Pages

4/21/2011

CAS SSO 3.4.7 with LDAP/AD Attributes

Been working on rebuild our CAS Server for a few days now.  We needed to CAS pull additional attributes out of Active Directory for some of our SSO services.  So I'm going to quickly walk through what you need to do you set this server up.

Requirements:
Apache Tomcat 6.0.32
Maven 2.2.1
CAS Server 3.4.7

Attached files: 
  \/  cas.zip \/
  • pom.xml
  • deployerConfigContext.xml
  • person-directory-impl-1.5.0-RC6.jar (recompiled to ignore AD referrals)

  1. Install Apache Tomcat 6, I used 6.0.32. This is easy enough, get the binary download, extract, run the startup script in the bin folder. Test Confirm working, default port is 8080
  2. Install Maven 2.2.1, this will be used to compile CAS
  3. Download CAS 3.4.7, and extract.
  4. Open cas-server-3.4.7/cas-server-webapp
  5. Replace pom.xml with one in cas.zip 
  6. Open cas-server-3.4.7/cas-server-webapp/src/main/webapp/WEB-INF/
  7. Replace deployerConfigContext.xml with one in cas.zip. Also edit file, and replace anything with braced in @@.
  8. While still in the "WEB-INF" folder, create a folder called "lib", put person-directory-impl-1.5.0-RC6.jar inside of it.
  9. Open cas-server-3.4.7/cas-server-webapp
  10. Compile with maven, "mvn clean package install"
  11. This will output target/cas.war, copy to tomcat/webapps/cas.war
  12. Restart Tomcat
  13. Enjoy, CAS should be good to go.

6 comments:

  1. I am new to CAS and am trying to set up a testing environment with a CAS server used by Moodle for authentication. What is the @@basednpath@@ variable in the deployerConfigContext.xml file? Also, is the @@serveraddress@@ variable in that file required (and is that supposed to be the address of a ldap server? Does this mean I will need to set up a ldap server as well? Thank you.

    ReplyDelete
  2. @@basednpath@@ is the AD/LDAP search path, where you want it to start looking for users.

    @@serveraddress@@ is the address of the AD or LDAP server.

    You will need an LDAP or AD server for this configuration

    ReplyDelete
  3. Thanks a lot Mike , this is great sites that easily guides us on using LDAP AD for CAS, Any particular guidance for Weblogic?

    ReplyDelete
  4. Sorry, don't have any experience using Weblogic. There are some tutorials out there with connecting to databases. I'll post something up if I come back across one. Thanks for the input.

    ReplyDelete
  5. great guide. thx. is there any tutorial about cas - spnego?

    ReplyDelete
  6. I planned on checking out SPNEGO in the near future, but I haven't done it yet. You can get more information on the integration here.

    https://wiki.jasig.org/display/CASUM/SPNEGO

    ReplyDelete