Scott Battaglia wrote:
You should not be adding files to the our source trees (it just makes it really confusing for everyone involved ;-)). You should be defining them in your own modules. Maven is most likely pulling in the precompiled jars and not grabbing your changes.Our recommended method is for you to (1) define your own Maven2 project(2) Use the Maven2 WAR overlay method to pull in the default WAR (essentially declaring the WAR as a dependency to your project) (3) Placing the configuration files in the appropriate places within your project so they override the ones in the default WAR (4) Place your own source either in the src/main/java of your Maven2 project (or to make it a submodule). We actually just place them in src/main/java and don't bother with a submodule.We recommend this so that (a) you only keep your stuff in your company's CVS, SVN, etc. and (b) it makes upgrading easier as your source and configuration are separate from the CAS stuff.Hope that helps. Let me know if you need more details. We have some information on our Spring configuration, usage of Maven2, etc. here:http://www.ja-sig.org/wiki/display/CASUM/Overall+Architecture -Scott -Scott Battaglia PGP Public Key Id: 0x383733AA LinkedIn: http://www.linkedin.com/in/scottbattagliaOn Mon, Apr 20, 2009 at 11:10 AM, Andy Cowling <[email protected] <mailto:[email protected]>> wrote:When I try to "import" my new credentials class definition into the new sister class of "BindLdapAuthenticationHandler" (from step 4 below) the compiler throws as error that the class does not exist. Yet using the exact same import line (copy and pasted) in the credentials binder (step 2 below) works just fine. Why can't maven see the classes I added to the core when building external modules? Is there a way to see what class path maven is using? So far I did not change the maven config from the default that ships with cas 3.3.1. Cheers Andy On 15/04/2009 15:45, Marvin Addison wrote:I will assume that you want a login form that takes username/password and Tomcat is configured to request a client certificate for the CAS /login URI. (This is the only way I can imagine you're getting both the LDAP bind credentials and cert simultaneously.) Here is my recommendation for how to proceed: 1. Create a subclass of UsernamePasswordCredentials that contains both a username/password and the X509Certificate credential. 2. Create an instance of CredentialsBinder that creates your custom credentials class above. The binder has access to the HttpServletRequest, so you will have convenient access to the javax.servlet.request.X509Certificate attribute that contains any certificates. 3. Modify the authenticationViaFormAction bean in cas-servlet.xml: A. credentialsBinder=YourCredentialsBinder B. formObjectClass=YourUsernamePasswordCredentials 4. Create a subclass of BindLdapAuthenticationHandler that does both the LDAP bind and subsequent X.509 DN validation and register it to handle credentials of type UsernamePasswordCredentials. The LDAP bind handler should fire naturally since you are supplying an instance of UsernamePasswordCredentials (your custom class). You shouldn't need to modify the Webflow at all from the default since you don't want the x509Check action, which will short-circuit username/password handlers. Hope that helps, Marvin--Andy Cowling | UK Core IT Interactive Data Managed Solutions Ltd ------------------------------------------------------------------------------------------------------------------------------- Suite 1101, Eagle Tower | Montpellier Drive | Cheltenham GL50 1TA | UK Tel: +44 (0)1242 6941 15 | Fax: +44 (0)1242 6941 01 [email protected]<mailto:[email protected]> http://www.interactivedata-ms.com <http://www.interactivedata-ms.com/>This message (including any files transmitted with it) may contain confidential and/or proprietary information, is the property of Interactive Data Corporation and/or its subsidiaries, and is directed only to the addressee(s). If you are not the designated recipient or have reason to believe you received this message in error, please delete this message from your system and notify the sender immediately. An unintended recipient's disclosure, copying, distribution, or use of this message or any attachments is prohibited and may be unlawful. Interactive Data (Europe) Ltd Registered No. 949387 England Registered Office: Fitzroy House 13-17 Epworth Street. London. EC2A 4DL -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
-- *Andy Cowling | UK Platform Management* *Interactive Data Managed Solutions Ltd* ----------------------------------------------------------------------------------- Suite 1101, Eagle Tower | Montpellier Drive | Celtenham GL50 1TA | GL50 1LE Tel: +44 (0)1242 6941 15 | Fax: +44 (0)1242 6941 01 [email protected] http://www.interactivedata-ms.com/This message (including any files transmitted with it) may contain confidential and/or proprietary information, is the property of Interactive Data Corporation and/or its subsidiaries, and is directed only to the addressee(s). If you are not the designated recipient or have reason to believe you received this message in
error, please delete this message from your system and notify the sender immediately. An unintended recipient's disclosure, copying, distribution, or use of this message or any attachments is prohibited and may be unlawful.Interactive Data (Europe) Ltd Registered No. 949387 England Registered Office:
Fitzroy House 13-17 Epworth Street. London. EC2A 4DL
smime.p7s
Description: S/MIME Cryptographic Signature
