Version 14
Created by soshah on May 25, 2007 9:58 AM. Last modified by soshah on May 25, 2007 12:36 PM.

    Description

     

    This Single Sign On plugin enables seamless integration between JBoss Portal and the CAS Single Sign On Framework. CAS Details can be found here

     


     

    Availability

     

    • JBoss Portal 2.6 (2_6_CAS_Integration} branch. This is not included officially as part of the 2.6 release. This feature is experimental and will be merged into the release at a later date.

     


     

    Usage:

     

    • You can use the CAS Central Authentication Server as your Authentication Provider instead of the default JBoss Portal login screen.

     

    • Once you are signed in to the portal via the CAS Server, you will not be asked to login to another instance of the portal.

     


     

    Installation Steps from the Source Build:

     

     

     

    • Step 2: Build/Deploy the portal based on standard JBoss Portal build and deploy instructions

     

     

    • Step 3: Install the CAS server (v 3.0.7). Basically download the CAS Server distribution and deploy the cas.war file into your jboss instance

     

     

    • Step 4: For portal CAS plugin integration: Go to {portal-src-dir}/core and type ant deploy-cas

     

    • Note: The CAS engine does not accept self-signed SSL certificates. This requirement is fine for production use where a production level SSL certificate is available. However, for testing purposes, this can get a little annoying. Hence, if you are having this issue, in Step 4, instead of ant deploy-cas, use ant deploy-cas-lenient

     

     


     

    CAS Plugin Configuration:

     

    • The plugin requires configuring the following file: jboss-portal.sar/portal-server.war/WEB-INF/context.xml.

     

    • The following Valve attributes are set:

     

    • casLogin: URL of your CAS Authentication Server

     

    • casValidate: URL of your CAS Authentication Server validation service

     

    • casServerName: the hostname:port combination of your CAS Authentication Server

     

     


     

    How to Test this integration:

     

     

    • Click on the "Login" link on the main portal page

     

    • This should bring up the CAS Authentication Server's login screen instead of the default JBoss Portal login screen

     

    • Input your portal username and password. For built-in portal login try user:user or admin:admin

     

    • If login is successfull, you should be redirected back to the portal with the appropriate user logged in

     

     


     

    Troubleshooting:

     

    • Make sure the CAS Plugin is integrated properly with the portal

     

      • Checklist:

     

        • Make sure the CAS Server cas.war is deployed in the deploy directory of your jboss server

     

        • Make sure org.jboss.portal.identity.auth.CASAuthenticationHandler is setup as the AuthenticationHandler inside cas.war/WEB-INF/deployerConfigContext.xml

     

        • Make sure the jar portal-identity-lib.jar is installed under cas.war/WEB-INF/lib directory

     

        • Make sure a properly configured context.xml is installed in the jboss-portal.sar/portal-server.war/WEB-INF directory. For details about configuration see the Configuration section above

     

        • Make sure the jar casclient.jar is installed in the jboss-portal.sar/lib directory

     

    • If you are running into SSL related issues

     

      • Make sure your tomcat SSL is turned on and configured properly

     

      • If you are running into an issue with your self-signed SSL certificate, look at the self-signing related note in the Installation section of this document

     

     

    7595 Views Categories: Tags: