ClearPass Integration - Maven Overlay

Using the bundled CAS server in uPortal you can use the preferred maven overlay approach to integrating the clearPass feature. There is a patch available to accomplish this, below describes the steps to perform the integration after applying the patch. By default, the clearPass feature is not activated.

Step 1: Edit the cas deployerConfigContext.xml file

  1. Open the deployerConfigContext.file for editing located at ../uportal-portlets-overlay/src/main/webapp/WEB-INF/deployerConfigContext.xml
  2. Uncomment the AuthenticationMetaDataPopulators property.
       <!-- UNCOMMENTED authenticationMetaDataPopulators property -->
       <property name="authenticationMetaDataPopulators">
              <bean class="org.jasig.cas3.extensions.clearpass.CacheCredentialsMetaDataPopulator">
                 <constructor-arg index="0" ref="credentialsCache" />

   <bean id="userPasswordDao" class="org.jasig.portal.cas.authentication.handler.support.PortalPersonDirUserPasswordDao"
        p:data-source-ref="dataSource" />

Step 2: Edit the security.properties file

  1. Open the security.properties file for editing (located at ../uportal-war/src/main/resources/properties/security.properties)
  2. Make the following changes to the file. You'll see that we switched (comment/uncomment) the CasAssertionSecurityContextFactory with PasswordCachingCasAssertionSecurityContextFactory. Also, you will need to uncomment the section where you need to insert the URL of the CAS cleartext password service (...PasswordCachingCasAsserttionSecurityContextFactory.clearPassCasUrl=http://..../cas/clearPass)
## This is the factory that supplies the concrete authentication class


## URL of the CAS cleartext password service

Step 3: Edit the bundled cas web.xml file

  1. Open the web.xml file for editing located at ../uportal-portlets-overlay/cas/src/main.webapp/WEB-INF/web.xml.
  2. Uncomment the allowedProxyChains section. (You will probably want to replace the localhost url with your server name)
           <filter-name>CAS Validation Filter</filter-name>
           <!-- UNCOMMENTED allowedProxyChains  -->

Step 4: Redeploy uPortal

ant clean deploy-ear

Step 5: Restart Tomcat

Having problems with these instructions?

