Configuring the JA-SIG CAS Client for Java using Spring

Added by Scott Battaglia, last edited by Scott Battaglia on Feb 04, 2008  (view change)
Table of Contents
Clients
CASifying Applications
School Contributed Clients

Configuration of the CAS Client for Java via Spring IoC will depend heavily on their DelegatingFilterProxy class. For each filter that will be configured for CAS via Spring, a corresponding DelegatingFilterProxy is needed in the web.xml.

As the SingleSignOutFilter, HttpServletRequestWrapperFilter and AssertionThreadLocalFilter have no configuration options, we recommend you just configure them in the web.xml

Note: A sample authentication configuration is attached to this page.

Bean definition examples:

<filter>
	<filter-name>CAS Authentication Filter</filter-name>
  	<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
	<init-param>
		<param-name>targetBeanName</param-name>
		<param-value>authenticationFilter</param-value>
	</init-param>
  </filter>
<filter-mapping>
	<filter-name>CAS Authentication Filter</filter-name>
	<url-pattern>/*</url-pattern>
</filter-mapping>

The specific filters can be configured in the following ways. Please see the JavaDocs included in the distribution for specific required and optional properties:

AuthenticationFilter

<bean
	name="authenticationFilter"
	class="org.jasig.cas.client.authentication.AuthenticationFilter"
	p:casServerLoginUrl="https://localhost:8443/cas/login"
	p:renew="false"
	p:gateway="false"
	p:service="https://my.local.service.com/cas-client" />

Cas10TicketValidationFilter

<bean
	name="ticketValidationFilter"
	class="org.jasig.cas.client.validation.Cas10TicketValidationFilter"
	p:service="https://my.local.service.com/cas-client">
	<property name="ticketValidator">
		<bean class="org.jasig.cas.client.validation.Cas10TicketValidator">
			<constructor-arg index="0" value="https://localhost:8443/cas" />
		</bean>
	</property>
</bean>

Saml11TicketValidationFilter

<bean
	name="ticketValidationFilter"
	class="org.jasig.cas.client.validation.Saml11TicketValidationFilter"
	p:service="https://my.local.service.com/cas-client">
	<property name="ticketValidator">
		<bean class="org.jasig.cas.client.validation.Saml11TicketValidator">
			<constructor-arg index="0" value="https://localhost:8443/cas" />
		</bean>
	</property>
</bean>

Cas20ProxyReceivingTicketValidationFilter

Configuration to just validate service tickets:

<bean
	name="ticketValidationFilter"
	class="org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter"
	p:service="https://my.local.service.com/cas-client">
	<property name="ticketValidator">
		<bean class="org.jasig.cas.client.validation.Cas20ServiceTicketValidator">
			<constructor-arg index="0" value="https://localhost:8443/cas" />
		</bean>
	</property>
</bean>

Configuration to accept a Proxy Granting Ticket:

<bean
	name="ticketValidationFilter"
	class="org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter"
	p:service="https://my.local.service.com/cas-client"
	p:proxyReceptorUrl="/proxy/receptor">
	<property name="ticketValidator">
		<bean
			class="org.jasig.cas.client.validation.Cas20ServiceTicketValidator"
			p:proxyCallbackUrl="/proxy/receptor">
			<constructor-arg index="0" value="https://localhost:8443/cas" />
		</bean>
	</property>
</bean>

Configuration to accept any Proxy Ticket (and Proxy Granting Tickets):

<bean
	name="ticketValidationFilter"
	class="org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter"
	p:service="https://my.local.service.com/cas-client"
	p:proxyReceptorUrl="/proxy/receptor">
	<property name="ticketValidator">
		<bean class="org.jasig.cas.client.validation.Cas20ProxyTicketValidator"
			p:AcceptAnyProxy="true"
			p:proxyCallbackUrl="/proxy/receptor">
			<constructor-arg index="0" value="https://localhost:8443/cas" />
		</bean>
	</property>
</bean>

Configuration to accept Proxy Ticket from a chain (and Proxy Granting Tickets):

<bean
	name="ticketValidationFilter"
	class="org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter"
	p:service="https://my.local.service.com/cas-client"
	p:proxyReceptorUrl="/proxy/receptor">
	<property name="ticketValidator">
		<bean class="org.jasig.cas.client.validation.Cas20ProxyTicketValidator"
			p:proxyCallbackUrl="/proxy/receptor">
			<constructor-arg index="0" value="https://localhost:8443/cas" />
			<property name="allowedProxyChains">
				<list>
					<value>http://proxy1 http://proxy2</value>
				</list>
			</property>
		</bean>
	</property>
</bean>
Enter labels to add to this page:
Please wait 
Looking for a label? Just start typing.