Versions Compared

Old Version 3

changes.mady.by.user SusanBramhall

Saved on

compared with

New Version 4

changes.mady.by.user SusanBramhall

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Added more information about how to re-use the Assertion object

...

To use the CAS Ticket User Info Service, ensure the bean is mapped in uportal-impl/src/main/resources/properties/contexts/portletContainerContext.xml and included in the userInfoService bean list. This bean is present and appropriately configured in the default uPortal distribution, but it is provided below for completeness.

Code Block
xml
xml
    <bean id="userInfoService" class="org.jasig.portal.portlet.container.services.MergingUserInfoService">
        <property name="userInfoServices">
            <list>
                <ref bean="personDirectoryUserInfoService"/>
                <ref bean="casTicketUserInfoService"/>
            </list>
        </property>
    </bean>

    <bean id="casTicketUserInfoService" class="org.jasig.portal.portlet.container.services.CasTicketUserInfoService">
        <property name="userInstanceManager" ref="userInstanceManager" />
        <property name="portletWindowRegistry" ref="portletWindowRegistry" />
        <property name="portletEntityRegistry" ref="portletEntityRegistry" />
        <property name="portletDefinitionRegistry" ref="portletDefinitionRegistry" />
        <property name="portalRequestUtils" ref="portalRequestUtils" />
    </bean>

...

Code Block
xml
xml
<portlet-app
    xmlns="http://java.sun.com/xml/ns/portlet/portlet-app_1_0.xsd"
    version="1.0"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://java.sun.com/xml/ns/portlet/portlet-app_1_0.xsd
                        http://java.sun.com/xml/ns/portlet/portlet-app_1_0.xsd" id="ProxyCasPortlet">

    <portlet>

        . . .

     </portlet>

    <user-attribute>
        <!--
             This attribute name must match the key name configured in uPortal's 
            CasTicketUserInfoService 
        -->
        <name>casProxyTicket</name>
    </user-attribute>

</portlet-app>

...

Using Proxy CAS using the 3.1.x Jasig CAS client generally involves configuring filters, then using the CAS Java API to validate the UserInfo map provided CAS ticket.This works as follows:

First the portlet retrieves its own proxy ticket from the portlet's UserInfo map. Next it can use the org.jasig.cas.client.validation.TicketValidator class to validate the ticket and retrieve an Assertion object. The Assertion object encapsulates the Ticket Granting Ticket that the portlet can now use to obtain service tickets for back end services and resources. The Assertion object, once obtained is durable for the life of the portlet instance and can be used multiple times to obtain service tickets. The Assertion can be stored in the session and re-used by other components to obtain service tickets as needed.

Current CAS best practices suggest using Spring's DelegatingFilterProxy to configure a CAS filters via the Spring application context. This strategy allows developers to make use of Java property files for configuring strings such as the portal's base server URL.

...