Vista Combinata Vista Piatta Vista ad Albero
Discussioni [ Precedente | Successivo ]
toggle
Yang Sun
Integration with CAS problem
20 giugno 2013 23.33
Risposta

Yang Sun

Punteggio: New Member

Messaggi: 3

Data di Iscrizione: 20 giugno 2013

Messaggi recenti

Hi,

I am trying to configure Liferay 6.1.1 GA to use CAS as SSO. I read and googled several documents, but I cannot make it work according to the procedures listed in the documents.

From the documents I read, the basic procedures to configure CAS are:
1. create a self-signed keystore;
2. start the tomcat server (with CAS war file) use that keystore;
3. export a certificate from the keystore and import that certificate to JRE/lib/security/cacerts;
4. start liferay and configure CAS from the control panel->portal settings->authentication->cas.
and it should then works.

To make the integration simpler, I use a clean environment to simplify the integration. I use 192.168.1.224 machine to install a clean CAS server and a liferay server.

After starting up tomcat which includes CAS, I can verify CAS is working by browing https://192.168.1.224:8443/cas-server/login and input the same string for username and password ( I use the CAS default authentication handler). CAS responds me with a login success information. So I think CAS setups correctly.

Then I go into liferay portal and configure the CAS related parameters. But the strange thing happens, I input https://192.168.1.224:8443/cas-server/login as login url and https://192.168.1.224:8443/cas-server/logout as logout url. And then I test the configuration. Liferay tells me both URLs are unreachable. I am very surprised.

I make sure no firewall is enabled in the machine. And since the CAS server and liferay server is at the same machine, I verify that I can telnet 8443 port by localhost or ip.
I use vi to check liferay log and catalina.out file, no useful information is printed.

My confusion is why liferay report CAS server url as unreachable. Can anybody tell me how to analyze this problem? Thanks in advance.

PS, I attached 2 screen shots. one is to show CAS server is running correctly. The other is the liferay complaining url unreachable.
Allegato

Allegato

Allegati: CAS Login SUCCESS.png (73,2k), Liferay report unreachable.png (121,1k)
Dharmen Panchal
RE: Integration with CAS problem
25 giugno 2013 7.04
Risposta

Dharmen Panchal

Punteggio: New Member

Messaggi: 13

Data di Iscrizione: 13 febbraio 2013

Messaggi recenti

Hi Yang Sun,

I think liferay is not able to find your cas server by IP address.

There are two options you can try.

1) Use localhost instead of the IP address.

2) When you start your server bind the IP with it.
e.g. If you are using jBoss you can try -b option while starting.
run.sh -b 192.168.1.224


Thanks,
Dharmen Panchal.
Surekha Technologies,
www.surekhatech.com
Yang Sun
RE: Integration with CAS problem
2 luglio 2013 1.26
Risposta

Yang Sun

Punteggio: New Member

Messaggi: 3

Data di Iscrizione: 20 giugno 2013

Messaggi recenti

Hi, Dharmen:

Thank you for your comments.

I solved the problem by re-generate the certificate. I input my full name when the keytool ask the name field, It should be the hostname of the CAS server (IP is not work too). I can connect to CAS server from Liferay after I applied the new certificate. I guess the "unreachable" error is something misleading here.
Antoine Comble
RE: Integration with CAS problem
16 luglio 2013 8.08
Risposta

Antoine Comble

Punteggio: Regular Member

Messaggi: 201

Data di Iscrizione: 7 settembre 2012

Messaggi recenti

Hi,

This link should help you :
http://www.liferay.com/fr/community/wiki/-/wiki/Main/CAS+Liferay+6+Integration?_36_pageResourcePrimKey=6852237

Regards,

Antoine