| Warning | ||
|---|---|---|
| ||
CAS documentation has moved over to apereo.github.io/cas, starting with CAS version 4.x. The wiki will no longer be maintained. For the most recent version of the documentation, please refer to the aforementioned link. |
| Warning |
|---|
Since CAS 4.0.0, the SAML support is no longer available in the CAS server itself but through the cas-server-support-saml module : SAML Support in CAS 4 |
Google Apps for Education (or any of the Google Apps) utilizes SAML 2.0 to provide an integration point for external authentication services. CAS 3.1 includes an "ArgumentExtractor" and accompanying "Service" to provide process and understand SAML 2.0 requests from Google.
...
The keys will also need to be available to the CAS application (but not publicly available over the Internet). We recommend you place the keys within your classpath (i.e. WEB-INF/classes) though any location accessible by the user running the web server instance is acceptable: and not served publicly to the Internet is acceptable. Thus, inside WEB-INF is nice because WEB-INF is scoped to the web application but not normally served. Inside the webapp but not in WEB-INF is fraught with peril. Somewhere like /etc/cas/keys/ is a fine idea as well and protects the key from being overwritten on deploy of a new CAS webapp version.
| No Format |
|---|
openssl genrsa -out private.key 1024 openssl rsa -pubout -in private.key -out public.key -inform PEM -outform DER openssl pkcs8 -topk8 -inform PER -outform DER -nocrypt -in private.key -out private.p8 openssl req -new -x509 -key private.key -out x509.pem -days 365 |
...