Hi Everyone,
I would like to add the possibility to use JWT Authentication to my CAS
Server, i followed this link
https://apereo.github.io/cas/4.2.x/installation/JWT-Authentication.html but
it's not working.
Im using CAS Version 4.2.7 and Java Version : 1.8.0_40, i followed this
steps below :
*Step 1 : adding the token dependency to my pom.xml *
*<dependency> <groupId>org.jasig.cas</groupId>
<artifactId>cas-server-support-token-webflow</artifactId>
<version>${cas.version}</version></dependency>*
*Step 2 : adding the alas name in my deployerConfigContext.xml*
NB : i'm already using this in my config :
* <util:map id="authenticationHandlersResolvers"> <entry
key-ref="proxyAuthenticationHandler" value-ref="proxyPrincipalResolver" />
<entry key-ref="primaryAuthenticationHandler"
value-ref="primaryPrincipalResolver" /> <entry
key-ref="ldapAuthenticationHandler" value="#{null}" /></util:map>*
* <alias name="acceptUsersAuthenticationHandler"
alias="primaryAuthenticationHandler" /> <alias
name="personDirectoryPrincipalResolver" alias="primaryPrincipalResolver" />*
* <alias name="tokenAuthenticationHandler"
alias="primaryAuthenticationHandler" />*
So when i restart my CAS server, logs says :
*Caused by: org.springframework.beans.factory.BeanCreationException: Error
creating bean with name 'authenticationHandlersResolvers': Cannot resolve
reference to bean 'primaryAuthenticationHandler' while setting bean
property 'sourceMap'; nested exception is
org.springframework.beans.factory.NoSuchBeanDefinitionException: No bean
named 'tokenAuthenticationHandler' is defined*
So I added the bean id below :
*<bean
id="tokenAuthenticationHandler"class="org.jasig.cas.services.DefaultRegisteredServiceProperty"
/>*
Then after restarted, it's ok no more logs.
*Step 3 : adding the secret in my HTTPSandIMAPS-10000001.json*
"properties" : {
"@class" : "java.util.HashMap",
"jwtSigningSecret" : {
"@class" : "org.jasig.cas.services.DefaultRegisteredServiceProperty",
"values" : [ "java.util.HashSet", [ "my_secret_key" ] ]
},
*Step 4 : generating my token using my secret key with
https://www.npmjs.com/package/jwtgen*For example : jwtgen -a HS256 -s
"my_secret_key" -p -e 9200 -v
*algorithm: HS256claims: { "iat": 1519642449, "exp": 1519651650}headers: {
"typ": "JWT", "alg":
"HS256"}token:eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpYXQiOjE1MTk2NDI0NDksImV4cCI6MTUxOTY1MTY1MH0.G7JjoEu......*
*Step 5 : curling my CAS Server with one of my service using my token*
curl -i "https://myserver/cas/login?service=https://my_url_service
*&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpYXQiOjE1MTk2NDI0NDksImV4cCI6MTUxOTY1MTY1MH0.G7JjoEu*
......"
CAS Logs :
*2018-02-26 11:58:12,570 INFO
[org.jasig.cas.web.flow.InitialFlowSetupAction] - <Setting path for cookies
for warn cookie generator to: /cas/ >2018-02-26 11:58:12,570 INFO
[org.jasig.cas.web.flow.InitialFlowSetupAction] - <Setting path for cookies
for TGC cookie generator to: /cas/ >2018-02-26 11:58:12,574 DEBUG
[org.jasig.cas.web.support.DefaultArgumentExtractor] - <Created
https://my_url_service based on
org.jasig.cas.authentication.principal.WebApplicationServiceFactory@2fe3ffc2>2018-02-26
11:58:12,575 DEBUG [org.jasig.cas.web.support.DefaultArgumentExtractor] -
<Extractor generated service for: https://my_url_service>2018-02-26
11:58:12,581 DEBUG [org.jasig.cas.util.RegexUtils] - <Pattern
^https://www.apereo.org is a valid regex.>2018-02-26 11:58:12,582 DEBUG
[org.jasig.cas.util.RegexUtils] - <Pattern ^(http?|https?)://.* is a valid
regex.>2018-02-26 11:58:12,801 DEBUG
[org.jasig.cas.services.web.RegisteredServiceThemeBasedViewResolver] -
<View resolved: /WEB-INF/view/jsp/default/ui/casLoginView.jsp>2018-02-26
11:58:12,940 DEBUG [org.jasig.cas.web.view.CasReloadableMessageBundle] -
<No properties file found for [classpath:custom_messages_en] - neither
plain properties nor XML>2018-02-26 11:58:12,941 DEBUG
[org.jasig.cas.web.view.CasReloadableMessageBundle] - <No properties file
found for [classpath:custom_messages] - neither plain properties nor
XML>2018-02-26 11:58:12,942 DEBUG
[org.jasig.cas.web.view.CasReloadableMessageBundle] - <No properties file
found for [classpath:messages_en] - neither plain properties nor
XML>2018-02-26 11:58:12,942 DEBUG
[org.jasig.cas.web.view.CasReloadableMessageBundle] - <Loading properties
[messages.properties] with encoding 'UTF-8'>2018-02-26 11:58:13,002 WARN
[org.jasig.cas.web.view.CasReloadableMessageBundle] - <The code
[login.forgot.password] cannot be found in the default language bundle and
will be used as the message itself.>2018-02-26 11:58:13,002 WARN
[org.jasig.cas.web.view.CasReloadableMessageBundle] - <The code
[login.not.subscribed] cannot be found in the default language bundle and
will be used as the message itself.>2018-02-26 11:58:13,003 WARN
[org.jasig.cas.web.view.CasReloadableMessageBundle] - <The code
[login.subscribe] cannot be found in the default language bundle and will
be used as the message itself.>2018-02-26 11:58:13,003 WARN
[org.jasig.cas.web.view.CasReloadableMessageBundle] - <The code
[login.help.question] cannot be found in the default language bundle and
will be used as the message itself.>2018-02-26 11:58:13,004 WARN
[org.jasig.cas.web.view.CasReloadableMessageBundle] - <The code
[login.contact] cannot be found in the default language bundle and will be
used as the message itself.>2018-02-26 11:58:15,243 DEBUG
[org.jasig.cas.util.CasSpringBeanJobFactory] - <Created job
org.jasig.cas.services.DefaultServicesManagerImpl$ServiceRegistryReloaderJob@5784c77a
for bundle org.quartz.spi.TriggerFiredBundle@5ffb6449>2018-02-26
11:58:15,245 DEBUG [org.jasig.cas.util.CasSpringBeanJobFactory] -
<Autowired job per the application context>*No tickets are created, am i
missing something ?
Kind Regards,
Michael
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/1b79aa7a-48b6-4057-a66f-72ca450e29c7%40apereo.org.
