Kombinierte Ansicht Flache Ansicht Baumansicht
Threads [ Zurück | Nächste ]
toggle
Liferay 6 with existing CAS server John John 29. Februar 2012 07:03
RE: Liferay 6 with existing CAS server David H Nebinger 29. Februar 2012 07:49
RE: Liferay 6 with existing CAS server John John 2. März 2012 09:45
RE: Liferay 6 with existing CAS server Juan Gonzalez 2. März 2012 11:26
RE: Liferay 6 with existing CAS server Subhasis Roy 5. März 2012 23:31
RE: Liferay 6 with existing CAS server John John 26. März 2012 07:36
RE: Liferay 6 with existing CAS server David H Nebinger 26. März 2012 08:54
RE: Liferay 6 with existing CAS server John John 26. März 2012 09:46
RE: Liferay 6 with existing CAS server David H Nebinger 26. März 2012 13:39
RE: Liferay 6 with existing CAS server John John 26. März 2012 16:20
RE: Liferay 6 with existing CAS server David H Nebinger 26. März 2012 16:23
RE: Liferay 6 with existing CAS server John John 28. März 2012 16:15
RE: Liferay 6 with existing CAS server Juan Gonzalez 29. März 2012 00:42
RE: Liferay 6 with existing CAS server John John 30. März 2012 07:39
RE: Liferay 6 with existing CAS server Juan Gonzalez 30. März 2012 08:32
RE: Liferay 6 with existing CAS server John John 30. März 2012 09:05
RE: Liferay 6 with existing CAS server Juan Gonzalez 31. März 2012 00:31
RE: Liferay 6 with existing CAS server Kamesh Sampath 5. April 2012 22:49
RE: Liferay 6 with existing CAS server Juan Gonzalez 6. April 2012 01:42
RE: Liferay 6 with existing CAS server Kamesh Sampath 9. April 2012 20:55
RE: Liferay 6 with existing CAS server Juan Gonzalez 10. April 2012 08:30
RE: Liferay 6 with existing CAS server Kamesh Sampath 10. April 2012 09:14
RE: Liferay 6 with existing CAS server Juan Gonzalez 10. April 2012 10:28
John John
Liferay 6 with existing CAS server
29. Februar 2012 07:03
Antwort

John John

Rang: New Member

Nachrichten: 23

Eintrittsdatum: 12. Februar 2012

Neue Beiträge

Most of the documentation I've seen has you installing the cas server and starting from there. What if I just want to integrate my portal with a CAS server that already exists and is up and running? Do I need to only configure it to use CAS authentication with the correct settings under the Portal Settings and then have those running the CAS server configure it on their end? Do I still need to generate the SSL cert?
David H Nebinger
RE: Liferay 6 with existing CAS server
29. Februar 2012 07:49
Antwort

David H Nebinger

Rang: Liferay Legend

Nachrichten: 7252

Eintrittsdatum: 1. September 2006

Neue Beiträge

You can just skip the step for installing the CAS server since you already have one.
John John
RE: Liferay 6 with existing CAS server
2. März 2012 09:45
Antwort

John John

Rang: New Member

Nachrichten: 23

Eintrittsdatum: 12. Februar 2012

Neue Beiträge

Okay, so the cas client is already in the root/web-inf/lib directory. Then what? How do I import CASReceipt into a project? import edu.yale.its.tp.cas.client.CASReceipt isn't recognized. The documentation doesn't go much into the CAS client other than it already being in the directory. My portal successfully redirects to CAS, authenticates, and then redirects back to my portal. I want to access attributes from CAS. Any link or help is appreciated.
Juan Gonzalez
RE: Liferay 6 with existing CAS server
2. März 2012 11:26
Antwort

Juan Gonzalez

LIFERAY STAFF

Rang: Liferay Legend

Nachrichten: 1984

Eintrittsdatum: 28. Oktober 2008

Neue Beiträge

John John:
Okay, so the cas client is already in the root/web-inf/lib directory. Then what? How do I import CASReceipt into a project? import edu.yale.its.tp.cas.client.CASReceipt isn't recognized. The documentation doesn't go much into the CAS client other than it already being in the directory. My portal successfully redirects to CAS, authenticates, and then redirects back to my portal. I want to access attributes from CAS. Any link or help is appreciated.


CAS works ok. If you want additional features (like attributes) probably you want SAML, and that is a EE feature.
Subhasis Roy
RE: Liferay 6 with existing CAS server
5. März 2012 23:31
Antwort

Subhasis Roy

Rang: Regular Member

Nachrichten: 234

Eintrittsdatum: 19. Januar 2012

Neue Beiträge

John John:
Okay, so the cas client is already in the root/web-inf/lib directory. Then what? How do I import CASReceipt into a project? import edu.yale.its.tp.cas.client.CASReceipt isn't recognized. The documentation doesn't go much into the CAS client other than it already being in the directory. My portal successfully redirects to CAS, authenticates, and then redirects back to my portal. I want to access attributes from CAS. Any link or help is appreciated.



Are you trying to access the logged in user id? What attribute you want to access from CAS in your application?

You can access the userId / Roles from your theme after login.

Please be more clear on that.
John John
RE: Liferay 6 with existing CAS server
26. März 2012 07:36
Antwort

John John

Rang: New Member

Nachrichten: 23

Eintrittsdatum: 12. Februar 2012

Neue Beiträge

I am using liferay 6. The portal is working with CAS and LDAP. Currently, when clicking the sign in link, it redirects the user to the CAS authentication page, authenticates, then redirects back to liferay signed in as the authenticated user and imports all the user information from LDAP to liferay which is mapped in the control panel. There are a bunch of attributes that CAS has that I want access to. I can map these directly from LDAP and create a custom attribute, though, I don't want this information imported, but instead accessed directly from CAS. I want to do this with the JASIG CAS client library. I have been following this example: https://wiki.jasig.org/display/CASC/Saml11TicketValidationFilter+Example

I have a few questions about this:
Which web.xml is the example referring to? I am assuming it is tomcat/webapps/root/WEB-INF since that is where all the filters are.
Whenever I make these changes in that web.xml and restart tomcat, liferay will not boot back up.

How can I validate the ticket without editing web.xml? All of the validation methods I've seen in this library take the ticket as a parameter. I don't have anyway of getting the ticket and using it as a parameter that I know of.

Are there any other examples out there that seem relevant to my condition?
David H Nebinger
RE: Liferay 6 with existing CAS server
26. März 2012 08:54
Antwort

David H Nebinger

Rang: Liferay Legend

Nachrichten: 7252

Eintrittsdatum: 1. September 2006

Neue Beiträge

Yes, it would be the web.xml under ROOT.

Tomcat not starting up is probably due to a missing class not found when loading the filter definitions - make sure you have the listed jars in the ROOT/WEB-INF/lib directory. The catalina.out file may have a pointer to what is failing during startup.

As far as examples, since Liferay is open source you should be able to check out the Liferay implementations dealing w/ cas and the ticket handling, those are probably the most relevant to your situation.
John John
RE: Liferay 6 with existing CAS server
26. März 2012 09:46
Antwort

John John

Rang: New Member

Nachrichten: 23

Eintrittsdatum: 12. Februar 2012

Neue Beiträge

The jars are in there. And it seems like the classes are found as it is loading the parameters I set and setting default values for the parameters i didn't set.
Here is my catalina.out

SEVERE: Error filterStart
that looks to be the problem to me. any ideas?


Mar 26, 2012 4:40:47 PM org.apache.catalina.core.AprLifecycleListener init
INFO: The APR based Apache Tomcat Native library which allows optimal performance in production environments was not found on the java.library.path: .:/Library/Java/Extensions:/System/Library/Java/Extensions:/usr/lib/java
Mar 26, 2012 4:40:48 PM org.apache.coyote.AbstractProtocol init
INFO: Initializing ProtocolHandler ["http-bio-8080"]
Mar 26, 2012 4:40:48 PM org.apache.coyote.AbstractProtocol init
INFO: Initializing ProtocolHandler ["ajp-bio-8009"]
Mar 26, 2012 4:40:48 PM org.apache.catalina.startup.Catalina load
INFO: Initialization processed in 1739 ms
Mar 26, 2012 4:40:48 PM org.apache.catalina.core.StandardService startInternal
INFO: Starting service Catalina
Mar 26, 2012 4:40:48 PM org.apache.catalina.core.StandardEngine startInternal
INFO: Starting Servlet Engine: Apache Tomcat/7.0.23
Mar 26, 2012 4:40:48 PM org.apache.catalina.startup.HostConfig deployDescriptor
INFO: Deploying configuration descriptor /Users/johnpowers/CodeHome/bundles/liferay/tomcat-7.0.23/conf/Catalina/localhost/ROOT.xml
Loading jar:file:/Users/johnpowers/CodeHome/bundles/liferay/tomcat-7.0.23/webapps/ROOT/WEB-INF/lib/portal-impl.jar!/system.properties
16:40:51,847 INFO [EasyConf:122] Refreshed the configuration of all components
16:40:52,567 INFO [ConfigurationLoader:56] Properties for jar:file:/Users/johnpowers/CodeHome/bundles/liferay/tomcat-7.0.23/webapps/ROOT/WEB-INF/lib/portal-impl.jar!/portal loaded from [file:/Users/johnpowers/codehome/bundles/liferay/portal-setup-wizard.properties, file:/Users/johnpowers/codehome/bundles/liferay/portal-ext.properties, jar:file:/Users/johnpowers/CodeHome/bundles/liferay/tomcat-7.0.23/webapps/ROOT/WEB-INF/lib/portal-impl.jar!/portal.properties]
Loading jar:file:/Users/johnpowers/CodeHome/bundles/liferay/tomcat-7.0.23/webapps/ROOT/WEB-INF/lib/portal-impl.jar!/portal.properties
Loading file:/Users/johnpowers/codehome/bundles/liferay/portal-ext.properties
Loading file:/Users/johnpowers/codehome/bundles/liferay/portal-setup-wizard.properties
16:41:10,355 INFO [DialectDetector:80] Determine dialect for HSQL Database Engine 2
16:41:10,358 WARN [DialectDetector:95] Liferay is configured to use Hypersonic as its database. Do NOT use Hypersonic in production. Hypersonic is an embedded database useful for development and demo'ing purposes. The database settings can be changed in portal-ext.properties.
16:41:10,402 INFO [DialectDetector:145] Found dialect org.hibernate.dialect.HSQLDialect
16:41:35,408 INFO [Saml11TicketValidationFilter:41] Property loaded from FilterConfig.getInitParameter with value [http://xxxx]
16:41:35,418 INFO [Saml11TicketValidationFilter:75] Property not found. Using default value
16:41:35,419 INFO [Saml11TicketValidationFilter:75] Property [artifactParameterName] not found. Using default value
16:41:35,419 INFO [Saml11TicketValidationFilter:75] Property [serviceParameterName] not found. Using default value
16:41:35,420 INFO [Saml11TicketValidationFilter:75] Property not found. Using default value
16:41:35,420 INFO [Saml11TicketValidationFilter:75] Property [exceptionOnValidationFailure] not found. Using default value
16:41:35,420 INFO [Saml11TicketValidationFilter:41] Property [redirectAfterValidation] loaded from FilterConfig.getInitParameter with value
16:41:35,421 INFO [Saml11TicketValidationFilter:75] Property not found. Using default value
16:41:35,428 INFO [AuthenticationFilter:41] Property loaded from FilterConfig.getInitParameter with value [http://xxxx]
16:41:35,435 INFO [AuthenticationFilter:75] Property not found. Using default value
16:41:35,436 INFO [AuthenticationFilter:75] Property [artifactParameterName] not found. Using default value
16:41:35,438 INFO [AuthenticationFilter:75] Property [serviceParameterName] not found. Using default value
16:41:35,439 INFO [AuthenticationFilter:75] Property not found. Using default value
16:41:35,440 INFO [AuthenticationFilter:41] Property [casServerLoginUrl] loaded from FilterConfig.getInitParameter with value [https://xxxx]
16:41:35,440 INFO [AuthenticationFilter:75] Property not found. Using default value
16:41:35,441 INFO [AuthenticationFilter:75] Property not found. Using default value
16:41:35,442 INFO [AuthenticationFilter:75] Property [gatewayStorageClass] not found. Using default value
16:41:35,445 INFO [HttpServletRequestWrapperFilter:75] Property not found. Using default value
16:41:35,447 INFO [HttpServletRequestWrapperFilter:75] Property not found. Using default value
Mar 26, 2012 4:41:35 PM org.apache.catalina.core.StandardContext startInternal
SEVERE: Error filterStart
Mar 26, 2012 4:41:35 PM org.apache.catalina.core.StandardContext startInternal
SEVERE: Context [] startup failed due to previous errors
Mar 26, 2012 4:41:36 PM org.apache.catalina.loader.WebappClassLoader clearReferencesThreads
SEVERE: The web application [] appears to have started a thread named [HSQLDB Timer @4d97507c] but has failed to stop it. This is very likely to create a memory leak.
Mar 26, 2012 4:41:36 PM org.apache.catalina.startup.HostConfig deployDirectory
INFO: Deploying web application directory /Users/johnpowers/CodeHome/bundles/liferay/tomcat-7.0.23/webapps/cas-attribute-portlet
Mar 26, 2012 4:41:38 PM org.apache.catalina.startup.HostConfig deployDirectory
INFO: Deploying web application directory /Users/johnpowers/CodeHome/bundles/liferay/tomcat-7.0.23/webapps/chat-portlet
Mar 26, 2012 4:41:39 PM org.apache.catalina.startup.HostConfig deployDirectory
INFO: Deploying web application directory /Users/johnpowers/CodeHome/bundles/liferay/tomcat-7.0.23/webapps/google-maps-portlet
Mar 26, 2012 4:41:39 PM org.apache.catalina.startup.HostConfig deployDirectory
INFO: Deploying web application directory /Users/johnpowers/CodeHome/bundles/liferay/tomcat-7.0.23/webapps/kaleo-web
Mar 26, 2012 4:41:40 PM org.apache.catalina.startup.HostConfig deployDirectory
INFO: Deploying web application directory /Users/johnpowers/CodeHome/bundles/liferay/tomcat-7.0.23/webapps/knowledge-base-portlet
Mar 26, 2012 4:41:41 PM org.apache.catalina.startup.HostConfig deployDirectory
INFO: Deploying web application directory /Users/johnpowers/CodeHome/bundles/liferay/tomcat-7.0.23/webapps/mail-portlet
Mar 26, 2012 4:41:42 PM org.apache.catalina.startup.HostConfig deployDirectory
INFO: Deploying web application directory /Users/johnpowers/CodeHome/bundles/liferay/tomcat-7.0.23/webapps/opensocial-portlet
Mar 26, 2012 4:41:44 PM org.apache.catalina.startup.HostConfig deployDirectory
INFO: Deploying web application directory /Users/johnpowers/CodeHome/bundles/liferay/tomcat-7.0.23/webapps/sevencogs-hook
16:41:44,884 INFO [HotDeployEvent:95] Plugin sevencogs-hook requires google-maps-portlet, kaleo-web, mail-portlet, sevencogs-theme, social-networking-portlet, web-form-portlet
Mar 26, 2012 4:41:44 PM org.apache.catalina.startup.HostConfig deployDirectory
INFO: Deploying web application directory /Users/johnpowers/CodeHome/bundles/liferay/tomcat-7.0.23/webapps/sevencogs-theme
Mar 26, 2012 4:41:44 PM org.apache.catalina.startup.HostConfig deployDirectory
INFO: Deploying web application directory /Users/johnpowers/CodeHome/bundles/liferay/tomcat-7.0.23/webapps/social-networking-portlet
Mar 26, 2012 4:41:45 PM org.apache.catalina.startup.HostConfig deployDirectory
INFO: Deploying web application directory /Users/johnpowers/CodeHome/bundles/liferay/tomcat-7.0.23/webapps/student-calendar-portlet
Mar 26, 2012 4:41:46 PM org.apache.catalina.startup.HostConfig deployDirectory
INFO: Deploying web application directory /Users/johnpowers/CodeHome/bundles/liferay/tomcat-7.0.23/webapps/user-register-portlet
Mar 26, 2012 4:41:48 PM org.apache.catalina.startup.HostConfig deployDirectory
INFO: Deploying web application directory /Users/johnpowers/CodeHome/bundles/liferay/tomcat-7.0.23/webapps/web-form-portlet
Mar 26, 2012 4:41:48 PM org.apache.catalina.startup.HostConfig deployDirectory
INFO: Deploying web application directory /Users/johnpowers/CodeHome/bundles/liferay/tomcat-7.0.23/webapps/word-count-portlet
Mar 26, 2012 4:41:50 PM org.apache.catalina.startup.HostConfig deployDirectory
INFO: Deploying web application directory /Users/johnpowers/CodeHome/bundles/liferay/tomcat-7.0.23/webapps/wsrp-portlet
Mar 26, 2012 4:41:52 PM org.apache.coyote.AbstractProtocol start
INFO: Starting ProtocolHandler ["http-bio-8080"]
Mar 26, 2012 4:41:52 PM org.apache.coyote.AbstractProtocol start
INFO: Starting ProtocolHandler ["ajp-bio-8009"]
Mar 26, 2012 4:41:52 PM org.apache.catalina.startup.Catalina start
INFO: Server startup in 63143 ms
David H Nebinger
RE: Liferay 6 with existing CAS server
26. März 2012 13:39
Antwort

David H Nebinger

Rang: Liferay Legend

Nachrichten: 7252

Eintrittsdatum: 1. September 2006

Neue Beiträge

John John:
SEVERE: Error filterStart
that looks to be the problem to me. any ideas?


Yep, that is the problem and usually it's a classpath issue. Unfortunately you're not going to get a lot of help from catalina.out. You might try running under the debugger and hope it stops at the exception so you can figure out what's going wrong...

Filter issues like this are difficult to resolve...
John John
RE: Liferay 6 with existing CAS server
26. März 2012 16:20
Antwort

John John

Rang: New Member

Nachrichten: 23

Eintrittsdatum: 12. Februar 2012

Neue Beiträge

i've been browsing the svn. any idea on where i would find an example?
David H Nebinger
RE: Liferay 6 with existing CAS server
26. März 2012 16:23
Antwort

David H Nebinger

Rang: Liferay Legend

Nachrichten: 7252

Eintrittsdatum: 1. September 2006

Neue Beiträge

how about com.liferay.portal.servlet.filters.sso.cas.CASFilter?
John John
RE: Liferay 6 with existing CAS server
28. März 2012 16:15
Antwort

John John

Rang: New Member

Nachrichten: 23

Eintrittsdatum: 12. Februar 2012

Neue Beiträge

Thank you for your help! I feel that I am getting close. I just need help understanding one thing. It seems that the version of liferay I am using (6.1) has better CAS support than a lot of the documentation I find and end up reading. If I have CAS and LDAP set up in the control panel to the point that users are authenticated and redirected back to the Liferay portal and users are successfully being imported from ldap into liferay after being authenticated by CAS, did liferay validate the CAS ticket already on it's own? Or is that still left up to me to do manually?
Juan Gonzalez
RE: Liferay 6 with existing CAS server
29. März 2012 00:42
Antwort

Juan Gonzalez

LIFERAY STAFF

Rang: Liferay Legend

Nachrichten: 1984

Eintrittsdatum: 28. Oktober 2008

Neue Beiträge

John John:
If I have CAS and LDAP set up in the control panel to the point that users are authenticated and redirected back to the Liferay portal and users are successfully being imported from ldap into liferay after being authenticated by CAS, did liferay validate the CAS ticket already on it's own?


Yep, ticket is validated AFAIK. If it isn't that way, wouldn't be CAS....
John John
RE: Liferay 6 with existing CAS server
30. März 2012 07:39
Antwort

John John

Rang: New Member

Nachrichten: 23

Eintrittsdatum: 12. Februar 2012

Neue Beiträge

So is it even necessary for me to edit web.xml as that example suggests? From what I understood, the whole purpose of that was to validate the cas ticket. But liferay seems like it is already doing that for me. If the ticket is already validated then it is only a matter of me getting attributes from the portal to my portlet, correct? This is where my confusion is. I don't know what liferay has already done for me and where in the docs I am supposed to pick up at.
Juan Gonzalez
RE: Liferay 6 with existing CAS server
30. März 2012 08:32
Antwort

Juan Gonzalez

LIFERAY STAFF

Rang: Liferay Legend

Nachrichten: 1984

Eintrittsdatum: 28. Oktober 2008

Neue Beiträge

John John:
So is it even necessary for me to edit web.xml as that example suggests? From what I understood, the whole purpose of that was to validate the cas ticket. But liferay seems like it is already doing that for me. If the ticket is already validated then it is only a matter of me getting attributes from the portal to my portlet, correct? This is where my confusion is. I don't know what liferay has already done for me and where in the docs I am supposed to pick up at.


What example do you refer? You don't have to modify web.xml for this at all.

Yep, if you want some custom attributes you would have to import them from LDAP, for example. CAS is only for authenticating, attributes comes from other places. In 6.1 EE you have SAML, which you can use for getting attributes from CAS directly, and hence LDAP shouldn't be mandatory for that.
John John
RE: Liferay 6 with existing CAS server
30. März 2012 09:05
Antwort

John John

Rang: New Member

Nachrichten: 23

Eintrittsdatum: 12. Februar 2012

Neue Beiträge

This is the example I am referring to
https://wiki.jasig.org/display/CASC/Saml11TicketValidationFilter+Example

Liferay came with the jasig java cas client and I was trying to use this to get the attributes. Liferay had been configured with CAS / LDAP in the control panel and it had been suggested by colleagues that I would be able to use the java cas client to get the attributes. Will this not work?
Juan Gonzalez
RE: Liferay 6 with existing CAS server
31. März 2012 00:31
Antwort

Juan Gonzalez

LIFERAY STAFF

Rang: Liferay Legend

Nachrichten: 1984

Eintrittsdatum: 28. Oktober 2008

Neue Beiträge

John John:
This is the example I am referring to
https://wiki.jasig.org/display/CASC/Saml11TicketValidationFilter+Example

Liferay came with the jasig java cas client and I was trying to use this to get the attributes. Liferay had been configured with CAS / LDAP in the control panel and it had been suggested by colleagues that I would be able to use the java cas client to get the attributes. Will this not work?


Ohhh now I understand. Well, as I've said Liferay CE hasn't support of SAML (to get attributes from CAS). If you want that you have 2 options:

  1. Liferay EE version (commercial) has CAS with SAML support in it. Perhaps you want to ask Liferay sales for testing that.
  2. With Liferay 6.1 CE you can add custom attributes from LDAP. Instead getting from CAS, you could add those attributes to LDAP, add custom attributes to Users, and then mapping those with LDAP ones.
Kamesh Sampath
RE: Liferay 6 with existing CAS server
5. April 2012 22:49
Antwort

Kamesh Sampath

Rang: Regular Member

Nachrichten: 159

Eintrittsdatum: 26. Mai 2010

Neue Beiträge

Hi,

This is ideal when CAS exposes set of LDAP attributes, but there could be cases where CAS might expose attributes from some other data source,

eg. CAS authentication happens with LDAP and then it will use an attribute form LDAP to look in to another data source from additional user attributes, in that case adding custom attribute to user object in portal and setting up synch with LDAP might not be that useful right ?

Is there any way by which we can extract the attribute from using CAS client API ? Something like having an hook that will add an custom Action to login.events.post, in that action we can use the CAS client API to extract the attributes and then flush it in to the User Object created by the LoginAction
Juan Gonzalez
RE: Liferay 6 with existing CAS server
6. April 2012 01:42
Antwort

Juan Gonzalez

LIFERAY STAFF

Rang: Liferay Legend

Nachrichten: 1984

Eintrittsdatum: 28. Oktober 2008

Neue Beiträge

Kamesh Sampath:
Hi,

This is ideal when CAS exposes set of LDAP attributes, but there could be cases where CAS might expose attributes from some other data source,

eg. CAS authentication happens with LDAP and then it will use an attribute form LDAP to look in to another data source from additional user attributes, in that case adding custom attribute to user object in portal and setting up synch with LDAP might not be that useful right ?

Is there any way by which we can extract the attribute from using CAS client API ? Something like having an hook that will add an custom Action to login.events.post, in that action we can use the CAS client API to extract the attributes and then flush it in to the User Object created by the LoginAction


For that cases you should use CAS SAML, and that is a feature of EE version. Of course you can try doing yourself, shouldn't be much difficult implementing it.
Kamesh Sampath
RE: Liferay 6 with existing CAS server
9. April 2012 20:55
Antwort

Kamesh Sampath

Rang: Regular Member

Nachrichten: 159

Eintrittsdatum: 26. Mai 2010

Neue Beiträge

Gracias Juan !

But I feel it would worth that the CASFilter puts the the "Assertion" object in request attribute so that we can retrieve the same and extract any attributes form it using the getAttributePrincipal method. I feel that is a easier way than using SAML. Right now we just put only the login name.
Juan Gonzalez
RE: Liferay 6 with existing CAS server
10. April 2012 08:30
Antwort

Juan Gonzalez

LIFERAY STAFF

Rang: Liferay Legend

Nachrichten: 1984

Eintrittsdatum: 28. Oktober 2008

Neue Beiträge

Kamesh Sampath:
Gracias Juan !

But I feel it would worth that the CASFilter puts the the "Assertion" object in request attribute so that we can retrieve the same and extract any attributes form it using the getAttributePrincipal method. I feel that is a easier way than using SAML. Right now we just put only the login name.


Guess you're totally right.

Here is the class to modify/debug then:

https://github.com/liferay/liferay-portal/blob/master/portal-impl/src/com/liferay/portal/servlet/filters/sso/cas/CASFilter.java

It seems that AttributePrincipal is available. You can try debugging and see if it has your custom attributes from CAS.

Aftter that please share here your findings.

Thanks!
Kamesh Sampath
RE: Liferay 6 with existing CAS server
10. April 2012 09:14
Antwort

Kamesh Sampath

Rang: Regular Member

Nachrichten: 159

Eintrittsdatum: 26. Mai 2010

Neue Beiträge

I did that exercise earlier emoticon We do get the attributes that are pushed by CAS. So i feel its worth that Portal code is updated to add the Assertion as request attribute.

I have raised an enhancement LPS-26622, please share your comments and further thoughts there and lets try to see what other Liferay experts has to say.

Thanks!
Juan Gonzalez
RE: Liferay 6 with existing CAS server
10. April 2012 10:28
Antwort

Juan Gonzalez

LIFERAY STAFF

Rang: Liferay Legend

Nachrichten: 1984

Eintrittsdatum: 28. Oktober 2008

Neue Beiträge

Hi Ramesh,

Great! I've seen in your LPS that you want to add the whole object in session. Wouldn't be better (and intuitive) to store this values as custom user attributes in Liferay?