search

fcrespel / nexus-cas-plugin

Sonatype Nexus 2 plugin for Jasig/Apereo CAS (using its REST API).
7 stars 8 forks source link

CAS 4.0 authentication protocol #3

Open junaid1788 opened 9 years ago

junaid1788 commented 9 years ago

Hi,

Thanks a lot for providing this pulgin. Really appreciate it. :)

I was wondering which protocol I should use as the CAS validationProtocol. I know it says in the documentation as CAS or SAML. But I was confused as to how do I mention it in the plugin config file. Since I have CAS configured with openID protocol, I am not sure if I should write CAS or SAML in the config file.

Appreciate your help.

Thanks. J

I did some tinkering and was able to make the REST api of CAS work and then was able to configure the CAS authentication realm in the server settings. But it does not allow me to login with the usernames. I notched up the log level by putting a trace on CAS Authentication realm and found this. Dont know where to tinker now.

at java.net.AbstractPlainSocketImpl.doConnect(Unknown Source) ~[na:1.7.0_72] at java.net.AbstractPlainSocketImpl.connectToAddress(Unknown Source) ~[na:1.7.0_72] at java.net.AbstractPlainSocketImpl.connect(Unknown Source) ~[na:1.7.0_72] at java.net.PlainSocketImpl.connect(Unknown Source) ~[na:1.7.0_72] at java.net.SocksSocketImpl.connect(Unknown Source) ~[na:1.7.0_72] at java.net.Socket.connect(Unknown Source) ~[na:1.7.0_72] at sun.security.ssl.SSLSocketImpl.connect(Unknown Source) ~[na:1.7.0_72] at sun.net.NetworkClient.doConnect(Unknown Source) ~[na:1.7.0_72] at sun.net.www.http.HttpClient.openServer(Unknown Source) ~[na:1.7.0_72] at sun.net.www.http.HttpClient.openServer(Unknown Source) ~[na:1.7.0_72] at sun.net.www.protocol.https.HttpsClient.(Unknown Source) ~[na:1.7.0_72] at sun.net.www.protocol.https.HttpsClient.New(Unknown Source) ~[na:1.7.0_72] at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.getNewHttpClient(Unknown Source) ~[na:1.7.0_72] at sun.net.www.protocol.http.HttpURLConnection.plainConnect(Unknown Source) ~[na:1.7.0_72] at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source) ~[na:1.7.0_72] at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(Unknown Source) ~[na:1.7.0_72] at org.springframework.http.client.SimpleBufferingClientHttpRequest.executeInternal(SimpleBufferingClientHttpRequest.java:73) ~[na:na] at org.springframework.http.client.AbstractBufferingClientHttpRequest.executeInternal(AbstractBufferingClientHttpRequest.java:46) ~[na:na] at org.springframework.http.client.AbstractClientHttpRequest.execute(AbstractClientHttpRequest.java:49) ~[na:na] at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:438) ~[na:na] ... 73 common frames omitted 2015-04-27 20:57:00,765+0200 ERROR [qtp1013254397-49] *UNKNOWN org.sonatype.nexus.plugins.cas.CasAuthenticatingRealm - Error calling remote CAS REST Ticket API for user 'mshaikh' org.springframework.web.client.ResourceAccessException: I/O error: Connection refused: connect; nested exception is java.net.ConnectException: Connection refused: connect at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:453) ~[na:na] at org.springframework.web.client.RestTemplate.execute(RestTemplate.java:401) ~[na:na] at org.springframework.web.client.RestTemplate.postForLocation(RestTemplate.java:257) ~[na:na] at org.sonatype.nexus.plugins.cas.client.DefaultCasRestClient.createTicketGrantingTicket(DefaultCasRestClient.java:92) ~[na:na] at org.sonatype.nexus.plugins.cas.CasAuthenticatingRealm.doGetAuthenticationInfo(CasAuthenticatingRealm.java:100) ~[na:na] at org.apache.shiro.realm.AuthenticatingRealm.getAuthenticationInfo(AuthenticatingRealm.java:568) [shiro-core-1.2.3.jar:1.2.3] at org.sonatype.security.authentication.FirstSuccessfulModularRealmAuthenticator.doMultiRealmAuthentication(FirstSuccessfulModularRealmAuthenticator.java:55) [nexus-security-2.11.2-06.jar:2.11.2-06] at org.apache.shiro.authc.pam.ModularRealmAuthenticator.doAuthenticate(ModularRealmAuthenticator.java:269) [shiro-core-1.2.3.jar:1.2.3] at org.apache.shiro.authc.AbstractAuthenticator.authenticate(AbstractAuthenticator.java:198) [shiro-core-1.2.3.jar:1.2.3] at org.apache.shiro.mgt.AuthenticatingSecurityManager.authenticate(AuthenticatingSecurityManager.java:106) [shiro-core-1.2.3.jar:1.2.3] at org.apache.shiro.mgt.DefaultSecurityManager.login(DefaultSecurityManager.java:270) [shiro-core-1.2.3.jar:1.2.3] at org.apache.shiro.nexus.NexusWebSecurityManager.login(NexusWebSecurityManager.java:44) [nexus-security-2.11.2-06.jar:2.11.2-06] at org.apache.shiro.subject.support.DelegatingSubject.login(DelegatingSubject.java:256) [shiro-core-1.2.3.jar:1.2.3] at org.apache.shiro.web.filter.authc.AuthenticatingFilter.executeLogin(AuthenticatingFilter.java:53) [shiro-web-1.2.3.jar:1.2.3] at org.sonatype.nexus.security.filter.authc.NexusHttpAuthenticationFilter.onAccessDenied(NexusHttpAuthenticationFilter.java:151) [nexus-core-2.11.2-06.jar:2.11.2-06] at org.apache.shiro.web.filter.AccessControlFilter.onAccessDenied(AccessControlFilter.java:133) [shiro-web-1.2.3.jar:1.2.3] at org.apache.shiro.web.filter.AccessControlFilter.onPreHandle(AccessControlFilter.java:162) [shiro-web-1.2.3.jar:1.2.3] at org.apache.shiro.web.filter.PathMatchingFilter.isFilterChainContinued(PathMatchingFilter.java:203) [shiro-web-1.2.3.jar:1.2.3] at org.apache.shiro.web.filter.PathMatchingFilter.preHandle(PathMatchingFilter.java:178) [shiro-web-1.2.3.jar:1.2.3] at org.apache.shiro.web.servlet.AdviceFilter.doFilterInternal(AdviceFilter.java:131) [shiro-web-1.2.3.jar:1.2.3] at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125) [shiro-web-1.2.3.jar:1.2.3] at org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:66) [shiro-web-1.2.3.jar:1.2.3] at org.apache.shiro.web.servlet.AbstractShiroFilter.executeChain(AbstractShiroFilter.java:449) [shiro-web-1.2.3.jar:1.2.3] at org.sonatype.nexus.web.internal.SecurityFilter.executeChain(SecurityFilter.java:90) [nexus-core-2.11.2-06.jar:2.11.2-06] at org.apache.shiro.web.servlet.AbstractShiroFilter$1.call(AbstractShiroFilter.java:365) [shiro-web-1.2.3.jar:1.2.3] at org.apache.shiro.subject.support.SubjectCallable.doCall(SubjectCallable.java:90) [shiro-core-1.2.3.jar:1.2.3] at org.apache.shiro.subject.support.SubjectCallable.call(SubjectCallable.java:83) [shiro-core-1.2.3.jar:1.2.3] at org.apache.shiro.subject.support.DelegatingSubject.execute(DelegatingSubject.java:383) [shiro-core-1.2.3.jar:1.2.3] at org.apache.shiro.web.servlet.AbstractShiroFilter.doFilterInternal(AbstractShiroFilter.java:362) [shiro-web-1.2.3.jar:1.2.3] at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125) [shiro-web-1.2.3.jar:1.2.3] at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:82) [guice-servlet-3.1.10.jar:3.1.10] at com.google.inject.servlet.ManagedFilterPipeline.dispatch(ManagedFilterPipeline.java:120) [guice-servlet-3.1.10.jar:3.1.10] at org.sonatype.nexus.web.internal.NexusGuiceFilter$MultiFilterChain.doFilter(NexusGuiceFilter.java:82) [nexus-core-2.11.2-06.jar:2.11.2-06] at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:89) [guice-servlet-3.1.10.jar:3.1.10] at com.yammer.metrics.web.WebappMetricsFilter.doFilter(WebappMetricsFilter.java:76) [metrics-web-2.2.0.jar:na] at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:82) [guice-servlet-3.1.10.jar:3.1.10] at org.sonatype.nexus.web.internal.CommonHeadersFilter.doFilter(CommonHeadersFilter.java:69) [nexus-core-2.11.2-06.jar:2.11.2-06] at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:82) [guice-servlet-3.1.10.jar:3.1.10] at org.sonatype.nexus.web.internal.ErrorPageFilter.doFilter(ErrorPageFilter.java:71) [nexus-core-2.11.2-06.jar:2.11.2-06] at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:82) [guice-servlet-3.1.10.jar:3.1.10] at org.sonatype.nexus.web.internal.BaseUrlHolderFilter.doFilter(BaseUrlHolderFilter.java:70) [nexus-core-2.11.2-06.jar:2.11.2-06] at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:82) [guice-servlet-3.1.10.jar:3.1.10] at com.google.inject.servlet.ManagedFilterPipeline.dispatch(ManagedFilterPipeline.java:120) [guice-servlet-3.1.10.jar:3.1.10] at org.sonatype.nexus.web.internal.NexusGuiceFilter$MultiFilterChain.doFilter(NexusGuiceFilter.java:82) [nexus-core-2.11.2-06.jar:2.11.2-06] at org.sonatype.nexus.web.internal.NexusGuiceFilter$MultiFilterPipeline.dispatch(NexusGuiceFilter.java:56) [nexus-core-2.11.2-06.jar:2.11.2-06] at com.google.inject.servlet.GuiceFilter$1.call(GuiceFilter.java:132) [guice-servlet-3.1.10.jar:3.1.10] at com.google.inject.servlet.GuiceFilter$1.call(GuiceFilter.java:129) [guice-servlet-3.1.10.jar:3.1.10] at com.google.inject.servlet.GuiceFilter$Context.call(GuiceFilter.java:206) [guice-servlet-3.1.10.jar:3.1.10] at com.google.inject.servlet.GuiceFilter.doFilter(GuiceFilter.java:129) [guice-servlet-3.1.10.jar:3.1.10] at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1419) [jetty-servlet-8.1.11.v20130520.jar:8.1.11.v20130520] at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:455) [jetty-servlet-8.1.11.v20130520.jar:8.1.11.v20130520] at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:137) [jetty-server-8.1.11.v20130520.jar:8.1.11.v20130520] at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:557) [jetty-security-8.1.11.v20130520.jar:8.1.11.v20130520] at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:231) [jetty-server-8.1.11.v20130520.jar:8.1.11.v20130520] at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1075) [jetty-server-8.1.11.v20130520.jar:8.1.11.v20130520] at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:384) [jetty-servlet-8.1.11.v20130520.jar:8.1.11.v20130520] at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:193) [jetty-server-8.1.11.v20130520.jar:8.1.11.v20130520] at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1009) [jetty-server-8.1.11.v20130520.jar:8.1.11.v20130520] at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:135) [jetty-server-8.1.11.v20130520.jar:8.1.11.v20130520] at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116) [jetty-server-8.1.11.v20130520.jar:8.1.11.v20130520] at com.yammer.metrics.jetty.InstrumentedHandler.handle(InstrumentedHandler.java:200) [metrics-jetty-2.2.0.jar:na] at org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:154) [jetty-server-8.1.11.v20130520.jar:8.1.11.v20130520] at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116) [jetty-server-8.1.11.v20130520.jar:8.1.11.v20130520] at org.eclipse.jetty.server.Server.handle(Server.java:370) [jetty-server-8.1.11.v20130520.jar:8.1.11.v20130520] at org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:489) [jetty-server-8.1.11.v20130520.jar:8.1.11.v20130520] at org.eclipse.jetty.server.AbstractHttpConnection.headerComplete(AbstractHttpConnection.java:949) [jetty-server-8.1.11.v20130520.jar:8.1.11.v20130520] at org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.headerComplete(AbstractHttpConnection.java:1011) [jetty-server-8.1.11.v20130520.jar:8.1.11.v20130520] at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:644) [jetty-http-8.1.11.v20130520.jar:8.1.11.v20130520] at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:235) [jetty-http-8.1.11.v20130520.jar:8.1.11.v20130520] at org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82) [jetty-server-8.1.11.v20130520.jar:8.1.11.v20130520] at org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:668) [jetty-io-8.1.11.v20130520.jar:8.1.11.v20130520] at org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:52) [jetty-io-8.1.11.v20130520.jar:8.1.11.v20130520] at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:608) [jetty-util-8.1.11.v20130520.jar:8.1.11.v20130520] at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:543) [jetty-util-8.1.11.v20130520.jar:8.1.11.v20130520] at java.lang.Thread.run(Unknown Source) [na:1.7.0_72] Caused by: java.net.ConnectException: Connection refused: connect at java.net.TwoStacksPlainSocketImpl.socketConnect(Native Method) ~[na:1.7.0_72] at java.net.AbstractPlainSocketImpl.doConnect(Unknown Source) ~[na:1.7.0_72] at java.net.AbstractPlainSocketImpl.connectToAddress(Unknown Source) ~[na:1.7.0_72] at java.net.AbstractPlainSocketImpl.connect(Unknown Source) ~[na:1.7.0_72] at java.net.PlainSocketImpl.connect(Unknown Source) ~[na:1.7.0_72] at java.net.SocksSocketImpl.connect(Unknown Source) ~[na:1.7.0_72] at java.net.Socket.connect(Unknown Source) ~[na:1.7.0_72] at sun.security.ssl.SSLSocketImpl.connect(Unknown Source) ~[na:1.7.0_72] at sun.net.NetworkClient.doConnect(Unknown Source) ~[na:1.7.0_72] at sun.net.www.http.HttpClient.openServer(Unknown Source) ~[na:1.7.0_72] at sun.net.www.http.HttpClient.openServer(Unknown Source) ~[na:1.7.0_72] at sun.net.www.protocol.https.HttpsClient.(Unknown Source) ~[na:1.7.0_72] at sun.net.www.protocol.https.HttpsClient.New(Unknown Source) ~[na:1.7.0_72] at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.getNewHttpClient(Unknown Source) ~[na:1.7.0_72] at sun.net.www.protocol.http.HttpURLConnection.plainConnect(Unknown Source) ~[na:1.7.0_72] at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source) ~[na:1.7.0_72] at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(Unknown Source) ~[na:1.7.0_72] at org.springframework.http.client.SimpleBufferingClientHttpRequest.executeInternal(SimpleBufferingClientHttpRequest.java:73) ~[na:na] at org.springframework.http.client.AbstractBufferingClientHttpRequest.executeInternal(AbstractBufferingClientHttpRequest.java:46) ~[na:na] at org.springframework.http.client.AbstractClientHttpRequest.execute(AbstractClientHttpRequest.java:49) ~[na:na] at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:438) ~[na:na] ... 74 common frames omitted 2015-04-27 20:57:06,641+0200 ERROR [qtp1013254397-50] *UNKNOWN org.sonatype.nexus.plugins.cas.CasAuthenticatingRealm - Error calling remote CAS REST Ticket API for user 'admin' org.springframework.web.client.ResourceAccessException: I/O error: Connection refused: connect; nested exception is java.net.ConnectException: Connection refused: connect at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:453) ~[na:na] at org.springframework.web.client.RestTemplate.execute(RestTemplate.java:401) ~[na:na] at org.springframework.web.client.RestTemplate.postForLocation(RestTemplate.java:257) ~[na:na] at org.sonatype.nexus.plugins.cas.client.DefaultCasRestClient.createTicketGrantingTicket(DefaultCasRestClient.java:92) ~[na:na] at org.sonatype.nexus.plugins.cas.CasAuthenticatingRealm.doGetAuthenticationInfo(CasAuthenticatingRealm.java:100) ~[na:na] at org.apache.shiro.realm.AuthenticatingRealm.getAuthenticationInfo(AuthenticatingRealm.java:568) [shiro-core-1.2.3.jar:1.2.3] at org.sonatype.security.authentication.FirstSuccessfulModularRealmAuthenticator.doMultiRealmAuthentication(FirstSuccessfulModularRealmAuthenticator.java:55) [nexus-security-2.11.2-06.jar:2.11.2-06] at org.apache.shiro.authc.pam.ModularRealmAuthenticator.doAuthenticate(ModularRealmAuthenticator.java:269) [shiro-core-1.2.3.jar:1.2.3] at org.apache.shiro.authc.AbstractAuthenticator.authenticate(AbstractAuthenticator.java:198) [shiro-core-1.2.3.jar:1.2.3] at org.apache.shiro.mgt.AuthenticatingSecurityManager.authenticate(AuthenticatingSecurityManager.java:106) [shiro-core-1.2.3.jar:1.2.3] at org.apache.shiro.mgt.DefaultSecurityManager.login(DefaultSecurityManager.java:270) [shiro-core-1.2.3.jar:1.2.3] at org.apache.shiro.nexus.NexusWebSecurityManager.login(NexusWebSecurityManager.java:44) [nexus-security-2.11.2-06.jar:2.11.2-06] at org.apache.shiro.subject.support.DelegatingSubject.login(DelegatingSubject.java:256) [shiro-core-1.2.3.jar:1.2.3] at org.apache.shiro.web.filter.authc.AuthenticatingFilter.executeLogin(AuthenticatingFilter.java:53) [shiro-web-1.2.3.jar:1.2.3] at org.sonatype.nexus.security.filter.authc.NexusAuthenticationFilter.isAccessAllowed(NexusAuthenticationFilter.java:58) [nexus-core-2.11.2-06.jar:2.11.2-06] at org.apache.shiro.web.filter.AccessControlFilter.onPreHandle(AccessControlFilter.java:162) [shiro-web-1.2.3.jar:1.2.3] at org.apache.shiro.web.filter.PathMatchingFilter.isFilterChainContinued(PathMatchingFilter.java:203) [shiro-web-1.2.3.jar:1.2.3] at org.apache.shiro.web.filter.PathMatchingFilter.preHandle(PathMatchingFilter.java:178) [shiro-web-1.2.3.jar:1.2.3] at org.apache.shiro.web.servlet.AdviceFilter.doFilterInternal(AdviceFilter.java:131) [shiro-web-1.2.3.jar:1.2.3] at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125) [shiro-web-1.2.3.jar:1.2.3] at org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:66) [shiro-web-1.2.3.jar:1.2.3] at org.apache.shiro.web.servlet.AbstractShiroFilter.executeChain(AbstractShiroFilter.java:449) [shiro-web-1.2.3.jar:1.2.3] at org.sonatype.nexus.web.internal.SecurityFilter.executeChain(SecurityFilter.java:90) [nexus-core-2.11.2-06.jar:2.11.2-06] at org.apache.shiro.web.servlet.AbstractShiroFilter$1.call(AbstractShiroFilter.java:365) [shiro-web-1.2.3.jar:1.2.3] at org.apache.shiro.subject.support.SubjectCallable.doCall(SubjectCallable.java:90) [shiro-core-1.2.3.jar:1.2.3] at org.apache.shiro.subject.support.SubjectCallable.call(SubjectCallable.java:83) [shiro-core-1.2.3.jar:1.2.3] at org.apache.shiro.subject.support.DelegatingSubject.execute(DelegatingSubject.java:383) [shiro-core-1.2.3.jar:1.2.3] at org.apache.shiro.web.servlet.AbstractShiroFilter.doFilterInternal(AbstractShiroFilter.java:362) [shiro-web-1.2.3.jar:1.2.3] at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125) [shiro-web-1.2.3.jar:1.2.3] at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:82) [guice-servlet-3.1.10.jar:3.1.10] at com.google.inject.servlet.ManagedFilterPipeline.dispatch(ManagedFilterPipeline.java:120) [guice-servlet-3.1.10.jar:3.1.10] at org.sonatype.nexus.web.internal.NexusGuiceFilter$MultiFilterChain.doFilter(NexusGuiceFilter.java:82) [nexus-core-2.11.2-06.jar:2.11.2-06] at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:89) [guice-servlet-3.1.10.jar:3.1.10] at com.yammer.metrics.web.WebappMetricsFilter.doFilter(WebappMetricsFilter.java:76) [metrics-web-2.2.0.jar:na] at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:82) [guice-servlet-3.1.10.jar:3.1.10] at org.sonatype.nexus.web.internal.CommonHeadersFilter.doFilter(CommonHeadersFilter.java:69) [nexus-core-2.11.2-06.jar:2.11.2-06] at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:82) [guice-servlet-3.1.10.jar:3.1.10] at org.sonatype.nexus.web.internal.ErrorPageFilter.doFilter(ErrorPageFilter.java:71) [nexus-core-2.11.2-06.jar:2.11.2-06] at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:82) [guice-servlet-3.1.10.jar:3.1.10] at org.sonatype.nexus.web.internal.BaseUrlHolderFilter.doFilter(BaseUrlHolderFilter.java:70) [nexus-core-2.11.2-06.jar:2.11.2-06] at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:82) [guice-servlet-3.1.10.jar:3.1.10] at com.google.inject.servlet.ManagedFilterPipeline.dispatch(ManagedFilterPipeline.java:120) [guice-servlet-3.1.10.jar:3.1.10] at org.sonatype.nexus.web.internal.NexusGuiceFilter$MultiFilterChain.doFilter(NexusGuiceFilter.java:82) [nexus-core-2.11.2-06.jar:2.11.2-06] at org.sonatype.nexus.web.internal.NexusGuiceFilter$MultiFilterPipeline.dispatch(NexusGuiceFilter.java:56) [nexus-core-2.11.2-06.jar:2.11.2-06] at com.google.inject.servlet.GuiceFilter$1.call(GuiceFilter.java:132) [guice-servlet-3.1.10.jar:3.1.10] at com.google.inject.servlet.GuiceFilter$1.call(GuiceFilter.java:129) [guice-servlet-3.1.10.jar:3.1.10] at com.google.inject.servlet.GuiceFilter$Context.call(GuiceFilter.java:206) [guice-servlet-3.1.10.jar:3.1.10] at com.google.inject.servlet.GuiceFilter.doFilter(GuiceFilter.java:129) [guice-servlet-3.1.10.jar:3.1.10] at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1419) [jetty-servlet-8.1.11.v20130520.jar:8.1.11.v20130520] at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:455) [jetty-servlet-8.1.11.v20130520.jar:8.1.11.v20130520] at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:137) [jetty-server-8.1.11.v20130520.jar:8.1.11.v20130520] at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:557) [jetty-security-8.1.11.v20130520.jar:8.1.11.v20130520] at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:231) [jetty-server-8.1.11.v20130520.jar:8.1.11.v20130520] at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1075) [jetty-server-8.1.11.v20130520.jar:8.1.11.v20130520] at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:384) [jetty-servlet-8.1.11.v20130520.jar:8.1.11.v20130520] at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:193) [jetty-server-8.1.11.v20130520.jar:8.1.11.v20130520] at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1009) [jetty-server-8.1.11.v20130520.jar:8.1.11.v20130520] at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:135) [jetty-server-8.1.11.v20130520.jar:8.1.11.v20130520] at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116) [jetty-server-8.1.11.v20130520.jar:8.1.11.v20130520] at com.yammer.metrics.jetty.InstrumentedHandler.handle(InstrumentedHandler.java:200) [metrics-jetty-2.2.0.jar:na] at org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:154) [jetty-server-8.1.11.v20130520.jar:8.1.11.v20130520] at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116) [jetty-server-8.1.11.v20130520.jar:8.1.11.v20130520] at org.eclipse.jetty.server.Server.handle(Server.java:370) [jetty-server-8.1.11.v20130520.jar:8.1.11.v20130520] at org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:489) [jetty-server-8.1.11.v20130520.jar:8.1.11.v20130520] at org.eclipse.jetty.server.AbstractHttpConnection.headerComplete(AbstractHttpConnection.java:949) [jetty-server-8.1.11.v20130520.jar:8.1.11.v20130520] at org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.headerComplete(AbstractHttpConnection.java:1011) [jetty-server-8.1.11.v20130520.jar:8.1.11.v20130520] at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:644) [jetty-http-8.1.11.v20130520.jar:8.1.11.v20130520] at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:235) [jetty-http-8.1.11.v20130520.jar:8.1.11.v20130520] at org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82) [jetty-server-8.1.11.v20130520.jar:8.1.11.v20130520] at org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:668) [jetty-io-8.1.11.v20130520.jar:8.1.11.v20130520] at org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:52) [jetty-io-8.1.11.v20130520.jar:8.1.11.v20130520] at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:608) [jetty-util-8.1.11.v20130520.jar:8.1.11.v20130520] at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:543) [jetty-util-8.1.11.v20130520.jar:8.1.11.v20130520] at java.lang.Thread.run(Unknown Source) [na:1.7.0_72] Caused by: java.net.ConnectException: Connection refused: connect at java.net.TwoStacksPlainSocketImpl.socketConnect(Native Method) ~[na:1.7.0_72] at java.net.AbstractPlainSocketImpl.doConnect(Unknown Source) ~[na:1.7.0_72] at java.net.AbstractPlainSocketImpl.connectToAddress(Unknown Source) ~[na:1.7.0_72] at java.net.AbstractPlainSocketImpl.connect(Unknown Source) ~[na:1.7.0_72] at java.net.PlainSocketImpl.connect(Unknown Source) ~[na:1.7.0_72] at java.net.SocksSocketImpl.connect(Unknown Source) ~[na:1.7.0_72] at java.net.Socket.connect(Unknown Source) ~[na:1.7.0_72] at sun.security.ssl.SSLSocketImpl.connect(Unknown Source) ~[na:1.7.0_72] at sun.net.NetworkClient.doConnect(Unknown Source) ~[na:1.7.0_72] at sun.net.www.http.HttpClient.openServer(Unknown Source) ~[na:1.7.0_72] at sun.net.www.http.HttpClient.openServer(Unknown Source) ~[na:1.7.0_72] at sun.net.www.protocol.https.HttpsClient.(Unknown Source) ~[na:1.7.0_72] at sun.net.www.protocol.https.HttpsClient.New(Unknown Source) ~[na:1.7.0_72] at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.getNewHttpClient(Unknown Source) ~[na:1.7.0_72] at sun.net.www.protocol.http.HttpURLConnection.plainConnect(Unknown Source) ~[na:1.7.0_72] at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source) ~[na:1.7.0_72] at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(Unknown Source) ~[na:1.7.0_72] at org.springframework.http.client.SimpleBufferingClientHttpRequest.executeInternal(SimpleBufferingClientHttpRequest.java:73) ~[na:na] at org.springframework.http.client.AbstractBufferingClientHttpRequest.executeInternal(AbstractBufferingClientHttpRequest.java:46) ~[na:na] at org.springframework.http.client.AbstractClientHttpRequest.execute(AbstractClientHttpRequest.java:49) ~[na:na] at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:438) ~[na:na] ... 73 common frames omitted

fcrespel commented 9 years ago

Hello,

Thanks for using this plugin :-)

You should be able to use CAS or SAML in the cas-plugin.xml config file, no matter how you configured your CAS server, but personally I prefer SAML as it supports attributes out-of-box.

In your stack trace, you have this "I/O error: Connection refused: connect; nested exception is java.net.ConnectException: Connection refused: connect", which should mean that your Nexus server was unable to connect to your CAS server. First make sure you can ping the CAS server from the Nexus machine (if they are different) and connect to the CAS port e.g. with telnet.

Could you also please copy your cas-plugin.xml file here?

Thanks, Fabien.

junaid1788 commented 9 years ago

Dear Fabien,

Thanks a lot for the reply. sorry for the delayed response.

my cas-plugin.xml is as below:

<?xml version="1.0" encoding="UTF-8"?>

https://localhost:5555/cfgmgnt.cas.sso/ https://localhost:5555/cfgmgnt.cas.sso/v1/tickets/ http://localhost:8081/nexus/