...
| Code Block |
|---|
svn export https://subversion.renater.fr/ssocashandler/trunk/ ssocas-login-handler cd ssocas-login-handler mvn package |
This will create the latest ssocas-login-handler-x.x.jar in the target/ directory.
Installation
The first step is to add the JAR (downloaded or obtained through the source code) into the library of your IdP's installation directory :
...
Modify the CAS client filters settings in $IDP_INSTALL_DIR/src/main/webapp/WEB-INF/web.xml (do not forget to modify the filter-mappings that were already defined):
Code Block language html/xml <!-- CAS Authentication Filter --> <filter> <filter-name>CAS Authentication Filter</filter-name> <filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class> <init-param> <param-name>casServerLoginUrl</param-name> <param-value>https://example.cas.server/cas/login</param-value> </init-param> </filter> <!-- CAS Validation Filter --> <filter> <filter-name>CAS Validation Filter</filter-name> <filter-class>org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter</filter-class> <init-param> <param-name>casServerUrlPrefix</param-name> <param-value>https://services-federation.renater.fr/cas</param-value> </init-param> </filter> <!-- CAS Authentication Filter - forceAuthn --> <filter> <filter-name>CAS Authentication Filter - forceAuthn</filter-name> <filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class> <init-param> <param-name>casServerLoginUrl</param-name> <param-value>https://example.cas.server/cas/login</param-value> </init-param> <init-param> <param-name>renew</param-name> <param-value>true</param-value> </init-param> </filter> <!-- CAS Validation Filter - forceAuthn --> <filter> <filter-name>CAS Validation Filter - forceAuthn</filter-name> <filter-class>org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter</filter-class> <init-param> <param-name>casServerUrlPrefix</param-name> <param-value>https://services-federation.renater.fr/cas</param-value> </init-param> <init-param> <param-name>renew</param-name> <param-value>true</param-value> </init-param> </filter> <!-- CAS HttpServletRequest Wrapper Filter --> <filter> <filter-name>CAS HttpServletRequest Wrapper Filter</filter-name> <filter-class>org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filter-class> </filter> <!-- CAS Assertion Thread Local Filter --> <filter> <filter-name>CAS Assertion Thread Local Filter</filter-name> <filter-class>org.jasig.cas.client.util.AssertionThreadLocalFilter</filter-class> </filter> <!-- CAS Filter for Shibb RemoteUser --> <filter-mapping> <filter-name>CAS Authentication Filter</filter-name> <url-pattern>/Authn/Cas/NoforceAuthn</url-pattern> <dispatcher>REQUEST</dispatcher> <dispatcher>FORWARD</dispatcher> </filter-mapping> <filter-mapping> <filter-name>CAS Validation Filter</filter-name> <url-pattern>/Authn/Cas/NoForceAuthn</url-pattern> </filter-mapping> <filter-mapping> <filter-name>CAS Authentication Filter - forceAuthn</filter-name> <url-pattern>/Authn/Cas/ForceAuthn</url-pattern> <dispatcher>REQUEST</dispatcher> <dispatcher>FORWARD</dispatcher> </filter-mapping> <filter-mapping> <filter-name>CAS Validation Filter - forceAuthn</filter-name> <url-pattern>/Authn/Cas/ForceAuthn</url-pattern> </filter-mapping> <filter-mapping> <filter-name>CAS HttpServletRequest Wrapper Filter</filter-name> <url-pattern>/Authn/Cas/*</url-pattern> </filter-mapping> <filter-mapping> <filter-name>CAS Assertion Thread Local Filter</filter-name> <url-pattern>/Authn/Cas/*</url-pattern> </filter-mapping>
Modify the remote user servlet mapping (still in this web.xml) :
Code Block language html/xml <servlet-mapping> <servlet-name>RemoteUserAuthHandler</servlet-name> <url-pattern>/Authn/Cas/*</url-pattern> </servlet-mapping>
...