Grouper Users - Open Discussion List

[Jonathan Keller <>]

I'm hoping this is a quick question for someone.  I am trying to get our local campus CAS authentication integrated with the Grouper UI.  I've been following the setup instructions here:

https://spaces.at.internet2.edu/display/Grouper/Authentication+to+the+Grouper+UI

And using the Tomcat web.xml version of the setup.

I have the redirect working, and the CAS servers are redirecting back.  Debug logging shows that the ticket validation is working - I can see my user ID coming back in the XML response from our servers.

However, the resulting user ID does not seem to be getting extracted into the servlet request by the HttpServletRequestWrapperFilter.  I've checked the code of that class, and it attempting to extract the assertion into the getRemoteUser() method of the request, which the above documentation says will be used by the Grouper UI.  However, I'm getting the (dreaded?) 

"You have an anonymous session since you are not logged in,..." message.

Given what I am seeing, it would appear that either the filter is not running, or is not instrumenting the servlet request which is executing the UI.  I'm hoping there is just some additional configuration that I'm missing.  My setup is pretty much like the documentation except for using these for the init params:

<init-param>

<param-name>casServerUrlPrefix</param-name>

<param-value>https://${casHost}/cas</param-value>

</init-param>

<init-param>

<param-name>service</param-name>

<param-value>${serverName}/grouper/</param-value>

</init-param>

I also upgraded to the Cas30ProxyReceivingTicketValidationFilter - but the problem existed with the 2.0 proxy as well.

Any help would be appreciated.

Thanks.

--

Jonathan Keller

Application Architect - Administrative IT