Okay I think I solved my problem. I discovered that there was more than
one cas-client-core jar file in my cas lib directory. Once I removed it
I was able to authenticate successfully.
Now, I have one more question. How to test for clearPass correctly.
After I authenticate through cas I go to this url :
http://mycasserver/cas/clearPass but I get an error "No authentication
information provided". Am I testing this incorrectly? I think it's
working because the portlets that need the clearPass are working now but
just for peace of mind I wanted to test it through the clearPass url.
Thanks,
Laura
On 11/12/10 1:42 PM, Laura McCord wrote:
I have a uPortal 3.2.2 install and I removed the bundled cas server
and I am using an external 3.4.2 cas server now.
The problem that I am seeing is that when I click on the "Sign In with
CAS" button from uPortal I enter my username/password in cas and then
I'm redirected to uPortal's GUEST unauthenticated layout. I was able
to authenticate through cas before I made any changes so I can confirm
that it did work prior to any clearPass adjustments.
I can tell that when I change the
root.cas=org.jasig.cas3.extensions.clearpass.integration.uportal.PasswordCachingCasAssertionSecurityContextFactory
back to the original state I'm at least able to authenticate and I'm
given my authenticated uPortal layout, if that helps.
I'm not sure if I'm having a versioning issue. The modifications that
I have made are below.
Thank You,
Laura McCord
- In the uportal-source-directory/pom.xml I added the following
dependencies:
<casclient.version>3.1.12</casclient.version>
<cas-clearpass.version>1.0.5.GA</cas-clearpass.version>
<dependency>
<groupId>org.jasig.cas.client</groupId>
<artifactId>cas-client-core</artifactId>
<version>${casclient.version}</version>
</dependency>
<dependency>
<groupId>org.jasig.cas3.extensions</groupId>
<artifactId>clearpass-integration-uportal</artifactId>
<version>${cas-clearpass.version}</version>
</dependency>
-In uportal-impl/pom.xml
<!-- ===== Runtime Dependencies
======================================= -->
<dependency>
<groupId>org.jasig.cas3.extensions</groupId>
<artifactId>clearpass-integration-uportal</artifactId>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>org.jasig.cas.client</groupId>
<artifactId>cas-client-core</artifactId>
</dependency>
-In uportal-impl/src/main/resources/properties/security.properties
## This is the factory that supplies the concrete authentication
class
root=org.jasig.portal.security.provider.UnionSecurityContextFactory
root.cas=org.jasig.cas3.extensions.clearpass.integration.uportal.PasswordCachingCasAssertionSecurityContextFactory
#root.cas=org.jasig.portal.security.provider.cas.CasAssertionSecurityContextFactory
root.simple=org.jasig.portal.security.provider.SimpleSecurityContextFactory
## URL of the CAS cleartext password service
org.jasig.cas3.extensions.clearpass.integration.uportal.PasswordCachingCasAssertionSecurityContextFactory.clearPassCasUrl=https://myServer/cas/clearPass
-In
uportal-impl/src/main/resources/properties/context/portletContainerContext.xml
<bean id="cachedPasswordUserInfoService"
class="org.jasig.portal.portlet.container.services.CachedPasswordUserInfoService">
<property name="userInstanceManager" ref="userInstanceManager" />
<property name="portletWindowRegistry" ref="portletWindowRegistry" />
<property name="portletEntityRegistry" ref="portletEntityRegistry" />
<property name="portletDefinitionRegistry"
ref="portletDefinitionRegistry" />
<property name="portalRequestUtils" ref="portalRequestUtils" />
<property name="decryptPassword" value="false" />
</bean>
- In cas/pom.xml
<dependency>
<groupId>org.jasig.cas3.extensions</groupId>
<artifactId>clearpass-webapp</artifactId>
<version>1.0.5.GA</version>
<scope>runtime</scope>
<type>war</type>
</dependency>
-In cas/src/main/webapp/WEB-INF/deployerConfigContext.xml
<property name="authenticationMetaDataPopulators">
<list>
<bean
class="org.jasig.cas3.extensions.clearpass.CacheCredentialsMetaDataPopulator">
<constructor-arg index="0" ref="credentialsCache" />
</bean>
</list>
</property>
-In cas/src/main/webapp/WEB-INF/web.xml
<filter>
<filter-name>CAS Validation Filter</filter-name>
<filter-class>org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter</filter-class>
<init-param>
<param-name>casServerUrlPrefix</param-name>
<param-value>https:/mycas-server/cas</param-value>
</init-param>
<init-param>
<param-name>serverName</param-name>
<param-value>https://mycas-server</param-value>
</init-param>
<init-param>
<param-name>exceptionOnValidationFailure</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<param-name>allowedProxyChains</param-name>
<param-value>
https://my-portal-server/uPortal/CasProxyServlet
</param-value>
</init-param>
<init-param>
<param-name>useSession</param-name>
<param-value>false</param-value>
</init-param>
<init-param>
<param-name>redirectAfterValidation</param-name>
<param-value>false</param-value>
</init-param>
</filter>
<filter>
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
<filter-class>org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>CAS Validation Filter</filter-name>
<url-pattern>/clearPass</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
<url-pattern>/clearPass</url-pattern>
</filter-mapping>
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/clearPass</url-pattern>
</servlet-mapping>
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
