Uploaded image for project: 'CAS Server'
  1. CAS-1166

SPNEGO Error 401 html message cannot be customized

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 3.5.0
    • Fix Version/s: 4.0 RC2, 3.5.3
    • Component/s: SPNEGO
    • Labels:
      None
    • Environment:
      debian squeeze, Java 1.6.0_34, Tomcat 7.0.29, Active Directory 2008R2 as authentication source (ldap + kerberos)

      Description

      The SPNEGO logic leads CAS to send a 401 status with a WWW-Authenticate: Negotiate header to the client. Unfortunately, if the browser is Firefox and this browser is misconfigured (eg. network.negotiate-auth.trusted-uris preference does not refer to CAS server URL) the client remains stuck on tomcat's default error message.
      This message should be customizable, but actually, modifying web.xml is not sufficient.

      I've tested one modification in class org.jasig.cas.support.spnego.web.flow.SpnegoNegociateCredentialsAction where sending 401 status code is done on line 82 by :

      response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);

      replaced by :

      try

      { response.sendError(HttpServletResponse.SC_UNAUTHORIZED); }

      catch (IOException e)

      { response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); }

      I got a half success :

      • If error page uses session : it fails with "cas unavailable"
      • If error page does not use session, the first call shows "cas unavailable", and next calls show the right error page.

      I suspect nasty things between response.sendError() and context.getExternalContext().recordResponseComplete() calls.

        Attachments

          Issue links

            Activity

              People

              • Assignee:
                jgasper John Gasper
                Reporter:
                pmarasse Philippe Marasse
              • Votes:
                3 Vote for this issue
                Watchers:
                8 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: