0

我正在使用 Cas 覆盖方法。有时我在进入 /cas/services/manage 时遇到问题。

" 访问被拒绝 UsernameNotFoundException::aaa "

有时它实际上让我进入。在 deployerConfigContext.xml 中,我声明了“aaa”用户。

<sec:user-service id="userDetailsService">
  <sec:user name="aaa" password="aaa" authorities="ROLE_ADMIN" />
</sec:user-service> 

什么可能导致这种不一致的行为?

显示身份验证正常的日志摘录

2013-07-31 11:53:05,332 INFO [org.jasig.cas.authentication.AuthenticationManagerImpl] -   <org.jasig.cas.authentication.handler.support.SimpleTestUsernamePasswordAuthenticationHandler successfully authenticated [username: aaa]>
2013-07-31 11:53:05,333 INFO [org.jasig.cas.authentication.AuthenticationManagerImpl] - <Resolved principal aaa>
2013-07-31 11:53:05,333 INFO [org.jasig.cas.authentication.AuthenticationManagerImpl] - <org.jasig.cas.authentication.handler.support.SimpleTestUsernamePasswordAuthenticationHandler@4b4bc1e authenticated aaa with credential [username: aaa].>
4

1 回答 1

0

This sounds like user aaa is not available in your Authentication Handler. The XML code you supplied just authorizes that user to use that service, it does not allow that user to authentication into CAS.

The inconsistency could be that your Authentication Handler (database/LDAP/in memory to name a few) is not available at the time of authentication.

于 2013-07-30T15:41:00.733 回答