Skip to content
CAS in the cloud LELEU Jérôme edited this page Aug 22, 2022 · 1 revision

OPTIONAL

If you use the pac4j AnonymousClient or no SecurityFilter at all, the user transmitted to Spring Security will be anonymous and the entry point will be called for protected URLs. So you can use the Pac4jEntryPoint with a specific client to start the login process with the corresponding identity provider:

<bean id="casEntryPoint" class="org.pac4j.springframework.security.web.Pac4jEntryPoint">
    <property name="config" ref="config" />
    <property name="clientName" value="CasClient" />
</bean>
<security:http pattern="/**" entry-point-ref="casEntryPoint">
    ...
    <security:intercept-url pattern="/cas/**" access="isAuthenticated()" />
</security:http>

or

http
.authorizeRequests()
    .antMatchers("/cas/**").authenticated()
    .anyRequest().permitAll()
.and()
.exceptionHandling().authenticationEntryPoint(new Pac4jEntryPoint(config, "CasClient"))
...
Clone this wiki locally