CAS SSO with Spring Security and Angular - Redirect Loop

Question

I'm working on getting CAS SSO implemented on my spring boot app with spring security. The Angular static files are being served on the same tomcat server. When I try to navigate to my app, I get stuck in a redirect loop. It's like CAS doesn't know where to return after logging in. Here is the example I followed:

https://www.baeldung.com/spring-security-cas-sso

If I put a .permitAll, my app works (because it just skips over CAS altogether.) So the app is working, and CAS looks like it works, but never gets back to the page requested. Any tips?

Thanks!

dlemp dlemp · Accepted Answer · 2020-10-21T20:07:26

Figured it out! Turns out I needed to permit the /login/cas url, and then secure the rest. Looked something like this:

@Override
protected void configure(HttpSecurity http) throws Exception {
    http
      .antMatcher("/login/cas")
      .permitAll()
      .antMatcher("/**")
      .authenticated()
      ...
      ;
}

CAS SSO with Spring Security and Angular - Redirect Loop

1 Answers