Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 5 Next »

Since CAS 4.0.0, the SAML support is no longer available in the CAS server itself but through the cas-server-support-saml module.

If you want to enable SAML support in the CAS server, you need to apply the following steps.

 

1) Add the Maven dependency to your CAS server pom.xml file :

<dependency>
  <groupId>org.jasig.cas</groupId>
  <artifactId>cas-server-support-saml</artifactId>
  <version>4.0.0</version>
</dependency>

 

2) Enable SAML validation (/samlValidate url)

  1. Add the appropriate mapping in the handlerMappingC bean in the cas-servlet.xml file :

    <bean id="handlerMappingC" class="org.springframework.web.servlet.handler.SimpleUrlHandlerMapping">
  <property name="mappings">
    <props>
      ...
      <prop key="/samlValidate">samlValidateController</prop>
      ...

  2. with the samlValidateController bean :

    <bean id="samlValidateController" class="org.jasig.cas.web.ServiceValidateController"
  p:validationSpecificationClass="org.jasig.cas.validation.Cas20WithoutProxyingValidationSpecification"
  p:centralAuthenticationService-ref="centralAuthenticationService"
  p:proxyHandler-ref="proxy20Handler"
  p:argumentExtractor-ref="samlArgumentExtractor"
  p:successView="casSamlServiceSuccessView"
  p:failureView="casSamlServiceFailureView"/>

  3. add the servlet mapping in the web.xml file :

    <servlet-mapping>
  <servlet-name>cas</servlet-name>
  <url-pattern>/samlValidate</url-pattern>
</servlet-mapping>

 

3) Enable SAML 1.1 support

  1. Add the appropriate SAML arguments extractor in the argumentExtractorsConfiguration.xml file :

    <bean id="samlArgumentExtractor" class="org.jasig.cas.support.saml.web.support.SamlArgumentExtractor"
  p:httpClient-ref="noRedirectHttpClient"
  p:disableSingleSignOut="${slo.callbacks.disabled:false}" />

  2. Add it to the list of arguments extractors :

    <util:list id="argumentExtractors">
  <ref bean="casArgumentExtractor" />
  <ref bean="samlArgumentExtractor" />
</util:list>

  3. Add the SAML id generator in the uniqueIdGenerators.xml file :

    <bean id="samlServiceTicketUniqueIdGenerator" class="org.jasig.cas.support.saml.util.SamlCompliantUniqueTicketIdGenerator">
  <constructor-arg index="0" value="https://localhost:8443" />
</bean>

  4. and reference it in the uniqueIdGeneratorsMap :

    <util:map id="uniqueIdGeneratorsMap">
  <entry
    key="org.jasig.cas.authentication.principal.SimpleWebApplicationServiceImpl"
    value-ref="serviceTicketUniqueIdGenerator" />
  <entry
    key="org.jasig.cas.support.openid.authentication.principal.OpenIdService"
    value-ref="serviceTicketUniqueIdGenerator" />
  <entry
    key="org.jasig.cas.authentication.principal.SamlService"
    value-ref="samlServiceTicketUniqueIdGenerator" />
</util:map>

 

  • No labels