Versions Compared

Old Version 12

changes.mady.by.user William G. Thompson, Jr.

Saved on

compared with

New Version Current

changes.mady.by.user Anthony O.

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migrated to Confluence 5.3

Since CAS 4.0.0, the  SAML 1.1 Ticket Validation Response and the and SAML2 Google Accounts Integration are optional components available through the cas-server-support-saml module.  While both features require the cas-server-support-saml module, they can be deployed independently.

To enable either feature the cas-server-support-saml module dependency must be added to your your CAS Server Maven Overlay pom.xml file:

Code Block
languagehtml/xml
<dependency>
  <groupId>org.jasig.cas</groupId>
  <artifactId>cas-server-support-saml</artifactId>
  <version>4.0.0</version>
</dependency>

SAML 1.1 Ticket Validate Response Configuration

In addition to the cas-server-support-saml module dependency the following 4 steps are required to enabled the SAML 1.1 Ticket Validation Response.  These steps are not required for SAML2 Google Account Integration.

Step 1 : Define samlValidateController bean and map it to /samlValidate URL via handlerMappingC bean in cas-servlet.xml:

...

Code Block
languagehtml/xml
<bean id="samlArgumentExtractor" class="org.jasig.cas.support.saml.web.support.SamlArgumentExtractor"
  p:httpClient-ref="noRedirectHttpClient"   p:disableSingleSignOut="${slo.callbacks.disabled:false}" />
Code Block
languagehtml/xml
<util:list id="argumentExtractors">
  <ref bean="casArgumentExtractor" />
  <ref bean="samlArgumentExtractor" />
</util:list>

...

Code Block
languagehtml/xml
<util:map id="uniqueIdGeneratorsMap">
  <entry
    key="org.jasig.cas.authentication.principal.SimpleWebApplicationServiceImpl"
    value-ref="serviceTicketUniqueIdGenerator" />
  <entry
    key="org.jasig.cas.support.openid.authentication.principal.OpenIdService"
    value-ref="serviceTicketUniqueIdGenerator" />
  <entry
    key="org.jasig.cas.support.saml.authentication.principal.SamlService"
    value-ref="samlServiceTicketUniqueIdGenerator" />
</util:map>

Step 5: Add the SAML views in the cas-servlet.xml file :

Code Block
languagehtml/xml
<bean id="viewResolver" class="org.springframework.web.servlet.view.ResourceBundleViewResolver" p:order="0">
  <property name="basenames">
    <list>
      <value>${cas.viewResolver.basename}</value>
      <value>protocol_views</value>
      <value>saml_views</value>
    </list>
  </property>
</bean>

SAML2 Google Accounts Integration

In addition to the cas-server-support-saml module dependency the following 2 steps are required to enable SAML2 Google Account Integration.  These steps are not required for SAML 1.1 Ticket Validation Response.  

Step1: Add the appropriate SAML arguments extractor in the argumentExtractorsConfiguration.xml file :

...