Hello,
i tried to do pre-authentication for my zimbra server so :
1. I install CAS Server (/opt/zimbra/webapps/cas-web) in the some machine zimbra
2. I add CAS Filter in my zimbra.web.xml.in :
------------------------------------------------------------------------
<filter>
<filter-name>CAS Filter</filter-name>
<filter-class>edu.yale.its.tp.cas.client.filter.CASFilter</filter-class>
<init-param>
<param-name>edu.yale.its.tp.cas.client.filter.loginUrl</param-name>
<param-value>https://teggoinfo.tp:8443/cas-web/login</param-value>
</init-param>
<init-param>
<param-name>edu.yale.its.tp.cas.client.filter.validateUrl </param-name>
<param-value>https://teggoinfo.tp:8443/cas-web/proxyValidate</param-value>
</init-param>
<init-param>
<param-name>edu.yale.its.tp.cas.client.filter.serverName</param-name>
<param-value>teggoinfo.tp:80</param-value>
</init-param>
</filter>

<filter-mapping>
<filter-name>CAS Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
----------------------------------------------------------------------------------------

3. I Configure my /opt/zimbra/tomcat/webapps/zimbra/preauth.jsp
----------------------------------------------------------------------------------------
<%@ page import="java.security.InvalidKeyException" %>

<%@ page import="java.security.NoSuchAlgorithmException" %>

<%@ page import="java.security.SecureRandom" %>

<%@ page import="java.util.HashMap" %>

<%@ page import="java.util.Map" %>

<%@ page import="java.util.Iterator" %>

<%@ page import="java.util.TreeSet" %>

<%@ page import="javax.crypto.Mac" %>

<%@ page import="javax.crypto.SecretKey" %>

<%!



public static final String DOMAIN_KEY = "2e8e64b8b1ae546ed139c3358bb5d0e9224be926bf8f5707d c94eeca31858632";




public static String generateRedirect(HttpServletRequest request, String name) {

HashMap params = new HashMap();

String ts = System.currentTimeMillis()+"";

params.put("account", name);

params.put("by", "name"); // needs to be part of hmac

params.put("timestamp", ts);

params.put("expires", "0"); // means use the default



String preAuth = computePreAuth(params, DOMAIN_KEY);

return request.getScheme()+"://"+request.getServerName()+":"+request.getServerPor t()+"/service/preauth/?" +

"account="+name+

"&by=name"+

"&timestamp="+ts+

"&expires=0"+

"&preauth="+preAuth;

}


public static String computePreAuth(Map params, String key) {

TreeSet names = new TreeSet(params.keySet());

StringBuffer sb = new StringBuffer();

for (Iterator it=names.iterator(); it.hasNext() {

if (sb.length() > 0) sb.append('|');

sb.append(params.get(it.next()));

}

return getHmac(sb.toString(), key.getBytes());

}



private static String getHmac(String data, byte[] key) {

try {

ByteKey bk = new ByteKey(key);

Mac mac = Mac.getInstance("HmacSHA1");

mac.init(bk);

return toHex(mac.doFinal(data.getBytes()));

} catch (NoSuchAlgorithmException e) {

throw new RuntimeException("fatal error", e);

} catch (InvalidKeyException e) {

throw new RuntimeException("fatal error", e);

}

}


static class ByteKey implements SecretKey {

private byte[] mKey;


ByteKey(byte[] key) {

mKey = (byte[]) key.clone();;

}


public byte[] getEncoded() {

return mKey;

}


public String getAlgorithm() {

return "HmacSHA1";

}


public String getFormat() {

return "RAW";
}

}


public static String toHex(byte[] data) {

StringBuilder sb = new StringBuilder(data.length * 2);

for (int i=0; i<data.length; i++ ) {

sb.append(hex[(data[i] & 0xf0) >>> 4]);

sb.append(hex[data[i] & 0x0f] );
}

return sb.toString();
}


private static final char[] hex =

{ '0' , '1' , '2' , '3' , '4' , '5' , '6' , '7' ,

'8' , '9' , 'a' , 'b' , 'c' , 'd' , 'e' , 'f'};
%><%

String redirect = generateRedirect(request, "admin@teggoinfo.tp");

response.sendRedirect(redirect);

%>

<html>

<head>

<title>Pre-auth redirect</title>

</head>

<body>


You should never see this page.


</body>

</html>



but the problem is when i want to test http://teggoinfo.tp/zimbra/preauth.jsp
i just have an empty page in my browser with the url: https://teggoinfo.tp:8443/cas-web/lo...%2Fpreauth.jsp

any help ?