jasig cas server returning _cas_stateful_ as username with spring

Question

I'm trying to connect from a spring security application to a cas server. When I login in CAS, the request is redirected to my webapp but in my UserDetailsService I'm receiving _cas_stateful_ as the username and I cannot find my user in the webapp to load the permissions

Answer 1

The problem was the authenticationManager. As the documentation says, you must use CasAuthenticationProvider like this:

<beans:bean id="casAuthenticationProvider"
    class="org.springframework.security.cas.authentication.CasAuthenticationProvider">
    <beans:property name="authenticationUserDetailsService">
        <beans:bean
            class="org.springframework.security.core.userdetails.UserDetailsByNameServiceWrapper">
            <beans:constructor-arg ref="mongoUserDetailsService" />
        </beans:bean>
    </beans:property>
    <beans:property name="serviceProperties" ref="serviceProperties" />
    <beans:property name="ticketValidator">
        <beans:bean class="org.jasig.cas.client.validation.Cas20ServiceTicketValidator">
            <beans:constructor-arg index="0" value="https://localhost:7443/cas" />
        </beans:bean>
    </beans:property>
    <!-- Esta clave es única por aplicación -->
    <beans:property name="key" value="your-provider-auth" />
</beans:bean>

Then you must to set the casAuthenticationProvider to the authenticationManager:

<authentication-manager alias="authenticationManager">
    <!-- <authentication-provider user-service-ref='mongoUserDetailsService'/>  -->
    <authentication-provider ref="casAuthenticationProvider" />    
</authentication-manager>

As you can see, the custom mongoUserDetailsService is not assigned to the authenticationManager but the new casAuthenticationProvider, then we set the casAuthenticationProvider to the authenticationManager