[cas-dev] Restricted services

Luke McLean luke.mclean at boundless.co.nz
Tue Mar 13 20:22:00 EDT 2007 

Hola! Anna

You need to edit the web.xml file on the CAS server so that the
contextConfigLocation context-param looks like this:

	<context-param>
		<param-name>contextConfigLocation</param-name>
		<param-value>
			/WEB-INF/applicationContext.xml,
			/WEB-INF/approvedServices.xml,
			/WEB-INF/deployerConfigContext.xml
		</param-value>
	</context-param>

When the application starts Spring will then include the
approvedServices.xml file in its context.  

To add a service you must add a bean entry to the
WEB-INF\classes\services.xml file eg.

<bean id="MyUniqueApprovedService"
class="org.jasig.cas.services.RegisteredService">
	<constructor-arg
index="0"><value>http://localhost/testclient/Login</value></constructor-arg>
	<constructor-arg index="1"><value>true</value></constructor-arg>
	<constructor-arg index="2"><value>true</value></constructor-arg>
	<constructor-arg index="3"><value>test</value></constructor-arg>
	<constructor-arg 
index="4"><value>http://localhost/testclient/Login</value></constructor-arg>
</bean>

where:

constructor-arg index="0" = final String id (The identifier for the
service),
constructor-arg index="1" = final boolean allowedToProxy (Is this service
allowed to proxy),
constructor-arg index="2" = final boolean forceAuthentication (does it opt
out of single sign on),
constructor-arg index="3"= final String theme (the theme associated with the
service),
constructor-arg index="4" = final URL proxyUrl (the proxyUrl of the service
if applicable)

An unapproved service will result in an exception
(org.jasig.cas.services.UnauthorizedServiceException) being thrown.

Hope this helps,
Luke.


Ana Ribas Roca wrote:
> 
> Hi,
> 
> I want to restrict the applications allowed to use my CAS server, but  
> I'm not sure how to do this.
> I've read that exists the approvedservices.xml file, but I don't know  
> where I have to write my url service. And, where I have to call this  
> xml file?
> 
> Regards.
> 
> -- 
> Anna Ribas Roca
> Projectes Tecnològics
> UPCnet, Universitat Politècnica de Catalunya
> Edifici Màster's - Pere i Pons, 9, 9è
> 08034 BARCELONA
> Telèfon: 93.401.25.74
> _______________________________________________
> Yale CAS mailing list
> cas at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas
> 
> 

-- 
View this message in context: http://www.nabble.com/Restricted-services-tf3390724.html#a9466296
Sent from the CAS Users mailing list archive at Nabble.com.

More information about the cas mailing list