[cas-dev] CASifying Sun Identity Manager Help Needed

Scott Battaglia scott.battaglia at gmail.com
Mon Dec 1 11:57:25 EST 2008 

On Mon, Dec 1, 2008 at 11:01 AM, Michael A Jones <M.A.Jones at hull.ac.uk>wrote:

>  Many thanks.
>
>
>
> I have got the CAS system talking to IDM now and getting as far as the IDM
> login screen, but getting a general error saying user doesn't exist in CAS
> resource. It appears there could be a mismatch somewhere between my users
> credentials in IDM and the CAS server resource, which is using Active
> Directory.
>
>
>
> A few comments to make on getting this far I had to make the following
> changes:
>
>
>
> 1.       I was using the latest CAS client version 3 jar. However this
> doesn't work as the paths to the classes have changed, so it only works with
> version 2 at present.
>
It probably still works.  Its just that the configuration is different.
They're not the same library, architecture, or packages. They both support
the CAS1 and CAS2 protocol though.

-Scott


> 2.       My server has a port number assigned so that was needed in the
> server name in the web.xml
>
> 3.       As pointed out the location back to IDM in web.xml needs to be
> set to /*
>
>
>
> *From:* cas-dev-bounces at tp.its.yale.edu [mailto:
> cas-dev-bounces at tp.its.yale.edu] *On Behalf Of *Shivani Chandna
> *Sent:* 29 November 2008 04:05
> *To:* Mailing list for CAS developers
> *Subject:* Re: [cas-dev] CASifying Sun Identity Manager Help Needed
>
>
>
> You need to give url pattern in web.xml as follows:
>
>
>
> <url-pattern>/*</url-pattern>
>
> instead of
>
> <url-pattern>http:// my-IDM-Server:8081/idm/user/login.jsp</url-pattern>
>
>
>
> Regards,
>
> Shivani
>
> On Fri, Nov 28, 2008 at 5:24 PM, Michael A Jones <M.A.Jones at hull.ac.uk>
> wrote:
>
> Hi there,
>
>
>
> I am trying to setup SSO to Sun Identity Manager 8.0 through CAS using
> instructions posted in the CAS Wiki by the University of California merced.
> I successfully got IDM to recognise the custom compiled java class to create
> a new CAS resource and associated this with my IDM users. Then associated
> this with a new login group, which is set to be used in place of the default
> user login.
>
> I then made the various changes needed in the IDM web.xml and
> userLogout.jsp and restarted my tomcat webserver. I then began the process
> of testing and below is the URL I use to login to CAS:
>
>
>
>
> https://mycas-server/cas/login?service=http://my-IDM-Server:8081/idm/user/login.jsp
>
>
>
> I login with one of my casified IDM users and a ticket is generated ok, but
> then when the system redirects  back to the IDM CASified login page I am
> getting an HTTP 404 not found page error in my browser, being generated by
> my IDM web server. I think the problem is something to do with the IDM
> web.xml entry, as in my webserver catalina logs it is reporting an error
> with parsing my IDM web.xml as follows:
>
>
>
> Invalid <url-pattern> http:// my-IDM-Server:8081/idm/user/login.jsp in
> filter mapping
>
>
>
> Below is the xml code for my IDM web.xml:
>
>
>
> <filter>
>
>     <filter-name>CAS Filter</filter-name>
>
>
> <filter-class>edu.yale.its.tp.cas.client.filter.CASFilter</filter-class>
>
>     <init-param>
>
>        <param-name>edu.yale.its.tp.cas.client.filter.loginUrl</param-name>
>
>        <param-value>https://mycas-server/cas/login</param-value>
>
>     </init-param>
>
>     <init-param>
>
>
> <param-name>edu.yale.its.tp.cas.client.filter.validateUrl</param-name>
>
>        <param-value>https:// mycas-server
> /cas/serviceValidate</param-value>
>
>     </init-param>
>
>     <init-param>
>
>
> <param-name>edu.yale.its.tp.cas.client.filter.serverName</param-name>
>
>        <param-value> my-IDM-Server </param-value>
>
>     </init-param>
>
>
>
>     <!-- wrap request such that getRemoteUser() returns username -->
>
>     <init-param>
>
>
> <param-name>edu.yale.its.tp.cas.client.filter.wrapRequest</param-name>
>
>       <param-value>true</param-value>
>
>     </init-param>
>
>   </filter>
>
>
>
>   <filter-mapping>
>
>     <filter-name>CAS Filter</filter-name>
>
>     <url-pattern>http://my-IDM-Server:8081/idm/user/login.jsp</url-pattern>
>
>   </filter-mapping>
>
>
>
> Could anyone who has managed to get this working or the authors of this
> method give some advice.
>
>
>
> Regards
>
>
>
> Mike Jones
>
>
>
> Identity Management Systems Administrator
>
> e-sig
>
> University of Hull
>
>
>
>
>
> *****************************************************************************************
> To view the terms under which this email is distributed, please go to
> http://www.hull.ac.uk/legal/email_disclaimer.html
>
> *****************************************************************************************
> _______________________________________________
> cas-dev mailing list
> cas-dev at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas-dev
>
>
>
>
> *****************************************************************************************
> To view the terms under which this email is distributed, please go to
> http://www.hull.ac.uk/legal/email_disclaimer.html
>
> *****************************************************************************************
> _______________________________________________
> cas-dev mailing list
> cas-dev at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas-dev
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas-dev/attachments/20081201/50057a14/attachment-0001.html

More information about the cas-dev mailing list