Versions Compared

Old Version 11

changes.mady.by.user Arlen Johnson

Saved on

compared with

New Version Current

changes.mady.by.user Arlen Johnson

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migrated to Confluence 5.3

...

  1. Create a Bedework superuser with an account that already exists in your authentication domain.  To achieve this, log into the administrative web client (http://localhost:8080/caladmin) as user “admin” (default password "bedework"), select the “System” Tab → “Manage system preferences” and add the accounts that exist in your local domain.  Do not remove the “admin” user from the list of superusers, as a number of services rely on that account (though it does not need to authenticate or exist in your directory).

  2. Create a user in your domain, e.g. “admin”, that is already set up as a superuser in the Bedework quickstart.

...

  1. Configure JBoss to point at your local LDAP server:
    1. Edit <quickstart>/jboss-5.1.0.GA /server/default/conf/login-config.xml
    2. Modify the <application-policy name=”bedeworkdemo”> section found near line 110 to point to your local LDAP server. This will typically involve modifying three properties: 
      • principalDNPrefix, e.g. "uid="
      • principalDNSuffix, e.g. ",ou=accounts, dc=rpi, dc=edu"
      • java.naming.provider.url, e.g "ldap://login.myserver.edu/"

  2. Prepare your group properties by modifying /home/<userid>/bwbuild/jboss-mysql/cal.options.xml: Set the <user-ldap-group> options on or around lines 68-87

  3. Rebuild the system:
    1. stop JBoss
    2. build Bedework
    3. restart JBoss

  4. Test the web clients.  Login to the admin or user client to test Ldap auth.

...

  1. Download the CAS Java Client
  2. Unzip the file and copy the CAS client to Bedework:##
    1. unzip cas-client-3.1.10-release.zip
    ##
    2.  cd cas-client-3.1.10/modules
    ##
    2.  cp cas-client-core-3.1.10.jar <qs>/jboss-5.1.0.GA/common/lib/

  3. Add a CAS filter to each application that requires a log in (eventsubmit, ucal, caladmin).  Do caladmin last; you may want access to it while you are debugging this procedure. The files to edit are:

    Code Block
    <qs>/bedework/projects/webappsbwwebapps/websubmit/war/WEB-INF/web.xml
<qs>/bedeworkbwwebapps/projects/webapps/webclient/war/WEB-INF/userweb.xml
<qs>/bedework/projects/webappsbwwebapps/webadmin/war/WEB-INF/web.xml

    In each file, add the lines in the "CAS Filters" box at the bottom of this page, replacing the URLs with those that work at your site.  The CAS filters must come BEFORE any other filters.  Also, delete any and all of the following elements:

    1. <security-role-ref>
    2. <security-constraint> 
    3. <security-role>

  4. (optionally) Point the logout buttons on the Bedework clients that have them (Admin Client, Personal Calendar Client, Submissions Client) at your CAS server by editing the corresponding stylesheets.  For example, in the Submissions Client  (<quickstart>/bedework/deployment/websubmit/webapp/resources/demoskins/default/default/default.xsl), change the logout "span" to look something like this:

    Code Block
    <span class="logout">
    <a href="https://yourserver:8443/cas/logout?service=http%3A%2F%2Fyourserver%2Feventsubmit%2F"
            id="bwLogoutButton">
         <xsl:copy-of select="$bwStr-Hedr-Logout"/>
   </a>
</span>
  5. build Bedework

...