Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 20 Next »

Documentation Work In Progress

Warning: You may see some periodical changes as we are working hard to reorganize the content. If you have any concerns please submit feedback to the uportal-user@lists.ja-sig.org mailing list. Thank you so much for your patience.

Using the bundled CAS server in uPortal you can use the preferred maven overlay approach to integrating the clearPass feature. There is a patch available to accomplish this, below describes the steps to perform the integration after applying the patch. By default, the clearPass feature is not activated.

Step 1: Edit the cas deployerConfigContext.xml file

  1. Open the deployerConfigContext.file for editing located at ../uportal-portlets-overlay/src/main/webapp/WEB-INF/deployerConfigContext.xml
  2. Uncomment the following piece of code
                            </list>
                    </property>
           
           <!-- UNCOMMENT THIS SECTION BELOW -->
           <property name="authenticationMetaDataPopulators">
               <list>
                  <bean class="org.jasig.cas3.extensions.clearpass.CacheCredentialsMetaDataPopulator">
                     <constructor-arg index="0" ref="credentialsCache" />
                  </bean>
               </list>
            </property
    
         </bean>
       
       <bean id="userPasswordDao" class="org.jasig.portal.cas.authentication.handler.support.PortalPersonDirUserPasswordDao"
            p:data-source-ref="dataSource" />
    
    

Step 2: Edit the security.properties file

  1. Open the security.properties file for editing (located at ../uportal-war/src/main/resources/properties/security.properties)
  2. Make the following changes to the file. You'll see that we switched (comment/uncomment) the CasAssertionSecurityContextFactory with PasswordCachingCasAssertionSecurityContextFactory. Also, you will need to uncomment the section where you need to insert the URL of the CAS cleartext password service (...PasswordCachingCasAsserttionSecurityContextFactory.clearPassCasUrl=http://..../cas/clearPass)
## This is the factory that supplies the concrete authentication class
root=org.jasig.portal.security.provider.UnionSecurityContextFactory
#root.cas=org.jasig.portal.security.provider.cas.CasAssertionSecurityContextFactory
root.cas=org.jasig.cas3.extensions.clearpass.integration.uportal.PasswordCachingCasAssertionSecurityContextFactory
root.simple=org.jasig.portal.security.provider.SimpleSecurityContextFactory

.....


## URL of the CAS cleartext password service
##### REPLACE THE URL WITH YOUR CAS SERVER ####
org.jasig.cas3.extensions.clearpass.integration.uportal.PasswordCachingCasAssertionSecurityContextFactory.clearPassCasUrl=http://localhost:8080/cas/clearPass

Step 3: Edit the bundled cas web.xml file

  1. Open the web.xml file for editing located at ../uportal-portlets-overlay/cas/src/main.webapp/WEB-INF/web.xml.
  2. Uncomment the allowedProxyChains section. (You will probably want to replace the localhost url with your server name)
       <filter>
           <filter-name>CAS Validation Filter</filter-name>
           <filter-class>org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter</filter-class>
           <init-param>
               <param-name>casServerUrlPrefix</param-name>
               <param-value>http://localhost:8080/cas</param-value>
           </init-param>
           <init-param>
               <param-name>serverName</param-name>
               <param-value>http://localhost:8080</param-value>
           </init-param>
           <init-param>
               <param-name>exceptionOnValidationFailure</param-name>
               <param-value>false</param-value>
           </init-param>
           <!-- UNCOMMENT allowedProxyChains  -->
           <init-param>
                <param-name>allowedProxyChains</param-name>
                <param-value>http://localhost:8080/uPortal/CasProxyServlet</param-value>
            </init-param>
           <init-param>
               <param-name>useSession</param-name>
               <param-value>false</param-value>
           </init-param>
           <init-param>
               <param-name>redirectAfterValidation</param-name>
               <param-value>false</param-value>
           </init-param>
       </filter>
    
    

Having problems with these instructions?

Please send us feedback at uportal-user@lists.ja-sig.org

  • No labels