Yes, your client and server will be communicating over CAS 2 protocol. As for CAS3, there were no authentication protocol changes between CAS2 and CAS3. There were some additions including Single Sign Out, SAML2, etc. So you should be good until some special need comes up!
On 7/31/08 2:11 PM, "Alex Johnson" <[EMAIL PROTECTED]> wrote: > Hi Andrew, > > Yes, I miss a jar file in /WEB-INF/lib/ directory. Now it's working . Once I > am using Cas20ProxyReceivingTicketValidationFilter in my web.xml and my > application B is up and running, I am in CAS 2 architecture, right? I want to > make sure. I' ve also heard that you have CAS 3, CAS 3 means SAML 1.1?? How > can I upgrade CAS 2 to CAS 3? > > > Thank you so much for your help. > > Alex > > > > > > Date: Thu, 31 Jul 2008 11:07:00 -0500 > Subject: Re: CAS basic questions > From: [EMAIL PROTECTED] > To: [EMAIL PROTECTED]; [email protected] > >> Alex, >> >> It sounds like you didn¹t get all of the necessary JARs from the CAS Client >> 3.1.1 release. Make sure to copy the following JARs from the CAS Client >> 3.1.1 release into your application¹s /WEB-INF/lib/ directory: >> >> * cas-client-core-3.1.1.jar >> * commons-logging-1.1.jar >> * xmlsec-1.3.0.jar >> >> In configuring the validation filter, you noted a common obstacle for people: >> the serverName and casServerUrlPrefix parameters. The serverName parameter >> tells the CAS client, ³This is the URL of the application server I am >> protecting; this will be used when requesting and validating service >> tickets². The casServerUrlPrefix parameter tells the CAS client, ³This is >> the CAS server I will refer unauthenticated users to and validate service >> tickets against². >> >> HTH, >> A- >> >> >> >> >> >> From: [EMAIL PROTECTED] <http://[EMAIL PROTECTED]> >> To: [email protected] <http://[email protected]> >> Subject: RE: CAS basic questions >> Date: Wed, 30 Jul 2008 21:17:18 +0000 >> >> Hi, >> >> Thank you for all the help. >> >> My CAS 1 for application B is working but I want to upgrade application B to >> CAS 2 configuration >> Here is what I did >> (1). I downloaded cas-client-3.1.1 and extracted it to C:\, then I copied >> cas-client-core-3.1.1.jar from C:\cas-client-3.1.1\modules to my application >> B's WEB-INF\lib >> I want to know if I copy the right file "cas-client-core-3.1.1.jar" to the >> right place? >> (2). I modified the filters in web.xml like below for application B >> >> ..... >> <filter> >> <filter-name>CAS Authentication Filter</filter-name> >> >> <filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filte >> r-class> >> <init-param> >> <param-name>casServerLoginUrl</param-name> >> <param-value>https://myhost.mycompany:8443/cas/login</param-value> >> <https://myhost.mycompany:8443/cas/login%3C/param-value%3E> >> </init-param> >> <init-param> >> <param-name>service</param-name> >> >> <param-value>http://myhost.mycompany:8080/testme/test.jsp</param-value> >> <http://myhost.mycompany:8080/testme/test.jsp%3C/param-value%3E> >> </init-param> >> <init-param> >> <param-name>serverName</param-name> >> <param-value>myhost.mycompany:8080</param-value> >> </init-param> >> >> </filter> >> >> >> <filter> >> <filter-name>CAS Validation Filter</filter-name> >> <filter-class>org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValida >> tionFilter</filter-class> >> <init-param> >> <param-name>casServerUrlPrefix</param-name> >> <param-value>https://myhost.mycompany:8443/cas</param-value> >> <https://myhost.mycompany:8443/cas%3C/param-value%3E> >> </init-param> >> <init-param> >> <param-name>serverName</param-name> >> <param-value>" target=_blank>http://myhost.mycompany:8080</param-value> >> <http://myhost.mycompany:8080> >> </init-param> >> </filter> >> >> <filter> >> <filter-name>CAS HttpServletRequest Wrapper Filter</filter-name> >> >> <filter-class>org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filt >> er-class> >> </filter> >> >> <filter-mapping> >> <filter-name>CAS Authentication Filter</filter-name> >> <url-pattern>/*</url-pattern> >> </filter-mapping> >> >> <filter-mapping> >> <filter-name>CAS Validation Filter</filter-name> >> <url-pattern>/*</url-pattern> >> </filter-mapping> >> >> <filter-mapping> >> <filter-name>CAS HttpServletRequest Wrapper Filter</filter-name> >> <url-pattern>/*</url-pattern> >> </filter-mapping> >> ...... >> >> After I re-start the Tomcat and run the application B again, I have the >> following error message >> >> ... >> *exception* >> >> java.lang.RuntimeException: Unable to create XMLReader >> org.jasig.cas.client.util.XmlUtils.getXmlReader(XmlUtils.java:44) >> org.jasig.cas.client.util.XmlUtils.getTextForElement(XmlUtils.java:116) >> >> org.jasig.cas.client.validation.Cas20ServiceTicketValidator.parseResponseFrom >> Server(Cas20ServiceTicketValidator.java:61) >> >> org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(Abst >> ractUrlBasedTicketValidator.java:165) >> >> org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(Abstr >> actTicketValidationFilter.java:129) >> >> org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(Authenticat >> ionFilter.java:103) >> .... >> >> Do you know what it's wrong? >> >> My questions are >> 1. I downloaded the right cas client and put it to the right place? >> 2. my cas filters above are correct in web.xml? >> 3. In CAS 1, I use "<param-name>casUrlServerPrefix</param-name>", it works. >> But your website for CAS20 is "<param-name>casServerUrlPrefix</param-name>". >> After I replaced my CAS 1's "casUrlServerPrefix" to "casServerUrlPrefix", my >> application B in CAS 1 doesn't work. So, is it a spelling error in your site? >> 4. In your website for CAS 20, you have >> >> <filter> >> <filter-name>CAS Validation Filter</filter-name> >> <filter-class>org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValida >> tionFilter</filter-class> >> <init-param> >> <param-name>casServerUrlPrefix</param-name> >> <param-value>https://battags.ad.ess.rutgers.edu:8443/cas</param-value> >> <https://battags.ad.ess.rutgers.edu:8443/cas%3C/param-value%3E> >> </init-param> >> <init-param> >> <param-name>serverName</param-name> >> <param-value>http://www.acme-client.com</param-value> >> <http://www.acme-client.com%3c/param-value%3E> >> </init-param> >> </filter> >> >> I got confused that the value of "serverNameserverName" is so different to >> the value of "casServerUrlPrefix" >> Why? Can you explain a bit more? What I think the value of "serverName" >> should be something like "http://battags.ad.ess.rutgers.edu >> <http://battags.ad.ess.rutgers.edu/> " or >> "http://battags.ad.ess.rutgers.edu:8080 >> <http://battags.ad.ess.rutgers.edu:8080/> " >> >> >> Thanks, >> >> >> Alex >> >> >> >> >> >> >> Date: Wed, 30 Jul 2008 12:13:57 -0500 >> Subject: Re: CAS basic questions >> From: [EMAIL PROTECTED] <http://[EMAIL PROTECTED]> >> To: [EMAIL PROTECTED] >> <http://[EMAIL PROTECTED]> ; [email protected] >> <http://[email protected]> >> >> Alex, >> >> Firstly, here are some useful URLs in the JA-SIG wiki documentation: >> >> JA-SIG CAS Client Home >> http://www.ja-sig.org/wiki/display/CASC/ >> >> JA-SIG CAS 3.1 client >> http://www.ja-sig.org/wiki/display/CASC/Configuring+the+JA-SIG+CAS+Client+for >> +Java+in+the+web.xml >> >> Yale CAS client >> http://www.ja-sig.org/wiki/display/CASC/Yale+Java+Client >> >> For ³Hello World², you are using CAS 2.0 due to the /serviceValidate servlet >> for the edu.yale.its.tp.cas.client.filter.validateUrl >> For application B, you are using CAS 1.0 due to Cas10TicketValidationFilter >> filter >> >> If you want to use CAS 2.0 with application B, which is using the JA-SIG CAS >> client, then you will need to switch the validation filter to use the >> org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter as >> found on the JA-SIG CAS 3.1 client link above. >> >> HTH, >> A- >> >> >> On 7/30/08 11:50 AM, "Alex Johnson" <[EMAIL PROTECTED] >> <http://[EMAIL PROTECTED]> <http://hotmail.com/> > wrote: >> >>> >>> Hi, >>> >>> Thank you for your quick answer. I want to ask a bit more about this. I want >>> to know which CAS architecture ( CAS1 or CAS2) I am using in my setting. >>> >>> For "Hello World" application, the setting is exactly like the demo, and the >>> web.xml is like below, the same as demo >>> >>> ..... >>> <filter> >>> <filter-name>CAS Filter</filter-name> >>> <filter-class>edu.yale.its.tp.cas.client.filter.CASFilter</filter-class> >>> <init-param> >>> <param-name>edu.yale.its.tp.cas.client.filter.loginUrl</param-name> >>> <param-value>https://compA:8443/cas/login</param-value> >>> <https://compa:8443/cas/login%3C/param-value%3E> >>> <https://compa:8443/cas/login%3C/param-value%3E> >>> </init-param> >>> <init-param> >>> <param-name>edu.yale.its.tp.cas.client.filter.validateUrl</param-name> >>> <param-value>https://compA:8443/cas/serviceValidate</param-value> >>> <https://compa:8443/cas/serviceValidate%3C/param-value%3E> >>> <https://compa:8443/cas/serviceValidate%3C/param-value%3E> >>> </init-param> >>> <init-param> >>> <param-name>edu.yale.its.tp.cas.client.filter.serverName</param-name> >>> <param-value>compA:8080</param-value> >>> </init-param> >>> </filter> >>> >>> <filter-mapping> >>> <filter-name>CAS Filter</filter-name> >>> <url-pattern>/servlet/HelloWorldExample</url-pattern> >>> </filter-mapping> >>> ..... >>> For the application B, in web.xml, it's like below >>> >>> ..... >>> <filter> >>> <filter-name>CAS Authentication Filter</filter-name> >>> >>> <filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filt >>> er-class> >>> <init-param> >>> <param-name>casServerLoginUrl</param-name> >>> <param-value>https://compA:8443/cas/login</param-value> >>> <https://compa:8443/cas/login%3C/param-value%3E> >>> <https://compa:8443/cas/login%3C/param-value%3E> >>> </init-param> >>> <init-param> >>> <param-name>service</param-name> >>> <param-value>http://compA:8080/testme/test.jsp</param-value> >>> <http://compa:8080/testme/test.jsp%3C/param-value%3E> >>> <http://compa:8080/testme/test.jsp%3C/param-value%3E> >>> </init-param> >>> <init-param> >>> <param-name>serverName</param-name> >>> <param-value>compA:8080</param-value> >>> </init-param> >>> </filter> >>> >>> <filter> >>> <filter-name>CAS Validation Filter</filter-name> >>> >>> <filter-class>org.jasig.cas.client.validation.Cas10TicketValidationFilter</f >>> ilter-class> >>> <init-param> >>> <param-name>casUrlServerPrefix</param-name> >>> <param-value>https://compA:8443/cas</param-value> >>> <https://compa:8443/cas%3C/param-value%3E> >>> <https://compa:8443/cas%3C/param-value%3E> >>> </init-param> >>> <init-param> >>> <param-name>serverName</param-name> >>> <param-value>compA:8080</param-value> >>> </init-param> >>> </filter> >>> >>> <filter> >>> <filter-name>CAS HttpServletRequest Wrapper Filter</filter-name> >>> >>> <filter-class>org.jasig.cas.client.util.HttpServletRequestWrapperFilter</fil >>> ter-class> >>> </filter> >>> >>> <filter-mapping> >>> <filter-name>CAS Authentication Filter</filter-name> >>> <url-pattern>/*</url-pattern> >>> </filter-mapping> >>> >>> <filter-mapping> >>> <filter-name>CAS Validation Filter</filter-name> >>> <url-pattern>/*</url-pattern> >>> </filter-mapping> >>> >>> <filter-mapping> >>> <filter-name>CAS HttpServletRequest Wrapper Filter</filter-name> >>> <url-pattern>/*</url-pattern> >>> </filter-mapping> >>> ...... >>> >>> So, based on above, am I using CAS 1 configuration or CAS 2 configuration >>> for both applications-"Hello World" and B? Also, determine if using CAS 1 >>> or CAS 2, it's based on the setting in web.xml? >>> >>> If I am using CAS 1, how can I change above (web.xml) to become CAS 2? >>> >>> Sorry for all the silly questions. >>> >>> Thanks, >>> >>> >>> Alex >>> >>> >>> >>> >>> >>> >>> Date: Wed, 30 Jul 2008 11:29:11 -0400 >>> From: [EMAIL PROTECTED] <http://[EMAIL PROTECTED]> >>> <http://gmail.com/> >>> To: [EMAIL PROTECTED] >>> <http://[EMAIL PROTECTED]> >>> <http://louisfashionhouse.com/> ; [email protected] >>> <http://[email protected]> <http://tp.its.yale.edu/> >>> Subject: Re: CAS basic questions >>> >>> >>> On Wed, Jul 30, 2008 at 11:02 AM, Alex Johnson <[EMAIL PROTECTED] >>> <http://[EMAIL PROTECTED]> <http://hotmail.com/> > wrote: >>>> Hi, >>>> >>>> I am a newbie here. I follow the link >>>> http://www.ja-sig.org/wiki/display/CASUM/Demo >>>> to set up CAS on the following envirment. >>>> >>>> Windows XP >>>> Tomcat 5.5.23 >>>> CAS client 2.1.1 >>>> CAS 3.2.1 >>>> >>>> my http://mymachinename:8080/servlets-examples/servlet/HelloWorldExample >>>> <http://mymachinename:8080/servlets-examples/servlet/HelloWorldExample> >>>> works. It is redirected to CAS login page. After I input login, it is >>>> redirected back to open "Hello World" >>>> Then I go a step forward to put another simple Java application (B) into >>>> Tomcat and pointed to the same CAS. It works too. I can open "Hello World" >>>> application and no need to login CAS again to open another application (B), >>>> or After I login into B, I don't need to login into CAS again for "Hello >>>> World" application >>>> >>>> My question is >>>> >>>> 1. After I make these work, am I in CAS 1 or CAS 2? >>> Well you're running CAS 3.2.1 and utilizing either the CAS1 or CAS2 >>> protocol, depending on how you've configured your CAS client. >>>> >>>> 2. I am using CAS client 2.1.1 or CAS server 3.2.1, does it mean I am using >>>> CAS 2? >>> >>> Using CAS 3.2.1 you have the optional of three protocols: CAS1, CAS2, SAML >>> 1.1. Since you're using the Yale CAS Client 2.1.1, you're only supporting >>> CAS 1 or CAS2 on the client side. Which one you are using depends on your >>> configuration. Both will work fine. >>> >>> -Scott >>> >>>> >>>> >>>> Thanks, >>>> >>>> >>>> Alex >>>> >>>> >>>> >>>> >>>> _______________________________________________ >>>> Yale CAS mailing list >>>> [email protected] <http://[email protected]> <http://tp.its.yale.edu/> >>>> http://tp.its.yale.edu/mailman/listinfo/cas >>>> >>> >>> >>> >>> _______________________________________________ >>> Yale CAS mailing list >>> [email protected] <http://[email protected]> <http://tp.its.yale.edu/> >>> http://tp.its.yale.edu/mailman/listinfo/cas -- Andrew R. Feller, Analyst Information Technology Services 200 Fred Frey Building Louisiana State University Baton Rouge, LA 70803 (225) 578-3737 (Office) (225) 578-6400 (Fax)
_______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
