Yeah, I think that should work. I've done it once or twice for a web application. You'll have to bring in the CAS Servlet filter to do it. Pretty much everything of mine is using Apache Shiro for security, so I'm not very familiar with the servlet based security constraints. https://github.com/apereo/java-cas-client/blob/master/README.md
On 11/21/19 1:00 AM, Steve Cheung wrote: Hi Richard, Thanks for your clarification. I think it is ok to use the cas login page for the login. However, Is it still possible to preserve the security-constraint setting in the web.xml? Or you have any recommendation how to integrate this web app with CAS? Thanks, Steve On Wednesday, 20 November 2019 23:54:39 UTC+8, richard.frovarp wrote: The point of doing federated authentication is that you don't login through the application anymore. So you no longer need the login form. It becomes a button like all of the login with Facebook, Google, Twitter, etc options you see on a variety of sites. On 11/20/19 3:10 AM, Steve Cheung wrote: Hi all, I search around the Java-Cas-Client readme and it said CAS supporting JAAS. However, I really cant find much detail on how to configure it on my web application. https://github.com/apereo/java-cas-client/blob/master/README.md I wanna keep the form based login in my web app and using the CAS backend as authentication service. Anyone has experience or useful link for me? For example, in web.xml, only the user with admin role is able to access the /admin page <security-constraint> <web-resource-collection> <web-resource-name>Admin</web-resource-name> <url-pattern>/admin/*</url-pattern> </web-resource-collection> <auth-constraint> <role-name>admin</role-name> </auth-constraint> </security-constraint> <security-role> <role-name>admin</role-name> </security-role> <login-config> <auth-method>FORM</auth-method> <form-login-config> <form-login-page>/login.html</form-login-page> <form-error-page>/error.html</form-error-page> </form-login-config> </login-config> Many thanks, Steve -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]<javascript:>. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/22c195a6-be47-443a-9652-c2dc3270c0b2%40apereo.org<https://groups.google.com/a/apereo.org/d/msgid/cas-user/22c195a6-be47-443a-9652-c2dc3270c0b2%40apereo.org?utm_medium=email&utm_source=footer>. -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]<mailto:[email protected]>. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/6f3ce0a9-1fed-4bf2-85bf-fd7b6a83cc54%40apereo.org<https://groups.google.com/a/apereo.org/d/msgid/cas-user/6f3ce0a9-1fed-4bf2-85bf-fd7b6a83cc54%40apereo.org?utm_medium=email&utm_source=footer>. -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/24286f7c-aa10-8d69-9830-62e5635b7903%40ndsu.edu.
