Re: [Hypercontent-users] CASIFY Hypercontent - issue

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

On Oct 29, 2006, at 11:54 PM, tom tom wrote:

> Hi Alex,
> Thanks for the quick reply.
>
> I got the latest casclient.jar from svn which in
> /cas-support/ as part of the instructions I did copy
> this to the WEB-INF/lib directory.
>
> Currently I created a war file and deployed in Tomcat
> as Tomcat got other projects.

You may want to make sure that there is not a conflicting version of  
the casclient.jar in the tomcat shared or common lib.  The reason I  
am focussing on the classpath is because your log contains this error  
message:

javax.security.auth.login.LoginException: No LoginModules configured  
for HyperContent

This indicates that when CAS redirects back to HyperContent to  
process the authentication ticket, login is failing because somehow  
HC did not recognize the configuration in jaas.properties.  Since  
login is failing, the browser is being redirected back to CAS in an  
infinite loop.  The jaas.properties you sent looks fine to me, so I  
suspected the application might be having some difficulty finding the  
CASLoginModule.  However it could be the application is having a hard  
time finding the appropriate jaas.properties; JAAS relies on a system  
property "java.security.auth.login.config" to determine where to look  
up the jaas config file - if you have more than one webapp using JAAS  
in your container, this could theoretically cause a conflict.  Since  
you mentioned that you are also using JAAS to configure CAS, I wonder  
if this might be the issue.  One way to check would be to add your  
HyperContent JAAS configuration block to the jaas.properties you are  
using for CAS to see if it can pick up the configuration from there.

>
> Should I modify any other files like permissions.xml
> or groups.xml for the newly created project. I am only
> concern about the read access hence I am under the
> impression everything get inherted from the bootstrap
> project.

Permissions do not get inherited from the bootstrap, so you should  
grant read access in permissions.xml for your new project.

>
>
> Still am getting the same error. We are using CAS
> 3.0.3
>
> Let me know any other modifications required.
>
>
> In addition to the all of above just want to know
> whether this is possible in HC.
>
> In my newly created project can I give read access to
> everybody without authentication.
> That is student should be able to access/read internal
> page without. By default I guess it asks for the
> authentication details.

There is a special group "group:anybody" to which you can grant read  
access in order to enable unauthenticated reads.

>
> If we can do the above, we are just wondering do we
> really need SSO, because
>
> Due to the limitation of HC we cant have HC editing
> facility as WebProxy within uPortal. Due to this
> authers need to reenter their usernames and passwords
> again.
>
> Considering everything what we can really do is
> provide some webproxies for students (read only HC) so
> that they dont need to login but can retrieve data.
> And provide the content editing seperately (not
> withing uPortal). even if you provide maximum it may
> be a link in uPortal where authers might need to enter
> their credentials again.l

This is how both Columbia and Hull are using HC with uPortal at the  
moment - publishing web proxy channels, with links from the HC  
dashboard out to HC for editing.  With CAS working, though, the user  
will not have to login again when going from uPortal to HC.  I think  
the new portlet will open up some better integration possibilities,  
but certainly there are people today working successfully in a web  
proxied environment with the editing outside of the portal.

Cheers,
	Alex