Build and Implement A Single Sign-On Solution
By Chris Dunne
2004-01-28
Reader Rating: 
Getting started with CAS
Setting up the CAS software is straightforward, but before beginning you should be aware of some software parameters that I'm using. I have only tested CAS with Tomcat 4.1, the Java Development Kit 1.4, and Ant 1.5. (You can download the files and client libraries mentioned from Resources.)
First, download the CAS server and client libraries. Client libraries have been developed for a number of languages and environments, including Java, ASP, Perl, PHP, and PL/SQL.
CAS uses HTTPS, so you must enable this in Tomcat. I found this to be a bit tricky, but if you follow the set of downloadable instructions (the readme_tomcat_ssl.txt file) I've provided, it should work fine.
Expand the CAS server ZIP file and then build the CAS server software using the supplied Ant build script. Deploy the WAR file (Web Archives) to the /webapps directory in Tomcat. When you start Tomcat, explode your WAR file to create a CAS directory within Tomcat/webapps.
Download the CAS client libraries. Expand the ZIP file and you will see a number of directories. The Java client library is the one to use. Again, an Ant build script is provided. Run the build script. A JAR file called casclient.jar is produced. Copy this file to common/lib directory under the Tomcat root.
You now need to configure your application to use CAS. For the purposes of this experiment, the application is the tried and trusted "HelloWorld" sample servlet provided with Tomcat. This should already be in your Tomcat installation under the /webapps/examples directory. Change the web.xml file to configure the servlet filter.
The web.xml file for the HelloWorld JSP contains the following servlet filter configuration. This uses localhost and port 8443 for HTTPS. You can change these to suit your own configuration. An example web.xml file is included in the zip file I've provided.
Listing 1. Default servlet filter configuration for HelloWorld JSP
<filter>
<filter-name>CAS Filter</filter-name>
<filter-class>edu.yale.its.tp.cas.client.filter.CASFilter</filter-class>
<init-param>
<param-name>edu.yale.its.tp.cas.client.filter.loginUrl</param-name>
<param-value>https://localhost:8443/cas/login</param-value>
</init-param>
<init-param>
<param-name>edu.yale.its.tp.cas.client.filter.validateUrl</param-name>
<param-value>https://localhost:8443/cas/proxyValidate</param-value>
</init-param>
<init-param>
<param-name>edu.yale.its.tp.cas.client.filter.serverName</param-name>
<param-value>localhost</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CAS Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
|
Start Tomcat. Then enter the URL http://localhost/examples/servlet/HelloWorldExample. You are redirected to the CAS login screen. The default authenticator simply requires you to enter the same string for both the username and password, for example demo in both fields. You are then redirected to the HelloWorld page.
This is a simple demonstration of CAS, but it does show how easy it can be to adapt existing Java servlet applications to use CAS by using this powerful servlet filter. You can also use the available set of JSP tags instead of the servlet filter -- this may suit other applications or application servers which cannot use servlet filters.
First published by IBM developerWorks
If you found this article interesting, you may want to read these as well:
» Scheduling Recurring Tasks In Java Applications
» Eye On Performance: A Load Of Stress
» A Brief History Of Garbage Collection
|
