Forums de discussion
How to integrate the cas with liferay 6.1
Kiran Kumar Boyini, modifié il y a 11 années.
How to integrate the cas with liferay 6.1
Expert Publications: 287 Date d'inscription: 02/06/11 Publications récentes
Hi All,
I want to integrate cas with liferay 6.1.Can any body tell me step by step.
I need detailed and simple way of steps ,results cas working functionality.
Regards,
Kiran.
I want to integrate cas with liferay 6.1.Can any body tell me step by step.
I need detailed and simple way of steps ,results cas working functionality.
Regards,
Kiran.
Antoine Comble, modifié il y a 10 années.
RE: How to integrate the cas with liferay 6.1
Regular Member Publications: 232 Date d'inscription: 07/09/12 Publications récentes
Hi,
I've already install Liferay + CAS.
Follow the following steps and all will works fine !
Steps to configure CAS with Liferay 6.1 EE
1- Install CAS
I downloaded the CAS server distribution. All the (recent) downloads are available here : http://www.jasig.org/cas/download
2- Exploding that tar.gz, I grabbed the cas-server-3.4.5/modules/cas-server-webapp-3.4.5.war,
3- Rename the file to cas-web.war.
4- Copy the war file and paste it to the Tomcat webapps directory.
5- I didn't stop Tomcat before, so with Tomcat still running, I hit http://localhost:8080/cas-web/ in a browser and was helpfully redirected to http://localhost:8080/ cas-web/login . Default demo CAS webapp authenticates where username equals password, so I tried logging in as "test@liferay.com" with "test@liferay.com"
6- CAS helpfully told me I was logged in, though of course not logged in to anything useful, since I didn't try to log in to any particular application.
Configured Liferay to use CAS for authentication
7- Create an account in liferay with test@liferay.com and password test@liferay.com, which is same as CAS account.
8- To download the Yale CAS Client 2.0.11 go to http://downloads.jasig.org/cas-clients/
9- Create a folder and extract the cas.client zip file into this folder.
10- Open the folder and navigate to the casclient jar file (cas-client-2.0.11\java\lib).
11- Copy the file.
12- Go to the lib file in Tomcat (webapps\ROOT\WEB_INF\lib) and paste the casclient jar file to replace the existing one.
13- In the command prompt go to the ROOT directory. ( /liferay-portal-6.1.10-ee-ga1/tomcat-7.0.25/webapps/ROOT )
14- Enter the following:
keytool -genkey -alias tomcat -keypass changeit -keyalg RSA
15- Enter changeit for the password.
16- Answer the list of questions. Note that the first and last name must be the host name of your server and cannot be an IP address. This is very important because an IP address will fail client hostname verification even if it is correct.
Enter keystore password: changeit
What is your first and last name?
[Unknown]: localhost
What is the name of your organizational unit?
[Unknown]:
What is the name of your organization?
[Unknown]:
What is the name of your City or Locality?
[Unknown]:
What is the name of your State or Province?
[Unknown]:
What is the two-letter country code for this unit?
[Unknown]:
Is CN=localhost, OU=Unknown, O=Unknown, L=Unknown, ST=Unknown, C=Unknown correct?
[no]: yes
17- Enter the following command to export the cert you generated from your personal keystore:
keytool -export -alias tomcat -keypass changeit -file server.cert
18- Enter changeit for the password.
19- Import the cert into Java's keystore with this command:
keytool -import -alias tomcat -file %FILE_NAME% -keypass changeit -keystore %JAVA_HOME%/jre/lib/security/cacerts
( Make sure in place of %FILE_NAME% type server.cert )
20- Enter changeit for the password.
21- Enter yes.
22- To set up Liferay Portal, navigate to the classes file in Tomcat (webapps\ROOT\WEB_INF\classes).
23- Create portal-ext.properties if it does not exist yet, somewhere in the server classpath:
24- Open portal-ext.properties and enter:
cas.auth.enabled=true
cas.import.from.ldap=true
cas.login.url=http://localhost:8080/cas-web/login
cas.logout.url=http://localhost:8080/cas-web/logout
cas.server.url=http://localhost:8080/cas-web
cas.validate.url=http://localhost:8080/cas-web/proxyValidate
25- Save.
26- Start Tomcat and go to Liferay Portal --> Login to Liferay through the username and password login box at left -- if users will exclusively login with CAS. ( Rather then clicking the Sign In link at the upper right. )
27- Go to Control Panel -> Portal Settings -> Authentication -> CAS
(a)- Check on Enabled
(b)- Make sure type all URL same as mentioned in portal-ext.properties file
28- Save it.
29- Go to Control Panel -> Portal Settings -> Authentication -> General
30- Select By Screen Name in the dropdown list How do users authenticate
31- Then Sign out from Liferay.
32- Again Sign In into Liferay by clicking the Sign In link at the upper right.
33- If everything is set up correctly you will be redirected to the CAS server’s login screen.
34- logging in as "test@liferay.com" with "test@liferay.com" as password.
35- CAS sends you back to Liferay with a valid Service Ticket, Liferay validates the Service ticket, and you are logged in Liferay as that test@liferay.com test user.
36- Then Click on Sign Out
37- Since Liferay is now configured to use CAS, it will send you to the CAS logout URL.
Antoine
I've already install Liferay + CAS.
Follow the following steps and all will works fine !
Steps to configure CAS with Liferay 6.1 EE
1- Install CAS
I downloaded the CAS server distribution. All the (recent) downloads are available here : http://www.jasig.org/cas/download
2- Exploding that tar.gz, I grabbed the cas-server-3.4.5/modules/cas-server-webapp-3.4.5.war,
3- Rename the file to cas-web.war.
4- Copy the war file and paste it to the Tomcat webapps directory.
5- I didn't stop Tomcat before, so with Tomcat still running, I hit http://localhost:8080/cas-web/ in a browser and was helpfully redirected to http://localhost:8080/ cas-web/login . Default demo CAS webapp authenticates where username equals password, so I tried logging in as "test@liferay.com" with "test@liferay.com"
6- CAS helpfully told me I was logged in, though of course not logged in to anything useful, since I didn't try to log in to any particular application.
Configured Liferay to use CAS for authentication
7- Create an account in liferay with test@liferay.com and password test@liferay.com, which is same as CAS account.
8- To download the Yale CAS Client 2.0.11 go to http://downloads.jasig.org/cas-clients/
9- Create a folder and extract the cas.client zip file into this folder.
10- Open the folder and navigate to the casclient jar file (cas-client-2.0.11\java\lib).
11- Copy the file.
12- Go to the lib file in Tomcat (webapps\ROOT\WEB_INF\lib) and paste the casclient jar file to replace the existing one.
13- In the command prompt go to the ROOT directory. ( /liferay-portal-6.1.10-ee-ga1/tomcat-7.0.25/webapps/ROOT )
14- Enter the following:
keytool -genkey -alias tomcat -keypass changeit -keyalg RSA
15- Enter changeit for the password.
16- Answer the list of questions. Note that the first and last name must be the host name of your server and cannot be an IP address. This is very important because an IP address will fail client hostname verification even if it is correct.
Enter keystore password: changeit
What is your first and last name?
[Unknown]: localhost
What is the name of your organizational unit?
[Unknown]:
What is the name of your organization?
[Unknown]:
What is the name of your City or Locality?
[Unknown]:
What is the name of your State or Province?
[Unknown]:
What is the two-letter country code for this unit?
[Unknown]:
Is CN=localhost, OU=Unknown, O=Unknown, L=Unknown, ST=Unknown, C=Unknown correct?
[no]: yes
17- Enter the following command to export the cert you generated from your personal keystore:
keytool -export -alias tomcat -keypass changeit -file server.cert
18- Enter changeit for the password.
19- Import the cert into Java's keystore with this command:
keytool -import -alias tomcat -file %FILE_NAME% -keypass changeit -keystore %JAVA_HOME%/jre/lib/security/cacerts
( Make sure in place of %FILE_NAME% type server.cert )
20- Enter changeit for the password.
21- Enter yes.
22- To set up Liferay Portal, navigate to the classes file in Tomcat (webapps\ROOT\WEB_INF\classes).
23- Create portal-ext.properties if it does not exist yet, somewhere in the server classpath:
24- Open portal-ext.properties and enter:
cas.auth.enabled=true
cas.import.from.ldap=true
cas.login.url=http://localhost:8080/cas-web/login
cas.logout.url=http://localhost:8080/cas-web/logout
cas.server.url=http://localhost:8080/cas-web
cas.validate.url=http://localhost:8080/cas-web/proxyValidate
25- Save.
26- Start Tomcat and go to Liferay Portal --> Login to Liferay through the username and password login box at left -- if users will exclusively login with CAS. ( Rather then clicking the Sign In link at the upper right. )
27- Go to Control Panel -> Portal Settings -> Authentication -> CAS
(a)- Check on Enabled
(b)- Make sure type all URL same as mentioned in portal-ext.properties file
28- Save it.
29- Go to Control Panel -> Portal Settings -> Authentication -> General
30- Select By Screen Name in the dropdown list How do users authenticate
31- Then Sign out from Liferay.
32- Again Sign In into Liferay by clicking the Sign In link at the upper right.
33- If everything is set up correctly you will be redirected to the CAS server’s login screen.
34- logging in as "test@liferay.com" with "test@liferay.com" as password.
35- CAS sends you back to Liferay with a valid Service Ticket, Liferay validates the Service ticket, and you are logged in Liferay as that test@liferay.com test user.
36- Then Click on Sign Out
37- Since Liferay is now configured to use CAS, it will send you to the CAS logout URL.
Antoine
Kiran Kumar Boyini, modifié il y a 10 années.
RE: How to integrate the cas with liferay 6.1
Expert Publications: 287 Date d'inscription: 02/06/11 Publications récentes
Thank you for your valuable information....
I will try above steps.
Regards,
Kiran Kumar
I will try above steps.
Regards,
Kiran Kumar
Kiran Kumar Boyini, modifié il y a 10 années.
RE: How to integrate the cas with liferay 6.1
Expert Publications: 287 Date d'inscription: 02/06/11 Publications récentes
I tried the above steps,but here I faced the problems when i am using command prompt with command as you specified .
When I am using the above steps in the path, I am facing the problem in command prompt as follows
13- In the command prompt go to the ROOT directory. ( /liferay-portal-6.1.10-ee-ga1/tomcat-7.0.25/webapps/ROOT )
14- Enter the following:
keytool -genkey -alias tomcat -keypass changeit -keyalg RSA
When I am using the above steps in the path, I am facing the problem in command prompt as follows
D:\liferay-workspace6.1-july18-cas\liferay-portal-6.1.0-ce-ga1\tomcat-7.0.23\web
apps\ROOT>keytool -genkey -alias tomcat -keypass changeit -keyalg RSA
'keytool' is not recognized as an internal or external command,
operable program or batch file.
Antoine Comble, modifié il y a 10 années.
RE: How to integrate the cas with liferay 6.1
Regular Member Publications: 232 Date d'inscription: 07/09/12 Publications récentes
Hi,
If you use jdk1.7, keytool is under folder : C:\Program Files\Java\jdk1.7.0\bin.
Hope this help you,
Antoine
If you use jdk1.7, keytool is under folder : C:\Program Files\Java\jdk1.7.0\bin.
Hope this help you,
Antoine
Kiran Kumar Boyini, modifié il y a 10 années.
RE: How to integrate the cas with liferay 6.1
Expert Publications: 287 Date d'inscription: 02/06/11 Publications récentes
Hi,
I am generated the keytool with name kiran ,Not able to find where it is located.
See the screen shot once
Regards,
Kiran
I am generated the keytool with name kiran ,Not able to find where it is located.
See the screen shot once
Regards,
Kiran
Pièces jointes:
Antoine Comble, modifié il y a 10 années.
RE: How to integrate the cas with liferay 6.1
Regular Member Publications: 232 Date d'inscription: 07/09/12 Publications récentes
Kiran,
The certificate is under folder jdk\jre\lib\security.
To see what certificates are installed on your machine :
Regards,
Antoine
The certificate is under folder jdk\jre\lib\security.
To see what certificates are installed on your machine :
keytool -list -keystore cacertsRegards,
Antoine
Kiran Kumar Boyini, modifié il y a 10 années.
RE: How to integrate the cas with liferay 6.1
Expert Publications: 287 Date d'inscription: 02/06/11 Publications récentes
Hi ,
I am able to generate the keystore files.But Not able to find them.
I have checked with above directory path and also using command prompt.
See the attachment of my folder structure and in that I am using jdk1.6.0_18
Regards,
Kiran
I am able to generate the keystore files.But Not able to find them.
I have checked with above directory path and also using command prompt.
See the attachment of my folder structure and in that I am using jdk1.6.0_18
Regards,
Kiran
Pièces jointes: