Hi Lukas you're right, that page still contains some old information that corresponds to CAS 3.0.4. We'll try to update it as soon as possible.
If you're used to the ESUP package then you might want to try these: http://shib.kuleuven.be/download/idp/1.3/beta/ (docs aren't entirely up to date today, but they should be tomorrow evening: http://shib.kuleuven.be/docs/idp/install-idp-1.3-beta200608.shtml) The code in that package is based on CAS 3.0.5 with some additions that will appear in CAS 3.0.6. 3.0.6 is scheduled to support eg X.509 with LDAP lookup, but the package will provide you that now already. It also contains Shib, as you might like I think... I was supposed to take our 3.0.5 system live today -installed by that package-, but the new HttpClient in 3.0.5 doesn't like *. certificates which broke part of our setup so I had to postpone the upgrade until I find good solution for that. use "./install cas3" to get a running CAS3 package easily (you can keep using the genericHandler.xml if you want, but it's not my plan to keep supporting that). Examples are included, but they may be a little hidden still (docs of tomorrow will help you out in that area), have a look in ./install_files/casserverext/.../deployerConfigContext.xml It's a little getting used to Spring when you're coming from CAS2, but once you get used to it I'm sure you'll love CAS even better than before. If you find any problems or possible improvements while testing CAS then please file the a JIRA issue at http://www.ja-sig.org/issues/browse/CAS. [comments about the package are welcome at my personal address] ps: Tell Patrik the LDAP-AD problem has been fixed entirely from CAS 3.0.5, so there's no need to patch it again in this version ;). http://developer.ja-sig.org/source/browse/jasig/cas3/adaptors/ldap/src/main/java/org/jasig/cas/adaptors/ldap/AbstractLdapUsernamePasswordAuthenticationHandler.java?r=1.5 (look for setIgnorePartialResultException) -- Velpi (remember the Belgian visitors 1.5 years ago?) Lukas Haemmerle wrote: > I just tried to configure CAS 3.0.5 for client AuthN, but always got an > exception when deploying the war file. > > Can it be that there is an inconsistency on > http://www.ja-sig.org/products/cas/server/certs/index.html ? > > Instead of > > > <bean > class="org.jasig.cas.authentication.handler.support.X509CredentialsAuthenticationHandler"> > <property > name="trustedIssuer" > value="trustedIssuer" /> > </bean> > > > It probably should be > > > <bean > class="org.jasig.cas.adaptors.x509.authentication.handler.support.X509CredentialsAuthenticationHandler"> > <property > name="trustedIssuer" > value="trustedIssuer" /> > </bean> > > in the authenticationHandler section. > Moreover, it would help people if it was described in greater detail how > to configure the credentialsToPrincipalResolvers (or have I just looked > at the wrong places?). E.g. the complete code snippets could be provided > > <bean > class="org.jasig.cas.authentication.principal.X509CertificateCredentialsToDistinguishedNamePrincipalResolver" > /> > <bean > class="org.jasig.cas.authentication.principal.X509CertificateCredentialsToIdentifierPrincipalResolver" > > [probably some params....] > /> > > <bean > class="org.jasig.cas.adaptors.x509.authentication.principal.X509CertificateCredentialsToSerialNumberPrincipalResolver" > /> > > > This would have helped a CAS 3.0 newbie who was used to have a > dead-simple configuration like ESUP CAS :) > > Cheers > Lukas > > PS: Client AuthN still is not yet working as an alternate authentication > method to LDAP, but I'm getting closer :) > _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
