Re: [cas-user] Service Registry -- Getting the 1st Application Entered

2019-05-19 Thread Va Sja 
Hmm...
..looks really like "Security through obscurity" :((
Guys - how many peoples use CAS worldwide? 
looks like nobody?

SRC: https://mvnrepository.com/artifact/org.apereo.cas/cas-server-webapp



Am Freitag, 31. August 2018 13:05:02 UTC+2 schrieb 党田力:
>
> I had test on 5.2.6 adn 5.2.7 version
> Only append `cas-server-support-json-service-registry` to pom.xml, the '
> cas.serviceRegistry.initFromJson=true' is worked.
> Only append `cas-server-support-jpa-service-registry` to pom.xml, the 
> database is worked.
> But I append both them, the services defined in json is not loaded.
>
> On 5.1.9 version works.
>
>
> 在 2018年5月15日星期二 UTC+8下午8:15:55,David Curry写道:
>>
>> Lionel and Jann,
>>
>> Did you ever have the JSON service registry working? If not, I recommend 
>> that you take all the JPA stuff out of pom.xml and cas.properties and get 
>> that working correctly first, so that you're only trying to debug one thing 
>> at a time. Once you have the JSON service registry working correctly, for 
>> both the main server and the management webapp, then it's time to move 
>> things to JPA.
>>
>> The basic steps for moving to JPA *should* be this:
>>
>> 1. REMOVE the "cas-server-support-json-service-registry" dependency from 
>> pom.xml (server and management webapp)
>>
>> 2. Add the "cas-server-support-jpa-service-registry" dependency and 
>> whatever other dependencies go with it to pom.xml (server and management 
>> webapp)
>>
>> 3. Rebuild the server and management webapp
>>
>> 4. In the server's cas.properties file, include BOTH of these lines:
>>
>> cas.serviceRegistry.json.location: file:/etc/cas/services
>> cas.serviceRegistry.initFromJson:  true
>>
>>
>> The first line should already be there (since before you start these 
>> steps you're using the JSON service registry), but you must add the second 
>> line.
>>
>> 5. Add all the lines you need to configure the JPA service registry to 
>> the server's cas.properties file.
>>
>> 6. Start the CAS server (do not start the management webapp). You should 
>> see it load the services from the JSON files (again, this should already be 
>> working before you start) and then it will magically save them into the JPA 
>> registry.
>>
>> 7. Shut the server down.
>>
>> 8. Check the database to see that the services actually got loaded there. 
>> If not, this is where you need to start debugging. And the first step of 
>> that would be setting the log level to "debug" in log4j2.xml, and adding 
>> whatever Logger configuration you need to make the Oracle JDBC library log 
>> for you as well.
>>
>> Once you've got the services loaded into the database
>>
>> 9. Remove the "cas.serviceRegistry.json.location" and 
>> "cas.serviceRegistry.initFromJson" properties from the server's 
>> cas.properties file.
>>
>> 10. Remove the "cas.serviceRegistry.json.location" property from, and add 
>> all the JPA properties to, the management webapp's management.properties 
>> file.
>>
>> At least, that's the procedure I followed to get the MongoDB service 
>> registry working (see 
>> https://dacurry-tns.github.io/deploying-apereo-cas/high-avail_service-registry_overview.html).
>>  
>> I've not used the JPA stuff at all, so no guarantees, but I don't see why 
>> it should be any different.
>>
>> --Dave
>>
>>
>> --
>>
>> DAVID A. CURRY, CISSP
>> *DIRECTOR OF INFORMATION SECURITY*
>> INFORMATION TECHNOLOGY
>>
>> 71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003
>> +1 212 229-5300 x4728 • david.cu...@newschool.edu
>>
>> [image: The New School]
>>
>> On Tue, May 15, 2018 at 12:14 AM, Lionel Samuel  
>> wrote:
>>
>>> Changing in "cas.properties"  
>>> 'cas.serviceRegistry.json.location:file:/etc/cas/services' to 
>>> 'cas.serviceRegistry.json.location:foobar:/etc/cas/services'
>>>
>>> The above does not generate an error message --- is that a sign it's not 
>>> loaded?
>>>
>>>
>>> On Monday, May 14, 2018 at 8:25:37 PM UTC-7, Lionel Samuel wrote:

 I'm working with Jann -- attached is our pom file (we call the jar 
 my-cas -- which is reflected in the URLs).

 It does not look like the JSON file is loaded -- I don't think it's pom 
 related --- but at the moment we are both stumped so anything goes.

 2018-05-14 20:23:17,715 WARN 
 [org.apereo.cas.services.web.ServiceThemeResolver] - >>> service 
 is found to match 
 [org.apereo.cas.authentication.principal.SimpleWebApplicationServiceImpl@330c1ecf[id=
 http://localhost:8080/cas-management/manage.html,originalUrl=http://localhost:8080/cas-management/manage.html,artifactId=,principal=,loggedOutAlready=false,format=XML]]
  
 or service access is disallowed. Using default theme [cas-theme-default]>

 On Monday, May 14, 2018 at 5:42:35 PM UTC-7, Jann Malenkoff wrote:
>
>
> Attached is my 'cas.properties' file ---  in case I may be missing 
> something there (very likely)
>
>
> On Monday, May 14, 2018 at 5:09:12 PM UTC-7, Jann Malenkoff wrote:
>>

Re: [cas-user] Service Registry -- Getting the 1st Application Entered

2019-05-19 Thread Va Sja 
What about 5.3.x? :-D

Am Dienstag, 15. Mai 2018 00:47:36 UTC+2 schrieb Man H:
>
>
> where are these pointing to:
>
> cas.serviceRegistry.json.location for 5.2.x 
> or 
> cas.serviceRegistry.config.location for 5.1.x
>
> 2018-05-14 19:41 GMT-03:00 Jann Malenkoff  >:
>
>> FYI --- the following appears in 'catalina.out' when attempting to access 
>> 'http://localhost:8080/cas-management/manage.html,'.
>>
>> 2018-05-14 15:39:09,152 WARN 
>> [org.apereo.cas.services.web.ServiceThemeResolver] - > is found to match 
>> [org.apereo.cas.authentication.principal.SimpleWebApplicationServiceImpl@13eed7a6[id=
>> http://localhost:8080/cas-management/manage.html,originalUrl=http://localhost:8080/cas-management/manage.html,artifactId=,principal=,loggedOutAlready=false,format=XML]]
>>  
>> or service access is disallowed. Using default theme [cas-theme-default]>
>>
>>
>> On Monday, May 14, 2018 at 3:37:31 PM UTC-7, Jann Malenkoff wrote:
>>>
>>> Hi Richard:
>>>
>>> I have the following in 'cas.properties':
>>>
>>> cas.serviceRegistry.initFromJson=true
>>>
>>> Is that correct to enable the first read from JSON? I have been staring 
>>> at the screen for so long and begining to doubt myself w.r.t true/false 
>>> flags.
>>>
>>> On Monday, May 14, 2018 at 3:30:38 PM UTC-7, richard.frovarp wrote:

 Do you have initialization on from JSON? Not sure if it will use your 
 file or just the defaults. Either way, it should get you into the manager. 
 Then you configure the manager service, and turn that property off.

 # Auto-initialize the registry from default JSON service definitions
 # cas.serviceRegistry.initFromJson=false



 On 05/14/2018 05:13 PM, Jann Malenkoff wrote:

 Hi All:

 I'm trying to get the 'http://localhost:8080/cas-management/manage.html' 
 loaded up --- but hitting the error message: 
 ' 
 Application Not Authorized to Use CAS 

 The services registry of CAS is empty and has no service definitions. 
 Applications that wish to authenticate with CAS must explicitly be defined 
 in the services registry.'


 I am hoping to have a JPA service registry --- and have configured the 
 dependencies below in the 'cas-overlay-template' pom.xml.


 To enable the access to '
 http://localhost:8080/cas-management/manage.html, I have added  the 
 JASON entry as below --- but do not see it in the database table 
 REGEXREGISTEREDSERVICE (I have cas.serviceRegistry.config.location:
 file:/etc/cas/services in 'cas.properties).


 What could I have missed (or more likely misunderstood)?


 *JSON File in /etc/cas/services (copied -- slightly adjusted -- from an 
 earlier post):*

 {
   /*
* Wildcard service definition that applies to any https or imaps url.
* Do not use this definition in a production environment.
*/
   "@class" :
 "org.apereo.cas.services.RegexRegisteredService",
   "serviceId" : "^(http)://.*",
   "name" :  "HTTP wildcard",
   "id" :20180514,
   "evaluationOrder" :   9
 }


 *pom.xml -- for cas-overlay-template*

 
 
 org.apereo.cas
 
 cas-server-webapp${app.server}
 ${cas.version}
 war
 runtime
 
 
 org.apereo.cas
 
 cas-server-support-json-service-registry
 ${cas.version}
 
 
 org.apereo.cas
 cas-server-support-ldap
 ${cas.version}
 
 
 org.apereo.cas
 
 cas-server-support-jpa-service-registry
 ${cas.version}
 
 
 org.apereo.cas
 
 cas-server-support-jpa-ticket-registry
 ${cas.version}
 
 
 org.apereo.cas
 
 cas-server-support-jdbc-drivers
 ${cas.version}
 
 
 com.oracle
 ojdbc7.jar
 12.1.0.1
 
 
 org.apereo.cas
 cas-server-support-saml
 ${cas.version}
 
 
 org.apereo.cas
 cas-server-support-duo
 ${cas.version}

Re: [cas-user] Re: CAS documentation for a new user is terrible

2019-05-17 Thread Va Sja 
Hello rbon,
I am already build, install, configured almost ALL variants from Github and 
around. My problem is - after "successfully" configured the CAS-server I 
have no glue about "what is the next step!?". The server works fine, but 
there are no one line description "how it is possible to integrate this 
server with my needs". I can read a lot of messages from Web-GUI, logs 
etc., but how to configure my HelloWorld-Tomcat-App to be able use 
controlled Auth-service from CAS - no idea. In most of cases - there are no 
way to use old documentation - old links already overwritten by "new  
releases". 

The single "readable" (( from my view! )) documentation I found 
on http://hacsoc.org/wiki/technical/cas.html. But it is from September 6, 
2005!!!
OfCoz - nobody is able to reuse it - all important refs are already broken. 

The latest "usable" public example for using CAS i found 
on https://github.com/casinthecloud/java-jasig-cas-client-demo. But it is :
- at least 4 years old
- based on CAS 3.6.0-SNAPSHOT
- can make only login, NO logout

David Curry has described success story about his organization. But he has 
more luck as me-  his team has access to original documentation with 
correct links and examples. Now it is not exist anymore. That, what exist 
now  - just a lot of bytes without sense, copy-paste from many independent 
sources ( sorry for my extreme frustration! ).

So  - the main question - what was done with this project last 3-4-5 years. 
I would name it "monetization". 8-)

...Hope - I am wrong! Otherwise it is the time to "fork" the state 5 years 
old and make it in the real "open-source-style" :((
@David
I want use  - just currently it is not usable!

My goal is really simple, and when I get the "help from community" like 
"goto ", and it is get me back after 1-2 weeks to the same point, where 
I started - something is wrong.
I will appreciate, when somebody can demonstrate how with help from actual 
version of documentation step-by-step ( or even better with 1-2-3 "git 
clone" )  I can build 3-user-2-roles-1-webapp secured application on the 
CAS-basis. 

If it is not possible  - it will be also THE answer

Kindest regards to ALL.



Am Donnerstag, 16. Mai 2019 17:40:16 UTC+2 schrieb rbon:
>
> Va,
>
> I understand your frustration. It took me quite some time to learn and 
> understand what goes on with CAS.
>
> But, it solves a complex problem in a flexible way. Out of all the 
> authentication mechanisms, you probably only need one. Which one is up to 
> you.
>
> You should be able to get the code from, 
> https://github.com/apereo/cas-overlay-template and run the docker or 
> embedded tomcat within a few minutes. 
> https://apereo.github.io/cas/6.0.x/installation/WAR-Overlay-Installation.html
>
> You can also pay for support. We used Unicon, https://www.unicon.net/. (I 
> am not affiliated with them.)
>
> Ray
>
> On Thu, 2019-05-16 at 05:54 -0700, Va Sja wrote:
>
> Hello David, 
> many thanks for your explanation. I am sure - CAS  works on many 
> productions environments, and support a lot of possible protocols and 
> standarts. But...
> ...did  You played with Lego? There you can be successful already in 20 
> minutes. Then you just increase your success step-by-step. Did you install 
> some server from latest past? MySQL, Tomcat, Cassandra? How many steps you 
> need to "read-download-install-configure-start-check"? Is it oft takes more 
> then 20 min to understand what you really do ?
>
> As I and many other peoples has already explained : for CAS there are no 
> way to do it from read-2-check in 10 mins, 10 hours, and even in 10 days!
> ...the latests readable documentation is minimum 2-3 years old. Then we 
> have a lot of linked and not readable pages. 
>   You can check yourself the link, what you sendet to me and try to answer 
> for
> a)  who need to know as first page about for ex ?:
>- Support for many SPs built in: Adobe Creative Cloud, Google Apps, 
> Office 365, 
> b) what version is possible to start when on the same page are: 
>- .. CAS 6._ , CAS 5., CAS 3.5 , CAS 5.2.7,  CAS 5.3.*x* .,CAS 4 ...
> c) where is the start ?
> d) what should I DO ? 
> e) am I really need so complex solution, when it is not possible to setup 
> even Plain-User-Password-Auth for 1 web-site in weeks?
> f) there are a lot of left-menu-Items, but is all I need to read and 
> understand for very first installation? Create? Build? Configure? Install? 
> Commit? Add?
>
>  ( BTW even on Intro-page there are no explanation WHAT IS CAS!!!  You 
> have to search it somewhere else over Google? )
>
> i will appreciate your answers and constructive feedback without links 
> this time  !

Re: [cas-user] Re: CAS documentation for a new user is terrible

2019-05-16 Thread Va Sja 
Hello David,
many thanks for your explanation. I am sure - CAS  works on many 
productions environments, and support a lot of possible protocols and 
standarts. But...
...did  You played with Lego? There you can be successful already in 20 
minutes. Then you just increase your success step-by-step. Did you install 
some server from latest past? MySQL, Tomcat, Cassandra? How many steps you 
need to "read-download-install-configure-start-check"? Is it oft takes more 
then 20 min to understand what you really do ?

As I and many other peoples has already explained : for CAS there are no 
way to do it from read-2-check in 10 mins, 10 hours, and even in 10 days!
...the latests readable documentation is minimum 2-3 years old. Then we 
have a lot of linked and not readable pages. 
  You can check yourself the link, what you sendet to me and try to answer 
for
a)  who need to know as first page about for ex ?:
   - Support for many SPs built in: Adobe Creative Cloud, Google Apps, 
Office 365, 
b) what version is possible to start when on the same page are: 
   - .. CAS 6._ , CAS 5., CAS 3.5 , CAS 5.2.7,  CAS 5.3.*x* .,CAS 4 ...
c) where is the start ?
d) what should I DO ? 
e) am I really need so complex solution, when it is not possible to setup 
even Plain-User-Password-Auth for 1 web-site in weeks?
f) there are a lot of left-menu-Items, but is all I need to read and 
understand for very first installation? Create? Build? Configure? Install? 
Commit? Add?

 ( BTW even on Intro-page there are no explanation WHAT IS CAS!!!  You have 
to search it somewhere else over Google? )

i will appreciate your answers and constructive feedback without links this 
time  !  We can then "attach it" to already existing Documentation portals 
as only one new page like "CAS for Dummy" , "CAS for lazy admin" or "CAS in 
20 minutes" :) 

Kindest regards





Am Donnerstag, 16. Mai 2019 14:02:00 UTC+2 schrieb David Curry:
>
> Va,
>
> If you want 1-2-3 FINISH then perhaps, as Matthew already suggested, this 
> is what you're looking for:
>
> https://dacurry-tns.github.io/deploying-apereo-cas/ 
>
>
> It starts from zero knowledge of CAS and goes step-by-step to an 
> installation that is running in production today. And it does it in 
> increments, so you can check that things are working along the way. The 
> initial "Building the CAS server" section will in fact get you a running 
> server in 1-2-3-4-FINISH (create an overlay project, build the default 
> server, edit a couple of config files, install and test).
>
> But just as "Hello World" is a pretty useless program, the CAS server 
> you're going to get in 4 steps is a pretty useless server. If you want to 
> use it to do any real work, you're going to have to configure it to talk to 
> your user directories, define the services you want it to manage, figure 
> out the attributes you need to release, perhaps enable multifactor 
> authentication, customize the user interface to meet your corporate 
> branding standards, perhaps enable other protocols like SAML2 or OAuth, 
> perhaps add in support for high availability, etc. Every one of those 
> things is supported by CAS, most of them in multiple flavors. But to use 
> them, you're going to have to learn how to add them to the server and 
> configure them. The above guide shows how to do that for one set (sometimes 
> two) of choices; they may not be the choices you want, but it should be 
> easy to extrapolate from one to another once you see how the basic setup 
> works.
>
> If you don't want to exert the effort to learn how the software works, or 
> don't have the patience to start a project that's going to take more than 
> 20 minutes to complete, then perhaps doing it yourself isn't the right 
> answer. There are  several third party service providers that will provide 
> consulting expertise to help you configure and support it; some of them 
> will even host and operate it for you.
>
> --
>
> DAVID A. CURRY, CISSP
> *DIRECTOR OF INFORMATION SECURITY*
> THE NEW SCHOOL • INFORMATION TECHNOLOGY
>
> 71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003
> +1 212 229-5300 x4728 • david...@newschool.edu 
>
>
> On Thu, May 16, 2019 at 6:47 AM Va Sja > 
> wrote:
>
>> Matthew, you are fully right - there are a lot of much worse software as 
>> well as documentation. And in case, when is the goal "getting as much as 
>> more money for support" - it is exactly the right tactic -  to make 
>> documentation unusable, and release as often as possible new releases with 
>> more and more features, that will be selled as a next. But it is not really 
>> the main vector for open-source, when you need weeks and some hundred gurus 
>> for install at least "HelloWorld".

[cas-user] Re: CAS documentation for a new user is terrible

2019-05-16 Thread Va Sja 
Matthew, you are fully right - there are a lot of much worse software as 
well as documentation. And in case, when is the goal "getting as much as 
more money for support" - it is exactly the right tactic -  to make 
documentation unusable, and release as often as possible new releases with 
more and more features, that will be selled as a next. But it is not really 
the main vector for open-source, when you need weeks and some hundred gurus 
for install at least "HelloWorld".  And you point me again to some " very 
easy to follow guide " may be very informative but for my case unusable 
documentation, when I need really to jumping over hundreds links just to 
getting again the understanding - IT IS TOO COMPLEX TO UNDERSTAND. It is 
exactly " very easy to follow " with a lot of links , but "absolutely not 
possible to understand what this manual about. Sorry that I am scream - 
otherwise I have to cry :)  

May be we understand the words "follow", "understand", "jump", "start", 
"finish", "result", "productivity" different? 

The documentation should help to focus to the problem, and your link make 
exactly opposite: it point me in next 2-3 sentences to jump to some another 
Web Page. Nothing more. But I need to know steps to success: 1-2-3-FINISH. 
And there are no complete story about "how to do install HelloWorld?". U 
cannot push all of it into your brain in  1 hour, 1 day, 1 week, but you 
need much more! 

May be U are absolutely right: "  the documentation does in fact tell me 
what I need to know ". And you a able to "getting started"! But it not help 
to finish some minimal positive result.

Alternatively you have to pay for somebody else who know this software - 
that is the only one Idea, what you have to get from such documentation. 
Unfortunately...
...and it is not only my view. Fortunately! 8-)

Am Mittwoch, 15. Mai 2019 15:10:46 UTC+2 schrieb Matthew Uribe:
>
> Va,
>
> I would like to mention that your complaint is about a product that you 
> get to use *for free*. I support some paid software with worse 
> documentation. I do understand the frustration, as the learning curve is 
> steep, but that's where this community comes in. Everyone here tries to be 
> very helpful, giving one another their time *for free*. I've been 
> supporting CAS 5 in my organization now for just over a year, and I find 
> that the documentation does in fact tell me what I need to know. It's just 
> that getting started can be tough.
>
> Yet another free resource you may find helpful: David Curry, one of our 
> community members, created a very easy to follow guide to implementing CAS 
> 5. Check it out here:  
> https://dacurry-tns.github.io/deploying-apereo-cas/introduction_overview.html 
> <https://www.google.com/url?q=https%3A%2F%2Fdacurry-tns.github.io%2Fdeploying-apereo-cas%2Fintroduction_overview.html=D=1=AFQjCNFX1J25kRvoW2H7j5N4HxolCh8Kjw>
>
> Matt
>
> On Wednesday, May 15, 2019 at 7:01:39 AM UTC-6, Va Sja wrote:
>>
>> As I see after almost 2 years documentation still don't getted better ...
>> ... there are no some 1-2-3-Specs to finish even HelloWorld with CAS. But 
>> the release number grows extremely. 3.6, 4.0-1-2-3, 5.0-1-2-3, 6.0. 
>>
>> So - looks like the developers stacked in the similar way as users :)   
>> I would wait till first release with suffix "STABLE", before start to use 
>> IT. After a week of rolling over LinkDoc-to-LinkDoc-to-LinkDoc-to-LinkDoc I 
>> give Up. Jan has created *___THE_BEST_MANUAL_EVER__ *, but currently on 
>> my side I reach the pont, that I can logIn, but* LogOut not works *as 
>> expected...
>>
>> Hope somebody from DigitalOcean <https://www.digitalocean.com/> can 
>> repeat success from already thousand of HOW_TO like that : 
>> how-to-install-mysql-on-ubuntu-18-04 
>> <https://www.digitalocean.com/community/tutorials/how-to-install-mysql-on-ubuntu-18-04>
>>  . 
>> It should be not harder as 10 mins, isn't- it?
>>
>>
>>
>> Am Montag, 30. Oktober 2017 14:50:43 UTC+1 schrieb Jan:
>>>
>>> Hello,
>>>
>>> As a new user of CAS, I'd like to voice my opinion that the official 
>>> documentation of how one can get started with CAS is just awful. By this I 
>>> mean not the lack of it, but rather how indirect, not step-by-step it is. 
>>> Clarity could often be improved too.
>>>
>>> In the end I managed to do what I hoped for, ie investigate CAS locally 
>>> as an SSO solution, for which I needed to (1) run CAS server locally, (2) 
>>> connect and authenticate using a simple CAS client locally, (

[cas-user] Re: CAS documentation for a new user is terrible

2019-05-15 Thread Va Sja 
As I see after almost 2 years documentation still don't getted better ...
... there are no some 1-2-3-Specs to finish even HelloWorld with CAS. But 
the release number grows extremely. 3.6, 4.0-1-2-3, 5.0-1-2-3, 6.0. 

So - looks like the developers stacked in the similar way as users :)   
I would wait till first release with suffix "STABLE", before start to use 
IT. After a week of rolling over LinkDoc-to-LinkDoc-to-LinkDoc-to-LinkDoc I 
give Up. Jan has created *___THE_BEST_MANUAL_EVER__ *, but currently on my 
side I reach the pont, that I can logIn, but* LogOut not works *as 
expected...

Hope somebody from DigitalOcean  can repeat 
success from already thousand of HOW_TO like that : 
how-to-install-mysql-on-ubuntu-18-04 

 . 
It should be not harder as 10 mins, isn't- it?



Am Montag, 30. Oktober 2017 14:50:43 UTC+1 schrieb Jan:
>
> Hello,
>
> As a new user of CAS, I'd like to voice my opinion that the official 
> documentation of how one can get started with CAS is just awful. By this I 
> mean not the lack of it, but rather how indirect, not step-by-step it is. 
> Clarity could often be improved too.
>
> In the end I managed to do what I hoped for, ie investigate CAS locally as 
> an SSO solution, for which I needed to (1) run CAS server locally, (2) 
> connect and authenticate using a simple CAS client locally, (3) run the 
> service management app. However, the difficulty I had at most steps of 
> getting it all to work make me really want to use something else even if I 
> have to implement parts of it from scratch..
>
> Only now, when wanting to post this message, did I find this helpful 
> guide: https://dacurry-tns.github.io/deploying-apereo-cas/ Could the CAS 
> team incorporate some step-by-step tutorial like this into the official 
> documentation?
>
> These threads seem to voice a similar concern:
>
> https://groups.google.com/a/apereo.org/forum/#!searchin/cas-user/documentation/cas-user/z3BLJ0IQwZ0/wRybEK1LAQAJ
>
> https://groups.google.com/a/apereo.org/forum/#!searchin/cas-user/documentation/cas-user/qaAINooFi1s/D3k7Pr-7BQAJ
>
> I'm also posting the notes I made for myself during the process. I 
> wouldn't have written them if there was something like this available in 
> official docs, or I had found the unofficial guide earlier. I'm adding  
> to points that took me particularly long to figure out.
>
> *Building*
> - Described here: 
> https://apereo.github.io/cas/developer/Build-Process.html
> - git clone --depth=1 --single-branch --branch=master 
> g...@github.com:apereo/cas.git cas-server
> - cd cas-server
> - git checkout master
> - ./gradlew build install --parallel -x test -x javadoc -x check
>
> *Config*
> - Default config dir is /etc/cas/config (may need to be created, given 
> permissions) If you create application.properties in there, CAS seems to 
> pick them up. 
> - You can override in there any properties listed on 
> https://apereo.github.io/cas/development/installation/Configuration-Properties.html
>
> *Keys*
> - keytool -genkey -alias cas -keyalg RSA -validity 999 -keystore 
> /etc/cas/thekeystore -ext san=dns:cas-sso.local
> - Add 127.0.0.1 cas-sso.local to /etc/hosts
> - keytool -export -file /etc/cas/config/cas.crt -keystore 
> /etc/cas/thekeystore -alias cas
> - sudo keytool -import -file /etc/cas/config/cas.crt -alias cas -keystore 
> $JAVA_HOME/jre/lib/security/cacerts (default password to cacerts is 
> changeit)
> - Add the following lines to application.properties in CAS config dir 
> (with whatever password you set up for /etc/cas/thekeystore) 
> server.ssl.keyStorePassword=qwer1234
> server.ssl.keyPassword=qwer1234
>
> *Adding JSON service registry (to get a sample client registered)*
> - Add line >>compile 
> "org.apereo.cas:cas-server-support-json-service-registry:5.2.0-SNAPSHOT"<< 
> to the file cas-server/webapp/cas-server-webapp-tomcat/build.gradle, 
> replacing 5.2.0-SNAPSHOT with whatever version of CAS you have. The version 
> can be figured out after starting CAS (is displayed). 
> - Recompile the whole thing as above.
> - Add the following lines to application.properties in CAS config dir: 
> cas.serviceRegistry.watcherEnabled=true
> cas.serviceRegistry.repeatInterval=10
> cas.serviceRegistry.startDelay=1
> cas.serviceRegistry.initFromJson=true
> - Add json file with service defs in directory 
> cas-server/webapp/resources/services (the server seems to display which 
> directory it watches after start).
> {
>   "@class" : "org.apereo.cas.services.RegexRegisteredService",
>   "serviceId" : "http://localhost/.*;, 
>   "name" : "testId",
>   "id" : 1,
>   "accessStrategy" : {
>   "@class" : 
> "org.apereo.cas.services.DefaultRegisteredServiceAccessStrategy",
>   "enabled" : true,
>   "ssoEnabled" : true
>   }
> }
>
> *Getting access to /status/dashboard endpoint *
> - Add the following lines to