...
Code Block | ||
---|---|---|
| ||
## CAS & Local Authentication ## ## The following is an example of configuring uPortal to use both CAS ## and local user authentication (authentication by username and password ## hash stored in the uPortal database). It uses the UnionSecurityContext ## to consider both these authentication methods and declares the required ## tokens for all. This approach requires the corresponding filter mappings ## in web.xml (mapping both the CASValidateFilter and the StaticCasReceiptCacher ## filter in front of the LoginServlet). ## ## The bundled cas instance (http://localhost:8080/cas) also uses the user in ## the uPortal database for authentication. ## ## This is the factory that supplies the concrete authentication class root=org.jasig.portal.security.provider.UnionSecurityContextFactory #root.cas=org.jasig.portal.security.provider.cas.CasAssertionSecurityContextFactory root.cas=org.jasig.portal.security.provider.cas.clearpass.PasswordCachingCasAssertionSecurityContextFactory root.simple=org.jasig.portal.security.provider.SimpleSecurityContextFactory ## Answers what tokens are examined in the request for each context during authentication. ## A subcontext only needs to set its tokens if it differs from those of the root context. principalToken.root=userName credentialToken.root=password credentialToken.root.cas=ticket ## Answers where the user will be redirected when log out occurs. Each security context can have one. ## (See comments in the LogoutController class) ## It would be better to escape the value of the url parameter, but since there are no parameters on the ## unescaped URL and since there are no further parameters on the logout URL, this does work. logoutRedirect.root=${environment.build.cas.protocol}://${environment.build.cas.server}/logout?url=${environment.build.uportal.protocol}://${environment.build.uportal.server}${environment.build.uportal.context}/Login ## This is the factory that supplies the concrete authorization class authorizationProvider=org.jasig.portal.security.provider.AuthorizationServiceFactoryImpl ## Login URL, if specified the CLogin channel will display a Login link with ## this URL instead of the standard userName/password form. org.jasig.portal.channels.CLogin.CasLoginUrl=${environment.build.cas.protocol}://${environment.build.cas.server}/login?service=${environment.build.uportal.protocol}://${environment.build.uportal.server}${environment.build.uportal.context}/Login ## URL of the CAS clearPass password service org.jasig.portal.security.provider.cas.clearpass.PasswordCachingCasAssertionSecurityContextFactory.clearPassCasUrl=${environment.build.cas.protocol}://${environment.build.cas.server}/cas/clearPass |
...