...
In the security.properties file in the uPortal properties directory, set the property "root" = "org.jasig.portal.security.provider.YaleCasContextFactory". This specifies that you want to use the YaleCasContext (which will be produced by this factory) as your root security context. A more complex configuration would be to allow the union of CAS authentication and other (say, simple) authentication, but let's start simple:
No Format |
---|
# Comment out the existing value for "root":
#root=org.jasig.portal.security.provider.SimpleSecurityContextFactory
# and instead use this value:
root=org.jasig.portal.security.provider.YaleCasContextFactory
|
In the same security.properties file, set the property "credentialToken.root" = "ticket". Comment out all other principalToken and credentialToken entries. This specifies that you want uPortal to remember the request parameter "ticket" on the Login request – which CAS will send along – and make it available to YaleCasContext, which will validate it.
No Format |
---|
# Answers what tokens are examined in the request for each context during authentication. # A subcontext only needs to set it's tokens if it differs from those of the root context. #principalToken.root=userName #credentialToken.root=password #credentialToken.root.cas=ticketid credentialToken.root=ticket |
At the end of portal.properties, add the following properties, which specify parameters that YaleCasContext requires:
No Format |
---|
org.jasig.portal.security.provider.YaleCasContext.CasValidateUrl=https://localhost:8443/cas/proxyValidate org.jasig.portal.security.provider.YaleCasContext.CasProxyCallbackUrl=https://localhost:8443/uPortal/CasProxyServlet org.jasig.portal.security.provider.YaleCasContext.PortalServiceUrl=http://localhost:8080/uPortal/Login |
...
From here, you will need to replace the default authentication handler declared in the CAS application web.xml with a handler that authenticates your population. You may with wish to visit ESUP-Portail's CAuthGenericHandler project for several handler options.