Page Operations
Browse Space
CAS URLs
Open up the cas.properties file located in the CAS_HOME/cas-server-webapp/src/main/webapp/WEB-INF directory. It should look something like this:
cas.securityContext.serviceProperties.service=https://localhost:8443/cas/services/j_acegi_cas_security_check cas.securityContext.casProcessingFilterEntryPoint.loginUrl=https://localhost:8443/cas/login cas.securityContext.casProxyTicketValidator.casValidate=https://localhost:8443/cas/proxyValidate
You will need to change those URLs (most likely only by changing the hostname and port) to your CAS application's URLs.
ServicesRegistry and Database Connection
In the default deployment, you'll see (volatile data, cleared upon application restart):
<bean id="serviceRegistryDao" class="org.jasig.cas.services.InMemoryServiceRegistryDaoImpl" />
This needs to be replaced, if you want the data to be persistent, with something such as the following procedures:
- Change the bean serviceRegistryDao in deployerConfigContext.xml to something like this. This is to persist the services data to the database of your favour using Hibernate.
<bean id="serviceRegistryDao" class="org.jasig.cas.services.JpaServiceRegistryDaoImpl" p:entityManagerFactory-ref="entityManagerFactory" /> <!-- This is the EntityManagerFactory configuration for Hibernate --> <bean id="entityManagerFactory" class="org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean"> <property name="dataSource" ref="dataSource"/> <property name="jpaVendorAdapter"> <bean class="org.springframework.orm.jpa.vendor.HibernateJpaVendorAdapter"> <property name="generateDdl" value="true"/> <property name="showSql" value="true" /> </bean> </property> <property name="jpaProperties"> <props> <prop key="hibernate.dialect">org.hibernate.dialect.HSQLDialect</prop> <prop key="hibernate.hbm2ddl.auto">update</prop> </props> </property> </bean> <bean id="transactionManager" class="org.springframework.orm.jpa.JpaTransactionManager"> <property name="entityManagerFactory" ref="entityManagerFactory"/> </bean> <tx:annotation-driven transaction-manager="transactionManager"/> <bean id="dataSource" class="com.mchange.v2.c3p0.ComboPooledDataSource" p:driverClass="org.hsqldb.jdbcDriver" p:jdbcUrl-ref="database" p:password="" p:user="sa" />
- The data source will need to be modified for your particular database (i.e. Oracle, MySQL, etc.), but the name "dataSource" should be preserved.
MySQL example:<bean id="dataSource" class="org.apache.commons.dbcp.BasicDataSource" p:driverClassName="com.mysql.jdbc.Driver" p:url="jdbc:mysql://localhost:3306/test?autoReconnect=true" p:password="" p:username="sa" />
- The data source will need to be modified for your particular database (i.e. Oracle, MySQL, etc.), but the name "dataSource" should be preserved.
- Change the property hibernate.dialect in adequacy with your data base in cas.properties and deployerConfigContext.xml.
MySQL example:
In cas.propertiesdatabase.hibernate.dialect=org.hibernate.dialect.MySQLDialect
In deployerConfigContext.xml
<prop key="hibernate.dialect">org.hibernate.dialect.MySQLDialect</prop> - Add the xml namespace "tx" to deployerConfigContext.xml
<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:tx="http://www.springframework.org/schema/tx" xmlns:p="http://www.springframework.org/schema/p" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-2.0.xsd">
- Whatever dataSource you use, add the dependency to the pom.xml file for your CAS webapp (the default is cas-server-webapp/pom.xml), to include the relevant jars.
Example of using Apache Commons DBCP:<dependency> <groupId>commons-dbcp</groupId> <artifactId>commons-dbcp</artifactId> <version>1.2.2</version> <scope>runtime</scope> </dependency> - Add other related dependencies
<dependency> <groupId>mysql</groupId> <artifactId>mysql-connector-java</artifactId> <version>3.1.11</version> <scope>provided</scope> </dependency> <dependency> <groupId>org.hibernate</groupId> <artifactId>hibernate-entitymanager</artifactId> <version>3.3.1.ga</version> </dependency> <dependency> <groupId>org.hibernate</groupId> <artifactId>hibernate</artifactId> <version>3.2.5.ga</version> </dependency> <dependency> <groupId>concurrent</groupId> <artifactId>concurrent</artifactId> <version>1.3.4</version> </dependency> - Comment out spring-dao exclusion in pom.xml
<!-- <exclusion> <groupId>org.springframework</groupId> <artifactId>spring-dao</artifactId> </exclusion> -->
- Package your webapp and go for a try.
Securing the Services Management Application
The first step is to modify the cas.properties as above in order to actually authenticate via CAS (you can also replace the mechanism with another entry).
Once you've done that, you'll need to include the authorization information. The default securityContext.xml includes a hard-coded in-memory authorization DAO. For simple cases, this may be sufficient. You can add/remove entries by looking for the following in deployerConfigContext.xml:
<bean id="userDetailsService" class="org.acegisecurity.userdetails.memory.InMemoryDaoImpl"> <property name="userMap"> <value> username=notused,ROLE_ADMIN </value> </property> </bean>
You can also replace the in-memory implementation with any of the provided Acegi choices. More information can be found on them at the Acegi Security web site.
Your First Entry
If you're using CAS to authenticate against the Services Management application (as opposed to using some form-based mechanism, etc.) then your first entry in the Services Management application needs to be the Services Management application itself!
References
- Hibernate Dialect for different database
http://www.roseindia.net/hibernate/firstexample.shtml - Spring Framework's declarative transaction implementation
http://www.springframework.org/docs/reference/transaction.html#transaction-declarative-first-example