sábado, 5 de octubre de 2013

How to configure JAAS to use CASClient authentification

Esta información la recupere de un foro me ayudo cuando se me presento el mismo problema.
The order of my filters was exactly what was wrong. I now have this working!
For future reference for anyone else who needs to do this - here's the basic code you should need to get it working. I had success with this on Ubuntu 10.04.1 (64-bit), Tomcat 6, Oracle JDK 1.6.0_20, Bonita 5.3, Cas server 3.4.3 and Cas client 3.1.12 
web.xml


    CAS Authentication Filter
    org.jasig.cas.client.authentication.AuthenticationFilter
    
        casServerLoginUrl
        http://cashost:8080/cas/login
    
    
        service
        http://bonitahost:8080/bonita/
    
    
        serverName
        http://bonitahost:8080
    


    CAS Validation Filter
    org.jasig.cas.client.validation.Cas10TicketValidationFilter
    
        casServerUrlPrefix
        http://cashost:8080/cas
    
    
        serverName
        http://bonitahost:8080
    


    CAS HttpServletRequest Wrapper Filter
    org.jasig.cas.client.util.HttpServletRequestWrapperFilter


    CAS Web Authentication Filter
    
    org.jasig.cas.client.tomcat.authentication.WebAuthenticationFilter
    
        service
        http://bonitahost:8080/bonita/
    
    
        serverName
        http://bonitahost:8080
    


    CAS Authentication Filter
    /*


    CAS Validation Filter
    /*


    CAS HttpServletRequest Wrapper Filter
    /*


    CAS Web Authentication Filter
    /*
jaas-standard.cfg 
BonitaAuth {
    org.jasig.cas.client.jaas.CasLoginModule required
    ticketValidatorClass="org.jasig.cas.client.validation.Cas10TicketValidator"
    casServerUrlPrefix="http://cashost:8080/cas"
    service="http://bonitahost:8080/bonita"
};
WebAuthenticationFilter.java (Requires cas-client-core-3.1.12.jar, commons-logging-1.1.jar, security-server-5.3.jar, servlet-api-6.0.29.jar) 
public class WebAuthenticationFilter extends AbstractCasFilter {
  
    @Override
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain chain) throws IOException, ServletException {

        HttpServletRequest request = (HttpServletRequest)servletRequset;
        HttpSession session = request.getSession();

        CredentialsEncryptionAPIImpl credEncAPI = CredentialsEncryptionAPIImpl.getInstance();
        String username = request.getRemoteUser();

        String encryptedCredentials = credEncAPI.encryptCredential(username);

        session.setAttribtue(LoginServlet.USER_CREDENTIALS_SESSION_PARAM_KEY, encryptedCredentials);

        chain.doFilter(servletRequset, servletResponse);
    }
}
Publicado por en
Etiquetas: ,

No hay comentarios:

Publicar un comentario

Suscribirse a: Enviar comentarios (Atom)