ServiceTicketCache.class in CAS2, now deprecated in CAS3? (re: CF50Validate servlet)

Scott Battaglia scott.battaglia at gmail.com
Tue Nov 25 11:51:38 EST 2008 

The cas-servlet.xml in our WEB-INF might have examples of how we configure
the different validation controllers.

-Scott

-Scott Battaglia
PGP Public Key Id: 0x383733AA
LinkedIn: http://www.linkedin.com/in/scottbattaglia


On Tue, Nov 25, 2008 at 11:07 AM, Rick J. Valles <rvalles at unm.edu> wrote:

> Thanks again, Scott.  I'll look into the Validation Controller area.
>
> Rick
>
> On Nov 25, 2008, at 8:02 AM, Scott Battaglia wrote:
>
> Forgot to add before, I haven't looked at your custom filter too closely,
> but if all its doing is sending back a custom response, you can create a new
> validation endpoint using our existing Validation Controllers (that might
> require looking at the code) and configuring the controller to point to a
> different response that returns what you need.
>
> We use the same validation controller framework to return responses for
> CAS1, CAS2, and SAML1.1.
>
> -Scott
>
> -Scott Battaglia
> PGP Public Key Id: 0x383733AA
> LinkedIn: http://www.linkedin.com/in/scottbattaglia
>
>
> On Tue, Nov 25, 2008 at 9:52 AM, Rick J. Valles <rvalles at unm.edu> wrote:
>
>> Thank you, Scott.  I will dig deeper into the CAS User Manual and
>> documentation.
>>
>> Y'all keep up the great work, and don't forget to stop by for that Cafe
>> Mocha and Scone sometime.  :)
>>
>>
>> Rick
>>
>>
>> On Nov 25, 2008, at 7:36 AM, Scott Battaglia wrote:
>>
>> Rick,
>>
>> I would suggest you take a look at the available document for the CAS3
>> project. Architecturally, CAS3 and CAS2 share nothing in common.  Its not a
>> matter of whether its deprecated or not, they don't share the same code base
>> AT ALL:
>>
>> http://www.ja-sig.org/wiki/display/CASUM/Home
>>
>> -Scott
>>
>> -Scott Battaglia
>> PGP Public Key Id: 0x383733AA
>> LinkedIn: http://www.linkedin.com/in/scottbattaglia
>>
>>
>> On Tue, Nov 25, 2008 at 6:44 AM, Rick J. Valles <rvalles at unm.edu> wrote:
>>
>>> Greetings,
>>>
>>> I've inherited a CAS2 implementation, which I'm in the process of
>>> migrating  to CAS3 (3.3.1).  Our local LDAP and skins customizations
>>> all work fine.
>>>
>>> However, our CAS2 is using an additional servlet called CF50Validate
>>> (see web.xml and source, below), which is used for our local Cold
>>> Fusion application interactions.  According to the CF50Validate.java
>>> source, it was written by Mr. Peter Kharchenko of this mailing list; I
>>> don't know if my site has further modified his source.  Thanks for
>>> helping us with our CAS2 implementation, Peter.
>>>
>>> CF50Validate imports ServiceTicket and ServiceTicketCache.  Although I
>>> see ServiceTicketCache in CAS2, I don't see it in CAS3 (i.e., $
>>> {CAS_HOME}/cas-server-core/src/main/java/org/jasig/cas/ticket).
>>>
>>> Question 1:  Is ServiceTicketCache a deprecated class?
>>>
>>> Question 2:  If it is deprecated, is it because its functionality is
>>> no longer needed, or that functionality is now incorporated elsewhere?
>>>
>>> Question 3:  Any other glaring inconsistencies or problems you have
>>> noticed with our take on things?
>>>
>>> Thank you for taking the time to read this.  If you're ever passing
>>> through Albuquerque, I'm good for a Cafe Mocha and a Scone!
>>>
>>> Best,
>>>
>>>
>>> Rick J. Valles
>>> The University of New Mexico
>>> Albuquerque, New Mexico  USA
>>> ---
>>>
>>> Here are the CF50Validate references in web.xml in our CAS2
>>> configuration:
>>>
>>>     <servlet-mapping>
>>>       <servlet-name>CF50Validate</servlet-name>
>>>       <url-pattern>/cf50validate</url-pattern>
>>>     </servlet-mapping>
>>>
>>>     <!-- CF 5.0 validation -->
>>>     <servlet>
>>>       <servlet-name>CF50Validate</servlet-name>
>>>       <servlet-class>edu.yale.its.tp.cas.servlet.CF50Validate</
>>> servlet-class>
>>>     </servlet>
>>>
>>>
>>> Here is the CF50Validate.java used in our CAS2 configuration:
>>>
>>> package edu.yale.its.tp.cas.servlet;
>>>
>>> import java.io.*;
>>> import javax.servlet.*;
>>> import javax.servlet.http.*;
>>> import edu.yale.its.tp.cas.ticket.*;
>>>
>>> /**
>>>  * An implementation almost identical to the basic CAS validator,
>>> except that the output format is a bit different.
>>>  * @author  (removed information to avoid email address harvesting)
>>>  * @version 1.0
>>>  */
>>> public class CF50Validate extends HttpServlet {
>>>     // failure codes
>>>     private static final String INVALID_REQUEST = "INVALID_REQUEST";
>>>     private static final String INVALID_TICKET = "INVALID_TICKET";
>>>     private static final String INVALID_SERVICE = "INVALID_SERVICE";
>>>     private static final String INTERNAL_ERROR = "INTERNAL_ERROR";
>>>
>>>
>>>   //
>>> *********************************************************************
>>>   // Private state
>>>
>>>   private ServiceTicketCache stCache;
>>>
>>>   //
>>> *********************************************************************
>>>   // Initialization
>>>
>>>   public void init(ServletConfig config) throws ServletException {
>>>     // retrieve the cache
>>>     stCache =
>>>       (ServiceTicketCache)
>>> config.getServletContext().getAttribute("stCache");
>>>   }
>>>
>>>   //
>>> *********************************************************************
>>>   // Request handling
>>>
>>>   public void doGet(HttpServletRequest request, HttpServletResponse
>>> response) {
>>>     try {
>>>       PrintWriter out = response.getWriter();
>>>       out.println("# Cold fusion 5.0 mandatory header line");
>>>       if (request.getParameter("service") == null
>>>           || request.getParameter("ticket") == null) {
>>>         out.println("\"no\"\n\"'service' and 'ticket' parameters are
>>> both required\"");
>>>       } else {
>>>         String ticket = request.getParameter("ticket");
>>>         String service = request.getParameter("service");
>>>         ServiceTicket st = (ServiceTicket) stCache.getTicket(ticket);
>>>        if(st!=null) {
>>>            if(st.getService().equals(service)) {
>>>                out.println("\"yes\"\n\"" + st.getUsername() +"\"");
>>>            } else {
>>>                out.println("\"no\"\n\"ticket does not match the supplied
>>> service\"");
>>>            }
>>>        } else {
>>>            out.println("\"no\"\n\"ticket did not validate\"");
>>>        }
>>>       }
>>>     } catch (Exception ex) {
>>>       try {
>>>         response.getWriter().println("\"no\"\n\"Exception
>>> encountered: "+ex.toString()+"\"");
>>>       } catch (IOException ignoredEx) {
>>>         // ignore
>>>       }
>>>     }
>>>   }
>>> }
>>> _______________________________________________
>>> Yale CAS mailing list
>>> cas at tp.its.yale.edu
>>> http://tp.its.yale.edu/mailman/listinfo/cas
>>>
>>
>> _______________________________________________
>> Yale CAS mailing list
>> cas at tp.its.yale.edu
>> http://tp.its.yale.edu/mailman/listinfo/cas
>>
>>
>>
>> _______________________________________________
>> Yale CAS mailing list
>> cas at tp.its.yale.edu
>> http://tp.its.yale.edu/mailman/listinfo/cas
>>
>>
> _______________________________________________
> Yale CAS mailing list
> cas at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas
>
>
>
> _______________________________________________
> Yale CAS mailing list
> cas at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas/attachments/20081125/a313f437/attachment.html

More information about the cas mailing list