Hi Lukas

you're right, that page still contains some old information that corresponds to 
CAS 3.0.4. We'll try to update it as soon as possible.

If you're used to the ESUP package then you might want to try these:
http://shib.kuleuven.be/download/idp/1.3/beta/
(docs aren't entirely up to date today, but they should be tomorrow evening: 
http://shib.kuleuven.be/docs/idp/install-idp-1.3-beta200608.shtml)
The code in that package is based on CAS 3.0.5 with some additions that will 
appear in CAS 3.0.6. 3.0.6 is scheduled to support eg X.509 with LDAP lookup, 
but the package will provide you that now already. It also contains Shib, as 
you 
might like I think...
I was supposed to take our 3.0.5 system live today -installed by that package-, 
but the new HttpClient in 3.0.5 doesn't like *. certificates which broke part 
of 
our setup so I had to postpone the upgrade until I find good solution for that.

use "./install cas3" to get a running CAS3 package easily (you can keep using 
the genericHandler.xml if you want, but it's not my plan to keep supporting 
that). Examples are included, but they may be a little hidden still (docs of 
tomorrow will help you out in that area), have a look in 
./install_files/casserverext/.../deployerConfigContext.xml

It's a little getting used to Spring when you're coming from CAS2, but once you 
get used to it I'm sure you'll love CAS even better than before.
If you find any problems or possible improvements while testing CAS then please 
file the a JIRA issue at http://www.ja-sig.org/issues/browse/CAS. [comments 
about the package are welcome at my personal address]


ps: Tell Patrik the LDAP-AD problem has been fixed entirely from CAS 3.0.5, so 
there's no need to patch it again in this version ;).
http://developer.ja-sig.org/source/browse/jasig/cas3/adaptors/ldap/src/main/java/org/jasig/cas/adaptors/ldap/AbstractLdapUsernamePasswordAuthenticationHandler.java?r=1.5
(look for setIgnorePartialResultException)


-- Velpi (remember the Belgian visitors 1.5 years ago?)



Lukas Haemmerle wrote:
> I just tried to configure CAS 3.0.5 for client AuthN, but always got an
> exception when deploying the war file.
> 
> Can it be that there is an inconsistency on
> http://www.ja-sig.org/products/cas/server/certs/index.html ?
> 
> Instead of
> 
> 
>       <bean
> class="org.jasig.cas.authentication.handler.support.X509CredentialsAuthenticationHandler">
>             <property
>                   name="trustedIssuer"
>                   value="trustedIssuer" />
>        </bean>
> 
> 
> It probably should be
> 
> 
>        <bean
> class="org.jasig.cas.adaptors.x509.authentication.handler.support.X509CredentialsAuthenticationHandler">
>                                         <property
>                                                 name="trustedIssuer"
>                                                 value="trustedIssuer" />
>                                 </bean>
> 
> in the authenticationHandler section.
> Moreover, it would help people if it was described in greater detail how
> to configure the credentialsToPrincipalResolvers (or have I just looked
> at the wrong places?). E.g. the complete code snippets could be provided
> 
> <bean
> class="org.jasig.cas.authentication.principal.X509CertificateCredentialsToDistinguishedNamePrincipalResolver"
> />
> <bean
> class="org.jasig.cas.authentication.principal.X509CertificateCredentialsToIdentifierPrincipalResolver"
> 
> [probably some params....]
> />
> 
> <bean
> class="org.jasig.cas.adaptors.x509.authentication.principal.X509CertificateCredentialsToSerialNumberPrincipalResolver"
> />
> 
> 
> This would have helped a CAS 3.0 newbie who was used to have a
> dead-simple configuration like ESUP CAS :)
> 
> Cheers
> Lukas
> 
> PS: Client AuthN still is not yet working as an alternate authentication
> method to LDAP, but I'm getting closer :)
> 
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas

Reply via email to