was not provided in the RequestContext"

I have the user already authenticated by CAS and I have only the ticket, what do I have to use to log it in Alfresco? :?:

Re: Alfresco 4.0d + CAS

afaust — Thu, 05 Jul 2012 10:10:34 GMT

Hello,

the user is "only" authenticated by CAS - Alfresco does not know this yet. With your code, your attempting to tell Alfresco, but doing so involves access to some of the users data. As said before, I'd expect runAsSystem to be a big help…
On the other hand, looking at the code in AuthenticationHelper.createUser, I can't help but wonder why Alfresco users the unsecured "personService" but the secured "NodeService" (which is the cause of this behavior). I think in this case, the "nodeService" should be used instead of "NodeService", and you wouldn't need runAsSystem.

Regards
Axel

Re: Alfresco 4.0d + CAS

luca — Thu, 05 Jul 2012 15:44:52 GMT

Hi AFaust,
you were right and now I succesfully put the user in the session, but now I get another error because of the NavigationBean is not set correctly. I think I'm missing something else….

For now this is the things I do in my filter:

AuthenticationUtil.runAsSystem(new RunAsWork<Void>() {
      public Void doWork() throws Exception {
               
         AuthenticationHelper.setUser(contextF, reqF, usernameF, ticketF, true);

         AuthenticationHelper.setUsernameCookie(reqF, respF, usernameF);

         AuthenticationHelper.setupThread(contextF, reqF, respF, true);
      }}‍‍‍‍‍‍‍‍‍

And this is the stacktrace that I get:

javax.faces.FacesException: javax.faces.el.EvaluationException: Cannot get value for expression '#{NavigationBean.toolbarLocation}'
at org.apache.myfaces.context.servlet.ServletExternalContextImpl.dispatch(ServletExternalContextImpl.java:432)
at org.apache.myfaces.application.jsp.JspViewHandlerImpl.renderView(JspViewHandlerImpl.java:255)
at org.apache.myfaces.lifecycle.RenderResponseExecutor.execute(RenderResponseExecutor.java:41)
at org.apache.myfaces.lifecycle.LifecycleImpl.render(LifecycleImpl.java:146)
at javax.faces.webapp.FacesServlet.service(FacesServlet.java:147)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.alfresco.repo.web.filter.beans.SessionSynchronizedFilter.doFilter(SessionSynchronizedFilter.java:67)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at it.eng.api.alfresco.authentication.cas.CASAuthenticationFilterBean.doFilter(CASAuthenticationFilterBean.java:222)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.alfresco.repo.management.subsystems.ChainingSubsystemProxyFactory$1.invoke(ChainingSubsystemProxyFactory.java:116)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:202)
at $Proxy229.doFilter(Unknown Source)
at org.alfresco.repo.web.filter.beans.BeanProxyFilter.doFilter(BeanProxyFilter.java:82)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at edu.yale.its.tp.cas.client.filter.CASFilter.doFilter(CASFilter.java:401)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.alfresco.web.app.servlet.GlobalLocalizationFilter.doFilter(GlobalLocalizationFilter.java:58)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:470)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:298)
at org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:190)
at org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:291)
at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:774)
at org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:703)
at org.apache.jk.common.ChannelSocket$SocketConnection.runIt(ChannelSocket.java:896)
at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:690)
at java.lang.Thread.run(Thread.java:662)
Caused by: org.apache.jasper.JasperException: javax.faces.el.EvaluationException: Cannot get value for expression '#{NavigationBean.toolbarLocation}'
at org.apache.jasper.servlet.JspServletWrapper.handleJspException(JspServletWrapper.java:491)
at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:419)
at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:313)
at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:260)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:646)
at org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:436)
at org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:374)
at org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:302)
at org.apache.myfaces.context.servlet.ServletExternalContextImpl.dispatch(ServletExternalContextImpl.java:426)
… 41 more
Caused by: javax.faces.el.EvaluationException: Cannot get value for expression '#{NavigationBean.toolbarLocation}'
at org.apache.myfaces.el.ValueBindingImpl.getValue(ValueBindingImpl.java:405)
at javax.faces.component.UICommand.getValue(UICommand.java:223)
at org.alfresco.web.ui.common.renderer.ModeListRenderer.renderItem(ModeListRenderer.java:333)
at org.alfresco.web.ui.common.renderer.ModeListRenderer.encodeChildren(ModeListRenderer.java:268)
at javax.faces.component.UIComponentBase.encodeChildren(UIComponentBase.java:776)
at javax.faces.webapp.UIComponentTag.encodeChildren(UIComponentTag.java:663)
at javax.faces.webapp.UIComponentTag.doEndTag(UIComponentTag.java:544)
at org.apache.jsp.jsp.browse.browse_jsp._jspx_meth_a_005fmodeList_005f0(browse_jsp.java:1076)
at org.apache.jsp.jsp.browse.browse_jsp._jspService(browse_jsp.java:421)
at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:377)
… 51 more
Caused by: javax.faces.el.EvaluationException: Exception getting value of property toolbarLocation of base of type : org.alfresco.web.bean.NavigationBean
at org.apache.myfaces.el.PropertyResolverImpl.getValue(PropertyResolverImpl.java:99)
at org.apache.myfaces.el.ELParserHelper$MyPropertySuffix.evaluate(ELParserHelper.java:539)
at org.apache.commons.el.ComplexValue.evaluate(ComplexValue.java:145)
at org.apache.myfaces.el.ValueBindingImpl.getValue(ValueBindingImpl.java:386)
… 62 more
Caused by: javax.faces.el.EvaluationException: Bean: org.alfresco.web.bean.NavigationBean, property: toolbarLocation
at org.apache.myfaces.el.PropertyResolverImpl.getProperty(PropertyResolverImpl.java:463)
at org.apache.myfaces.el.PropertyResolverImpl.getValue(PropertyResolverImpl.java:85)
… 65 more
Caused by: java.lang.reflect.InvocationTargetException
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.apache.myfaces.el.PropertyResolverImpl.getProperty(PropertyResolverImpl.java:459)
… 66 more
Caused by: net.sf.acegisecurity.AuthenticationCredentialsNotFoundException: A valid SecureContext was not provided in the RequestContext
at net.sf.acegisecurity.intercept.AbstractSecurityInterceptor.credentialsNotFound(AbstractSecurityInterceptor.java:481)
at net.sf.acegisecurity.intercept.AbstractSecurityInterceptor.beforeInvocation(AbstractSecurityInterceptor.java:359)
at net.sf.acegisecurity.intercept.method.aopalliance.MethodSecurityInterceptor.invoke(MethodSecurityInterceptor.java:77)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at org.alfresco.repo.security.permissions.impl.ExceptionTranslatorMethodInterceptor.invoke(ExceptionTranslatorMethodInterceptor.java:46)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at org.alfresco.repo.audit.AuditMethodInterceptor.invoke(AuditMethodInterceptor.java:147)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at org.alfresco.repo.transaction.RetryingTransactionInterceptor$1.execute(RetryingTransactionInterceptor.java:69)
at org.alfresco.repo.transaction.RetryingTransactionHelper.doInTransaction(RetryingTransactionHelper.java:388)
at org.alfresco.repo.transaction.RetryingTransactionInterceptor.invoke(RetryingTransactionInterceptor.java:59)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:202)
at $Proxy8.getProperty(Unknown Source)
at org.alfresco.web.bean.repository.Preferences.getValue(Preferences.java:73)
at org.alfresco.web.bean.users.UserPreferencesBean.getStartLocation(UserPreferencesBean.java:263)
at org.alfresco.web.bean.NavigationBean.getToolbarLocation(NavigationBean.java:324)
… 71 more‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

Note that the cause of this stacktrace is "Caused by: net.sf.acegisecurity.AuthenticationCredentialsNotFoundException: A valid SecureContext was not provided in the RequestContext" :x

Re: Alfresco 4.0d + CAS

luca — Wed, 05 Sep 2012 15:43:25 GMT

Hi all,
I have to apologize with all who have lost time with this post, I was tryng to follow a wrong road because I started with what I did with an older version of Alfresco. ops: ops: ops:

If you follow the official wiki here (http://wiki.alfresco.com/wiki/Central_Authentication_Service_Configuration) you get it work! Now I am trying to use CAS to authenticate also with web service using the REST interface, I hope it will be easy…