Author: sohil.shah(a)jboss.com
Date: 2009-11-15 15:51:26 -0500 (Sun, 15 Nov 2009)
New Revision: 13830
Added:
jbossexo/modules/sso/trunk/gatein-cas-plugin/src/main/config/WEB-INF/
jbossexo/modules/sso/trunk/gatein-cas-plugin/src/main/config/WEB-INF/deployerConfigContext.xml
Removed:
jbossexo/modules/sso/trunk/gatein-cas-plugin/src/main/config/deployerConfigContext.xml
Modified:
jbossexo/modules/sso/trunk/gatein-cas-plugin/pom.xml
jbossexo/modules/sso/trunk/gatein-josso-plugin/pom.xml
Log:
cas plugin "tomcat-6.0.2" packaging
Modified: jbossexo/modules/sso/trunk/gatein-cas-plugin/pom.xml
===================================================================
--- jbossexo/modules/sso/trunk/gatein-cas-plugin/pom.xml 2009-11-15 20:11:11 UTC (rev
13829)
+++ jbossexo/modules/sso/trunk/gatein-cas-plugin/pom.xml 2009-11-15 20:51:26 UTC (rev
13830)
@@ -33,10 +33,83 @@
<artifactId>maven-surefire-plugin</artifactId>
<version>2.3.1</version>
<configuration>
- <skip>false</skip>
+ <skip>true</skip>
</configuration>
</plugin>
</plugins>
- </build>
+ </build>
+
+ <!-- profile for packaging and deploying this plugin into a cas server -->
+ <profiles>
+ <profile>
+ <id>plugin-tomcat-deploy</id>
+ <properties>
+ <!-- ChangeMe to your specific local environment -->
+
<tomcat60.cas.location>/home/soshah/projects/gatein/runtime/tomcat-cas-3.3.4</tomcat60.cas.location>
+ </properties>
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.jvnet.maven-antrun-extended-plugin</groupId>
+ <artifactId>maven-antrun-extended-plugin</artifactId>
+ <executions>
+ <execution>
+ <id>plugin-tomcat-package</id>
+ <phase>package</phase>
+ <configuration>
+ <tasks>
+ <echo message="Preparing the CAS Plugin for Tomcat
6.0.2......"/>
+
+ <!-- setup the directory for the plugin artifacts -->
+ <delete dir="${basedir}/target/plugin"/>
+ <mkdir dir="${basedir}/target/plugin"/>
+
+ <!-- prepare the plugin configuration -->
+ <copy
todir="${basedir}/target/plugin/webapps/cas/WEB-INF">
+ <fileset dir="${basedir}/src/main/config/WEB-INF"/>
+ </copy>
+
+ <!-- prepare the plugin jar -->
+ <copy
tofile="${basedir}/target/plugin/webapps/cas/WEB-INF/lib/gatein-cas-plugin.jar"
+
file="${basedir}/target/gatein-cas-plugin-${project.version}.jar"
+ overwrite="true"/>
+
+ <!-- copy thirdparty dependency -->
+ <copy
tofile="${basedir}/target/plugin/webapps/cas/WEB-INF/lib/commons-httpclient.jar"
+
file="${settings.localRepository}/commons-httpclient/commons-httpclient/${version.commons-httpclient}/commons-httpclient-${version.commons-httpclient}.jar"
+ overwrite="true"/>
+ </tasks>
+ </configuration>
+ <goals>
+ <goal>run</goal>
+ </goals>
+ </execution>
+ <execution>
+ <id>plugin-tomcat-install</id>
+ <phase>install</phase>
+ <configuration>
+ <tasks>
+ <echo message="Starting CAS Plugin Deployment into Tomcat
6.0.2......"/>
+
+ <!-- jar plugin -->
+ <jar destfile="${basedir}/target/plugin.jar"
basedir="${basedir}/target/plugin"/>
+
+ <!-- explode the jar to install the plugin -->
+ <unjar src="${basedir}/target/plugin.jar"
dest="${tomcat60.cas.location}" overwrite="true"/>
+
+ <!-- cleanup -->
+ <delete dir="${tomcat60.cas.location}/META-INF"/>
+ </tasks>
+ </configuration>
+ <goals>
+ <goal>run</goal>
+ </goals>
+ </execution>
+ </executions>
+ </plugin>
+ </plugins>
+ </build>
+ </profile>
+ </profiles>
</project>
Copied:
jbossexo/modules/sso/trunk/gatein-cas-plugin/src/main/config/WEB-INF/deployerConfigContext.xml
(from rev 13829,
jbossexo/modules/sso/trunk/gatein-cas-plugin/src/main/config/deployerConfigContext.xml)
===================================================================
---
jbossexo/modules/sso/trunk/gatein-cas-plugin/src/main/config/WEB-INF/deployerConfigContext.xml
(rev 0)
+++
jbossexo/modules/sso/trunk/gatein-cas-plugin/src/main/config/WEB-INF/deployerConfigContext.xml 2009-11-15
20:51:26 UTC (rev 13830)
@@ -0,0 +1,151 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ | deployerConfigContext.xml centralizes into one file some of the declarative
configuration that
+ | all CAS deployers will need to modify.
+ |
+ | This file declares some of the Spring-managed JavaBeans that make up a CAS deployment.
+ | The beans declared in this file are instantiated at context initialization time by the
Spring
+ | ContextLoaderListener declared in web.xml. It finds this file because this
+ | file is among those declared in the context parameter
"contextConfigLocation".
+ |
+ | By far the most common change you will need to make in this file is to change the last
bean
+ | declaration to replace the default SimpleTestUsernamePasswordAuthenticationHandler
with
+ | one implementing your approach for authenticating usernames and passwords.
+ +-->
+<beans
xmlns="http://www.springframework.org/schema/beans"
+
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+
xmlns:p="http://www.springframework.org/schema/p"
+
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-2.0.xsd">
+ <!--
+ | This bean declares our AuthenticationManager. The CentralAuthenticationService
service bean
+ | declared in applicationContext.xml picks up this AuthenticationManager by reference
to its id,
+ | "authenticationManager". Most deployers will be able to use the default
AuthenticationManager
+ | implementation and so do not need to change the class of this bean. We include the
whole
+ | AuthenticationManager here in the userConfigContext.xml so that you can see the
things you will
+ | need to change in context.
+ +-->
+ <bean id="authenticationManager"
+ class="org.jasig.cas.authentication.AuthenticationManagerImpl">
+ <!--
+ | This is the List of CredentialToPrincipalResolvers that identify what Principal is
trying to authenticate.
+ | The AuthenticationManagerImpl considers them in order, finding a
CredentialToPrincipalResolver which
+ | supports the presented credentials.
+ |
+ | AuthenticationManagerImpl uses these resolvers for two purposes. First, it uses
them to identify the Principal
+ | attempting to authenticate to CAS /login . In the default configuration, it is the
DefaultCredentialsToPrincipalResolver
+ | that fills this role. If you are using some other kind of credentials than
UsernamePasswordCredentials, you will need to replace
+ | DefaultCredentialsToPrincipalResolver with a CredentialsToPrincipalResolver that
supports the credentials you are
+ | using.
+ |
+ | Second, AuthenticationManagerImpl uses these resolvers to identify a service
requesting a proxy granting ticket.
+ | In the default configuration, it is the
HttpBasedServiceCredentialsToPrincipalResolver that serves this purpose.
+ | You will need to change this list if you are identifying services by something more
or other than their callback URL.
+ +-->
+ <property name="credentialsToPrincipalResolvers">
+ <list>
+ <!--
+ | UsernamePasswordCredentialsToPrincipalResolver supports the
UsernamePasswordCredentials that we use for /login
+ | by default and produces SimplePrincipal instances conveying the username from the
credentials.
+ |
+ | If you've changed your LoginFormAction to use credentials other than
UsernamePasswordCredentials then you will also
+ | need to change this bean declaration (or add additional declarations) to declare a
CredentialsToPrincipalResolver that supports the
+ | Credentials you are using.
+ +-->
+ <bean
+ class="org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver"
/>
+ <!--
+ | HttpBasedServiceCredentialsToPrincipalResolver supports HttpBasedCredentials. It
supports the CAS 2.0 approach of
+ | authenticating services by SSL callback, extracting the callback URL from the
Credentials and representing it as a
+ | SimpleService identified by that callback URL.
+ |
+ | If you are representing services by something more or other than an HTTPS URL
whereat they are able to
+ | receive a proxy callback, you will need to change this bean declaration (or add
additional declarations).
+ +-->
+ <bean
+ class="org.jasig.cas.authentication.principal.HttpBasedServiceCredentialsToPrincipalResolver"
/>
+ </list>
+ </property>
+
+ <!--
+ | Whereas CredentialsToPrincipalResolvers identify who it is some Credentials might
authenticate,
+ | AuthenticationHandlers actually authenticate credentials. Here we declare the
AuthenticationHandlers that
+ | authenticate the Principals that the CredentialsToPrincipalResolvers identified.
CAS will try these handlers in turn
+ | until it finds one that both supports the Credentials presented and succeeds in
authenticating.
+ +-->
+ <property name="authenticationHandlers">
+ <list>
+ <!--
+ | This is the authentication handler that authenticates services by means of
callback via SSL, thereby validating
+ | a server side SSL certificate.
+ +-->
+ <bean
class="org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler"
+ p:httpClient-ref="httpClient" />
+ <!--
+ | This is the authentication handler declaration that every CAS deployer will need
to change before deploying CAS
+ | into production. The default SimpleTestUsernamePasswordAuthenticationHandler
authenticates UsernamePasswordCredentials
+ | where the username equals the password. You will need to replace this with an
AuthenticationHandler that implements your
+ | local authentication strategy. You might accomplish this by coding a new such
handler and declaring
+ | edu.someschool.its.cas.MySpecialHandler here, or you might use one of the handlers
provided in the adaptors modules.
+ +-->
+
+ <!--
+ <bean
class="org.jasig.cas.authentication.handler.support.SimpleTestUsernamePasswordAuthenticationHandler"
/>
+ -->
+ <!-- Integrates with the Gatein Authentication Service to perform
authentication -->
+ <!--
+ Note: Modify the Plugin Configuration based on the actual information of a GateIn
instance.
+ The instance can be anywhere on the internet...Not on localhost where CAS is
running
+ -->
+ <bean class="org.gatein.sso.cas.plugin.AuthenticationPlugin">
+ <property
name="gateInHost"><value>localhost</value></property>
+ <property
name="gateInPort"><value>1500</value></property>
+ <property
name="gateInContext"><value>portal</value></property>
+ </bean>
+ </list>
+ </property>
+ </bean>
+
+
+ <!--
+ This bean defines the security roles for the Services Management application. Simple
deployments can use the in-memory version.
+ More robust deployments will want to use another option, such as the Jdbc version.
+
+ The name of this should remain "userDetailsService" in order for Acegi to find
it.
+
+ To use this, you should add an entry similar to the following between the two value
tags:
+ battags=notused,ROLE_ADMIN
+
+ where battags is the username you want to grant access to. You can put one entry per
line.
+ -->
+ <bean id="userDetailsService"
class="org.springframework.security.userdetails.memory.InMemoryDaoImpl">
+ <property name="userMap">
+ <value>
+
+ </value>
+ </property>
+ </bean>
+
+ <!--
+ Bean that defines the attributes that a service may return. This example uses the
Stub/Mock version. A real implementation
+ may go against a database or LDAP server. The id should remain
"attributeRepository" though.
+ -->
+ <bean id="attributeRepository"
+ class="org.jasig.services.persondir.support.StubPersonAttributeDao">
+ <property name="backingMap">
+ <map>
+ <entry key="uid" value="uid" />
+ <entry key="eduPersonAffiliation" value="eduPersonAffiliation"
/>
+ <entry key="groupMembership" value="groupMembership" />
+ </map>
+ </property>
+ </bean>
+
+ <!--
+ Sample, in-memory data store for the ServiceRegistry. A real implementation
+ would probably want to replace this with the JPA-backed ServiceRegistry DAO
+ The name of this bean should remain "serviceRegistryDao".
+ -->
+ <bean
+ id="serviceRegistryDao"
+ class="org.jasig.cas.services.InMemoryServiceRegistryDaoImpl" />
+</beans>
Property changes on:
jbossexo/modules/sso/trunk/gatein-cas-plugin/src/main/config/WEB-INF/deployerConfigContext.xml
___________________________________________________________________
Name: svn:mergeinfo
+
Deleted:
jbossexo/modules/sso/trunk/gatein-cas-plugin/src/main/config/deployerConfigContext.xml
===================================================================
---
jbossexo/modules/sso/trunk/gatein-cas-plugin/src/main/config/deployerConfigContext.xml 2009-11-15
20:11:11 UTC (rev 13829)
+++
jbossexo/modules/sso/trunk/gatein-cas-plugin/src/main/config/deployerConfigContext.xml 2009-11-15
20:51:26 UTC (rev 13830)
@@ -1,151 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
- | deployerConfigContext.xml centralizes into one file some of the declarative
configuration that
- | all CAS deployers will need to modify.
- |
- | This file declares some of the Spring-managed JavaBeans that make up a CAS deployment.
- | The beans declared in this file are instantiated at context initialization time by the
Spring
- | ContextLoaderListener declared in web.xml. It finds this file because this
- | file is among those declared in the context parameter
"contextConfigLocation".
- |
- | By far the most common change you will need to make in this file is to change the last
bean
- | declaration to replace the default SimpleTestUsernamePasswordAuthenticationHandler
with
- | one implementing your approach for authenticating usernames and passwords.
- +-->
-<beans
xmlns="http://www.springframework.org/schema/beans"
-
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-
xmlns:p="http://www.springframework.org/schema/p"
-
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-2.0.xsd">
- <!--
- | This bean declares our AuthenticationManager. The CentralAuthenticationService
service bean
- | declared in applicationContext.xml picks up this AuthenticationManager by reference
to its id,
- | "authenticationManager". Most deployers will be able to use the default
AuthenticationManager
- | implementation and so do not need to change the class of this bean. We include the
whole
- | AuthenticationManager here in the userConfigContext.xml so that you can see the
things you will
- | need to change in context.
- +-->
- <bean id="authenticationManager"
- class="org.jasig.cas.authentication.AuthenticationManagerImpl">
- <!--
- | This is the List of CredentialToPrincipalResolvers that identify what Principal is
trying to authenticate.
- | The AuthenticationManagerImpl considers them in order, finding a
CredentialToPrincipalResolver which
- | supports the presented credentials.
- |
- | AuthenticationManagerImpl uses these resolvers for two purposes. First, it uses
them to identify the Principal
- | attempting to authenticate to CAS /login . In the default configuration, it is the
DefaultCredentialsToPrincipalResolver
- | that fills this role. If you are using some other kind of credentials than
UsernamePasswordCredentials, you will need to replace
- | DefaultCredentialsToPrincipalResolver with a CredentialsToPrincipalResolver that
supports the credentials you are
- | using.
- |
- | Second, AuthenticationManagerImpl uses these resolvers to identify a service
requesting a proxy granting ticket.
- | In the default configuration, it is the
HttpBasedServiceCredentialsToPrincipalResolver that serves this purpose.
- | You will need to change this list if you are identifying services by something more
or other than their callback URL.
- +-->
- <property name="credentialsToPrincipalResolvers">
- <list>
- <!--
- | UsernamePasswordCredentialsToPrincipalResolver supports the
UsernamePasswordCredentials that we use for /login
- | by default and produces SimplePrincipal instances conveying the username from the
credentials.
- |
- | If you've changed your LoginFormAction to use credentials other than
UsernamePasswordCredentials then you will also
- | need to change this bean declaration (or add additional declarations) to declare a
CredentialsToPrincipalResolver that supports the
- | Credentials you are using.
- +-->
- <bean
- class="org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver"
/>
- <!--
- | HttpBasedServiceCredentialsToPrincipalResolver supports HttpBasedCredentials. It
supports the CAS 2.0 approach of
- | authenticating services by SSL callback, extracting the callback URL from the
Credentials and representing it as a
- | SimpleService identified by that callback URL.
- |
- | If you are representing services by something more or other than an HTTPS URL
whereat they are able to
- | receive a proxy callback, you will need to change this bean declaration (or add
additional declarations).
- +-->
- <bean
- class="org.jasig.cas.authentication.principal.HttpBasedServiceCredentialsToPrincipalResolver"
/>
- </list>
- </property>
-
- <!--
- | Whereas CredentialsToPrincipalResolvers identify who it is some Credentials might
authenticate,
- | AuthenticationHandlers actually authenticate credentials. Here we declare the
AuthenticationHandlers that
- | authenticate the Principals that the CredentialsToPrincipalResolvers identified.
CAS will try these handlers in turn
- | until it finds one that both supports the Credentials presented and succeeds in
authenticating.
- +-->
- <property name="authenticationHandlers">
- <list>
- <!--
- | This is the authentication handler that authenticates services by means of
callback via SSL, thereby validating
- | a server side SSL certificate.
- +-->
- <bean
class="org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler"
- p:httpClient-ref="httpClient" />
- <!--
- | This is the authentication handler declaration that every CAS deployer will need
to change before deploying CAS
- | into production. The default SimpleTestUsernamePasswordAuthenticationHandler
authenticates UsernamePasswordCredentials
- | where the username equals the password. You will need to replace this with an
AuthenticationHandler that implements your
- | local authentication strategy. You might accomplish this by coding a new such
handler and declaring
- | edu.someschool.its.cas.MySpecialHandler here, or you might use one of the handlers
provided in the adaptors modules.
- +-->
-
- <!--
- <bean
class="org.jasig.cas.authentication.handler.support.SimpleTestUsernamePasswordAuthenticationHandler"
/>
- -->
- <!-- Integrates with the Gatein Authentication Service to perform
authentication -->
- <!--
- Note: Modify the Plugin Configuration based on the actual information of a GateIn
instance.
- The instance can be anywhere on the internet...Not on localhost where CAS is
running
- -->
- <bean class="org.gatein.sso.cas.plugin.AuthenticationPlugin">
- <property
name="gateInHost"><value>localhost</value></property>
- <property
name="gateInPort"><value>1500</value></property>
- <property
name="gateInContext"><value>portal</value></property>
- </bean>
- </list>
- </property>
- </bean>
-
-
- <!--
- This bean defines the security roles for the Services Management application. Simple
deployments can use the in-memory version.
- More robust deployments will want to use another option, such as the Jdbc version.
-
- The name of this should remain "userDetailsService" in order for Acegi to find
it.
-
- To use this, you should add an entry similar to the following between the two value
tags:
- battags=notused,ROLE_ADMIN
-
- where battags is the username you want to grant access to. You can put one entry per
line.
- -->
- <bean id="userDetailsService"
class="org.springframework.security.userdetails.memory.InMemoryDaoImpl">
- <property name="userMap">
- <value>
-
- </value>
- </property>
- </bean>
-
- <!--
- Bean that defines the attributes that a service may return. This example uses the
Stub/Mock version. A real implementation
- may go against a database or LDAP server. The id should remain
"attributeRepository" though.
- -->
- <bean id="attributeRepository"
- class="org.jasig.services.persondir.support.StubPersonAttributeDao">
- <property name="backingMap">
- <map>
- <entry key="uid" value="uid" />
- <entry key="eduPersonAffiliation" value="eduPersonAffiliation"
/>
- <entry key="groupMembership" value="groupMembership" />
- </map>
- </property>
- </bean>
-
- <!--
- Sample, in-memory data store for the ServiceRegistry. A real implementation
- would probably want to replace this with the JPA-backed ServiceRegistry DAO
- The name of this bean should remain "serviceRegistryDao".
- -->
- <bean
- id="serviceRegistryDao"
- class="org.jasig.cas.services.InMemoryServiceRegistryDaoImpl" />
-</beans>
Modified: jbossexo/modules/sso/trunk/gatein-josso-plugin/pom.xml
===================================================================
--- jbossexo/modules/sso/trunk/gatein-josso-plugin/pom.xml 2009-11-15 20:11:11 UTC (rev
13829)
+++ jbossexo/modules/sso/trunk/gatein-josso-plugin/pom.xml 2009-11-15 20:51:26 UTC (rev
13830)
@@ -60,7 +60,7 @@
<id>plugin-tomcat-deploy</id>
<properties>
<!-- ChangeMe to your specific local environment -->
-
<tomcat60.location>/home/soshah/projects/gatein/runtime/tomcat-josso-1.8.1</tomcat60.location>
+
<tomcat60.josso.location>/home/soshah/projects/gatein/runtime/tomcat-josso-1.8.1</tomcat60.josso.location>
</properties>
<build>
<plugins>
@@ -117,10 +117,10 @@
<jar destfile="${basedir}/target/plugin.jar"
basedir="${basedir}/target/plugin"/>
<!-- explode the jar to install the plugin -->
- <unjar src="${basedir}/target/plugin.jar"
dest="${tomcat60.location}" overwrite="true"/>
+ <unjar src="${basedir}/target/plugin.jar"
dest="${tomcat60.josso.location}" overwrite="true"/>
<!-- cleanup -->
- <delete dir="${tomcat60.location}/META-INF"/>
+ <delete dir="${tomcat60.josso.location}/META-INF"/>
</tasks>
</configuration>
<goals>