Author: sohil.shah(a)jboss.com
Date: 2007-05-25 12:40:42 -0400 (Fri, 25 May 2007)
New Revision: 7342
Added:
branches/2_6_CAS_Integration/identity/cas/config/
branches/2_6_CAS_Integration/identity/cas/config/context.xml
branches/2_6_CAS_Integration/identity/cas/config/deployerConfigContext.xml
Modified:
branches/2_6_CAS_Integration/core/build.xml
Log:
CAS plugin deployment related cleanup
Modified: branches/2_6_CAS_Integration/core/build.xml
===================================================================
--- branches/2_6_CAS_Integration/core/build.xml 2007-05-25 15:49:41 UTC (rev 7341)
+++ branches/2_6_CAS_Integration/core/build.xml 2007-05-25 16:40:42 UTC (rev 7342)
@@ -749,6 +749,15 @@
<copy
todir="${jboss.home}/server/${portal.deploy.dir}/jboss-portal.sar/lib"
overwrite="true">
<fileset dir="../identity/cas/lib" includes="casclient.jar"/>
</copy>
+ <copy
todir="${jboss.home}/server/${portal.deploy.dir}/jboss-portal.sar/portal-server.war/WEB-INF"
overwrite="true">
+ <fileset dir="../identity/cas/config"
includes="context.xml"/>
+ </copy>
+ <copy todir="${jboss.home}/server/${portal.deploy.dir}/cas.war/WEB-INF"
overwrite="true">
+ <fileset dir="../identity/cas/config"
includes="deployerConfigContext.xml"/>
+ </copy>
+ <copy
todir="${jboss.home}/server/${portal.deploy.dir}/cas.war/WEB-INF/lib"
overwrite="true">
+ <fileset
dir="${jboss.home}/server/${portal.deploy.dir}/jboss-portal.sar/lib"
includes="portal-identity-lib.jar"/>
+ </copy>
</target>
<target name="deploy-cas-lenient" depends="deploy-explode">
<require file="${jboss.home}/server/${portal.deploy.dir}"/>
@@ -756,5 +765,14 @@
<copy
todir="${jboss.home}/server/${portal.deploy.dir}/jboss-portal.sar/lib"
overwrite="true">
<fileset dir="../identity/cas/lib"
includes="casclient-lenient.jar"/>
</copy>
+ <copy
todir="${jboss.home}/server/${portal.deploy.dir}/jboss-portal.sar/portal-server.war/WEB-INF"
overwrite="true">
+ <fileset dir="../identity/cas/config"
includes="context.xml"/>
+ </copy>
+ <copy todir="${jboss.home}/server/${portal.deploy.dir}/cas.war/WEB-INF"
overwrite="true">
+ <fileset dir="../identity/cas/config"
includes="deployerConfigContext.xml"/>
+ </copy>
+ <copy
todir="${jboss.home}/server/${portal.deploy.dir}/cas.war/WEB-INF/lib"
overwrite="true">
+ <fileset
dir="${jboss.home}/server/${portal.deploy.dir}/jboss-portal.sar/lib"
includes="portal-identity-lib.jar"/>
+ </copy>
</target>
</project>
Added: branches/2_6_CAS_Integration/identity/cas/config/context.xml
===================================================================
--- branches/2_6_CAS_Integration/identity/cas/config/context.xml
(rev 0)
+++ branches/2_6_CAS_Integration/identity/cas/config/context.xml 2007-05-25 16:40:42 UTC
(rev 7342)
@@ -0,0 +1,9 @@
+<?xml version="1.0"?>
+<Context>
+ <Valve className="org.jboss.portal.identity.auth.CASAuthenticationValve"
+ casLogin="https://localhost/cas/login"
+ casValidate="https://localhost/cas/serviceValidate"
+ casServerName="localhost"
+ authType="FORM"
+ />
+</Context>
Added: branches/2_6_CAS_Integration/identity/cas/config/deployerConfigContext.xml
===================================================================
--- branches/2_6_CAS_Integration/identity/cas/config/deployerConfigContext.xml
(rev 0)
+++ branches/2_6_CAS_Integration/identity/cas/config/deployerConfigContext.xml 2007-05-25
16:40:42 UTC (rev 7342)
@@ -0,0 +1,98 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN"
"http://www.springframework.org/dtd/spring-beans.dtd">
+<!--
+ | deployerConfigContext.xml centralizes into one file some of the declarative
configuration that
+ | all CAS deployers will need to modify.
+ |
+ | This file declares some of the Spring-managed JavaBeans that make up a CAS deployment.
+ | The beans declared in this file are instantiated at context initialization time by the
Spring
+ | ContextLoaderListener declared in web.xml. It finds this file because this
+ | file is among those declared in the context parameter
"contextConfigLocation".
+ |
+ | By far the most common change you will need to make in this file is to change the last
bean
+ | declaration to replace the default SimpleTestUsernamePasswordAuthenticationHandler
with
+ | one implementing your approach for authenticating usernames and passwords.
+ +-->
+<beans>
+ <!--
+ | This bean declares our AuthenticationManager. The CentralAuthenticationService
service bean
+ | declared in applicationContext.xml picks up this AuthenticationManager by reference
to its id,
+ | "authenticationManager". Most deployers will be able to use the default
AuthenticationManager
+ | implementation and so do not need to change the class of this bean. We include the
whole
+ | AuthenticationManager here in the userConfigContext.xml so that you can see the
things you will
+ | need to change in context.
+ +-->
+ <bean id="authenticationManager"
+ class="org.jasig.cas.authentication.AuthenticationManagerImpl">
+ <!--
+ | This is the List of CredentialToPrincipalResolvers that identify what Principal is
trying to authenticate.
+ | The AuthenticationManagerImpl considers them in order, finding a
CredentialToPrincipalResolver which
+ | supports the presented credentials.
+ |
+ | AuthenticationManagerImpl uses these resolvers for two purposes. First, it uses
them to identify the Principal
+ | attempting to authenticate to CAS /login . In the default configuration, it is the
DefaultCredentialsToPrincipalResolver
+ | that fills this role. If you are using some other kind of credentials than
UsernamePasswordCredentials, you will need to replace
+ | DefaultCredentialsToPrincipalResolver with a CredentialsToPrincipalResolver that
supports the credentials you are
+ | using.
+ |
+ | Second, AuthenticationManagerImpl uses these resolvers to identify a service
requesting a proxy granting ticket.
+ | In the default configuration, it is the
HttpBasedServiceCredentialsToPrincipalResolver that serves this purpose.
+ | You will need to change this list if you are identifying services by something more
or other than their callback URL.
+ +-->
+ <property name="credentialsToPrincipalResolvers">
+ <list>
+ <!--
+ | UsernamePasswordCredentialsToPrincipalResolver supports the
UsernamePasswordCredentials that we use for /login
+ | by default and produces SimplePrincipal instances conveying the username from the
credentials.
+ |
+ | If you've changed your LoginFormAction to use credentials other than
UsernamePasswordCredentials then you will also
+ | need to change this bean declaration (or add additional declarations) to declare a
CredentialsToPrincipalResolver that supports the
+ | Credentials you are using.
+ +-->
+ <bean
+ class="org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver"
/>
+ <!--
+ | HttpBasedServiceCredentialsToPrincipalResolver supports HttpBasedCredentials. It
supports the CAS 2.0 approach of
+ | authenticating services by SSL callback, extracting the callback URL from the
Credentials and representing it as a
+ | SimpleService identified by that callback URL.
+ |
+ | If you are representing services by something more or other than an HTTPS URL
whereat they are able to
+ | receive a proxy callback, you will need to change this bean declaration (or add
additional declarations).
+ +-->
+ <bean
+ class="org.jasig.cas.authentication.principal.HttpBasedServiceCredentialsToPrincipalResolver"
/>
+ </list>
+ </property>
+
+ <!--
+ | Whereas CredentialsToPrincipalResolvers identify who it is some Credentials might
authenticate,
+ | AuthenticationHandlers actually authenticate credentials. Here we declare the
AuthenticationHandlers that
+ | authenticate the Principals that the CredentialsToPrincipalResolvers identified.
CAS will try these handlers in turn
+ | until it finds one that both supports the Credentials presented and succeeds in
authenticating.
+ +-->
+ <property name="authenticationHandlers">
+ <list>
+ <!--
+ | This is the authentication handler that authenticates services by means of
callback via SSL, thereby validating
+ | a server side SSL certificate.
+ +-->
+ <bean
+ class="org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler">
+ <property
+ name="httpClient"
+ ref="httpClient" />
+ </bean>
+
+ <!--
+ | This is the authentication handler declaration that every CAS deployer will need
to change before deploying CAS
+ | into production. The default SimpleTestUsernamePasswordAuthenticationHandler
authenticates UsernamePasswordCredentials
+ | where the username equals the password. You will need to replace this with an
AuthenticationHandler that implements your
+ | local authentication strategy. You might accomplish this by coding a new such
handler and declaring
+ | edu.someschool.its.cas.MySpecialHandler here, or you might use one of the handlers
provided in the adaptors modules.
+ +-->
+ <bean
+ class="org.jboss.portal.identity.auth.CASAuthenticationHandler" />
+ </list>
+ </property>
+ </bean>
+</beans>
Show replies by date