seminar CASifying your first application
JA-SIG pre-conference seminar piece on CASifying an application.
This piece is a hands-on lab exercise.
Starting point
What's on the disc
The CAS3 demonstration disc includes:
- A quickstart instance for each of these operating systems:
- Windows (JDK and Tomcat and Ant)
- OSX (Tomcat and Ant) (OS includes JDK)
- Linux (JDK and Tomcat and Ant)
- The full CAS 3 release (includes source code, etc.)
- An example plugin
Installing the disc
Copy the quickstart appropriate to your platform (cas3-demo-xxx) to your hard disk. The quickstart will only run from a read-write disc (likely will not work from the CD-R itself).
Copy the full CAS 3 release to your hard disc as well, just in case you get interested in the source...
Copy the example plugin directory tree onto your hard disk. You'll need it for Drew's exercise demonstrating using the plugin development environment.
Starting Tomcat
Navigate to the quickstart instance on your hard disk (cas3-demo-xxx) and run the startup batch script / shell script.
Verify Tomcat started
Open a web browser and head to https://localhost:18443/. You should see the default Tomcat ROOT webapp (congratulating you on installing Tomcat).
Verify CAS started
Open a web browser and head to https://localhost:18443/cas/. You should (after Tomcat compiles those JSPs...) see the default CAS login screen.
CASFilter demos
Investigate the demonstrations
Head to https://localhost:18443/demos/. The demos webapp displays links to the other example webapps. These examples demonstrate how to configure and use the CASFilter
CASFilter exercise
The introductory exercise is to CASify the target.jsp in the casify-me web application, by means of mapping the CASFilter.
How to do this:
- Stop your Tomcat (there's a stop script alongside the script you used to start it).
- Edit casify-me/WEB-INF/web.xml to declare the CASFilter. Declare
- The class of the filter
- A name for the filter
- The init param configuring what CAS server login URL to use
- The init param configuring the service URL or server name of the filtered application
- The init param configuring what CAS server ticket validation URL to use
- Edit casify-me/WEB-INF/web.xml to map the CASFilter. Declare
- The name of the filter configured above
- The URL path the filter should affect
- Restart your Tomcat
Ending points
Here's an example web.xml that maps the CASFilter to authenticate users to target.jsp.
<?xml version="1.0" encoding="ISO-8859-1"?>
<web-app xmlns="http://java.sun.com/xml/ns/j2ee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
version="2.4">
<display-name>CAS Filter demo</display-name>
<filter>
<filter-name>CAS Filter</filter-name>
<filter-class>edu.yale.its.tp.cas.client.filter.CASFilter</filter-class>
<init-param>
<param-name>edu.yale.its.tp.cas.client.filter.loginUrl</param-name>
<param-value>https://localhost:18443/cas/login</param-value>
</init-param>
<init-param>
<param-name>edu.yale.its.tp.cas.client.filter.validateUrl</param-name>
<param-value>https://localhost:18443/cas/serviceValidate</param-value>
</init-param>
<init-param>
<param-name>edu.yale.its.tp.cas.client.filter.serverName</param-name>
<param-value>localhost:18443</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CAS Filter</filter-name>
<url-pattern>/target.jsp</url-pattern>
</filter-mapping>
</web-app>
Resources
Here's a JSP that demonstrates displaying the information exposed into the HttpSession by CASFilter.
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<head>
<title>Simple CAS filtered JSP page</title>
</head>
<body>
<h1>CASFilter demo</h1>
<p>This page is intended to be mapped behind the
<a href="http://www.yale.edu/tp/cas/cas-client-java-2.1.0/doc/public/edu/yale/its/tp/cas/client/filter/CASFilter.html">
CASFilter</a> via web.xml configuration.</p>
<p>This page displays information about any present CAS authentication.</p>
<h2>The authenticated username</h2>
<p>The authenticated username is exposed via the a session attribute CASFilter.CAS_FILTER_USER<p>
<c:choose>
<c:when test="${not empty sessionScope['edu.yale.its.tp.cas.client.filter.user']}" >
<p>The authenticated user is:
<b>${sessionScope['edu.yale.its.tp.cas.client.filter.user']}</b></p>
</c:when>
<c:otherwise>
<p>The session attribute exposing the CAS authenticated NetID is not set.</p>
</c:otherwise>
</c:choose>
<p>A
<a href="http://www.yale.edu/tp/cas/cas-client-java-2.1.0/doc/public/edu/yale/its/tp/cas/client/CASReceipt.html">
CASReceipt</a> stored in this session in the session attribute
edu.yale.its.tp.cas.client.filter.receipt exposes advanced information about
the CAS authentication the filter performed..</p>
<c:choose>
<c:when test="${not empty sessionScope['edu.yale.its.tp.cas.client.filter.receipt']}">
<table>
<tr>
<td>CASReceipt property</td>
<td>property value</td>
</tr>
<tr>
<td>casValidateUrl</td>
<td>${sessionScope['edu.yale.its.tp.cas.client.filter.receipt'].casValidateUrl}</td>
</tr>
<tr>
<td>pgtIou</td>
<td>${sessionScope['edu.yale.its.tp.cas.client.filter.receipt'].pgtIou}</td>
</tr>
<tr>
<td>proxyCallbackUrl</td>
<td>${sessionScope['edu.yale.its.tp.cas.client.filter.receipt'].proxyCallbackUrl}</td>
</tr>
<tr>
<td>proxyingService</td>
<td>${sessionScope['edu.yale.its.tp.cas.client.filter.receipt'].proxyingService}</td>
</tr>
<tr>
<td>proxyList</td>
<td>
<c:forEach var="proxyEntry"
items="${sessionScope['edu.yale.its.tp.cas.client.filter.receipt'].proxyList}">
${proxyEntry}<br />
</c:forEach>
</td>
</tr>
<tr>
<td>userName</td>
<td>${sessionScope['edu.yale.its.tp.cas.client.filter.receipt'].userName}</td>
</tr>
<tr>
<td>primaryAuthentication</td>
<td>${sessionScope['edu.yale.its.tp.cas.client.filter.receipt'].primaryAuthentication}</td>
</tr>
</c:when>
<c:otherwise>
<p>No CASReceipt is stored in the session.</p>
</c:otherwise>
</c:choose>
</body>
</html>