Legacy

New CAS documentation site

CAS documentation has moved over to apereo.github.io/cas, starting with CAS version 4.x. The wiki will no longer be maintained. For the most recent version of the documentation, please refer to the aforementioned link.

Legacy Authentication Handler

Please note that though we support adapting CAS2 PasswordHandlers to CAS3 Authentication Handlers we recommend you upgrade to an Authentication Handler (especially since we have many generic solutions).

Including the Handler

In the pom.xml file for your CAS Maven2 WAR Overlay, add the following dependency:

 
<dependency>
     <groupId>org.jasig.cas</groupId>
     <artifactId>cas-server-support-legacy</artifactId>
     <version>${cas.version}</version>
</dependency>

Core Classes

LegacyCasCredentials

This class is an extension of the traditional CAS3 UsernamePasswordCredentials to include the HttpServletRequest, which all CAS2 password handler classes expect.

LegacyCasCredentialsBinder

The legacy binder allows for additional binding beyond the normal Spring request parameter/property binding. In this case it sets the request property on the LegacyCasCredentials.

LegacyCasPasswordHandlerAdaptorAuthenticationHandler

This class basically extracts the properties from the LegacyCasCredentials and passes them to the PasswordHandler.

Configuration

In your cas-servlet.xml, look for the <literal>AuthenticationViaForm</literal> bean, generally defined as follows:

<bean
	id="authenticationViaFormAction"
	parent="abstractCasLoginAction"
	class="org.jasig.cas.web.flow.AuthenticationViaFormAction" />

Modify it so that it looks like this:

<bean id="authenticationViaFormAction" parent="abstractCasLoginAction" class="org.jasig.cas.web.flow.AuthenticationViaFormAction">
	<property name="formObjectClass" value="org.jasig.cas.adaptors.cas.LegacyCasCredentials" />
	<property name="formObjectName" value="credentials" />
	<property name="credentialsBinder">
		<bean
			class="org.jasig.cas.adaptors.cas.LegacyCasCredentialsBinder" />
	</property>
</bean>

This configuration tells the FormAction to use the LegacyCasCredentials and the LegacyCasCredentialsBinder.

Finally, in your deployerConfigContext.xml, you'll need to define your password handler. In most cases you'll want to replace the existing test handler definition with the following:

<bean class="org.jasig.cas.adaptors.cas.LegacyPasswordHandlerAdaptorAuthenticationHandler">
	<property name="passwordHandler">
	  <bean class="edu.someschoool.its.cas.MySpecialPasswordHandler"/>
	</property>
</bean>

Note that edu.someschoool.its.cas.MySpecialPasswordHandler should be replaced with your PasswordHandler class name.