CAS on Windows Quick Setup Guide

This tutorial demonstrates how to set up CAS quickly on Windows using the Apache Directory Server for LDAP authentication.

For Quick Setup Only

The instructions in this guide are for a quick LDAP setup only and should not be used for creating a production deployment of CAS. Use the Maven War Overlay method described in Maintaining local customizations using Maven 2 for any deployment that requires configuration management.

Prerequisites

  1. Apache tomcat is installed and running
  2. Java(JDK) is installed.

Instructions

  1. Download Apache directory server from http://directory.apache.org/
  2. Run the setup with all the defaults and test that the server is working on localhost using telnet:
    1. Start->Run->telnet
    2. In the telnet console, type the following: open localhost 10389
    3. If you get a screen that lets you type, Apache Directory Server is configured properly
  3. Download the CAS installation and find the war file e.g. \cas-server-$VERSION\modules\cas-server-webapp-$VERSION.war
  4. Start the Tomcat server, e.g. $TOMCAT_HOME/bin/startup.bat.
  5. Add the CAS war file, cas-server-webapp-3.2.1.war, to the webapps folder, $TOMCAT_HOME\webapps.
  6. Confirm the following directory exists, which indicates a successful deploy, {{$TOMCAT_HOME\webapps\cas-server-webapp-$VERSION},
  7. You may also examine the Tomcat stardard output log file for errors, $TOMCAT_HOME/logs/catalina.out.
  8. Stop the tomcat server, e.g. $TOMCAT_HOME/bin/shutdown.bat.
  9. Add the following to the pom.xml file in the META-INF folder, $TOMCAT_HOME\webapps\cas-server-webapp-$VERSION\META-INF\maven\org.jasig.cas\cas-server-webapp:

    <dependency>
      <groupId>${project.groupId}</groupId>
      <artifactId>cas-server-support-ldap</artifactId>
      <version>${project.version}</version>
    </dependency>
    
  10. Edit $TOMCAT_HOME\webapps\cas-server-webapp-$VERSION\WEB-INF\deployerConfigContext.xmlas follows:
    1. Add the following bean LDAP authentication:

      <bean id="contextSource"
        class="org.springframework.ldap.core.support.LdapContextSource">
        <property name="pooled" value="true"/>
        <property name="urls">
          <list>
            <value>ldap://localhost:10389</value>
          </list>
        </property>
        <property name="userDn" value="uid=admin,ou=system"/>
        <property name="password" value="secret"/>
        <property name="baseEnvironmentProperties">
          <map>
            <entry key="java.naming.security.authentication" value="simple" />
          </map>
        </property>
      </bean>
      
    2. Remove the demo authentication handler, org.jasig.cas.authentication.handler.support.SimpleTestUsernamePasswordAuthenticationHandler, from the authenticationHandlers property of the org.jasig.cas.authentication.AuthenticationManagerImpl bean.
    3. Add the LDAP fast bind authentication handler to the authenticationHandlers property of the authenticationHandlerbean:

      <bean class="org.jasig.cas.adaptors.ldap.FastBindLdapAuthenticationHandler" >
        <property name="filter" value="uid=%u,ou=system" />
        <property name="contextSource" ref="contextSource" />
      </bean>
      
  11. Add the cas-server-support-ldap-$VERSION.jar from the CAS installation to $TOMCAT_HOME\webapps\cas-server-webapp-$VERSION\WEB-INF\lib.
  12. Add the spring-ldap-X.Y.Z.RELEASE-all.jar to $TOMCAT_HOME\webapps\cas-server-webapp-$VERSION\WEB-INF\lib. It can be downloaded from http://www.springsource.org/ldap. X.Y.Z should correspond to latest version.
  13. Start tomcat and confirm there are no errors in the $TOMCAT_HOME\logs\catalina.out log.
  14. Open a browser to the URL http://localhost:8080/cas-server-webapp-$VERSION/ and authenticate with the following credentials, admin/secret.