saurabh s 14 Years Ago Thanks Nidhi for sharing This Information with us Please sign in to reply. Reply as... Cancel
Bavithra Rajendran 14 Years Ago Very Nice! Thanks for sharing Please sign in to reply. Reply as... Cancel
Srikanth Reddy Sanivarapu 14 Years Ago Really gud blog. thQ... Please sign in to reply. Reply as... Cancel
joydeep roy 14 Years Ago nice explanation with proper guided urls.... thanks for such nice piece of information Please sign in to reply. Reply as... Cancel
Freddi Fischer 14 Years Ago a little hint for those how want to run LR under a other domain like "dev" or sth.: make sure your cert is created for this host and the cert is imported to the correct cert store at %JAVA_HOME% and/or the LR JRE store. Please sign in to reply. Reply as... Cancel Nidhi Singh Freddi Fischer 14 Years Ago - Edited Yes correct, you have to make sure that cert is created inside %JAVA_HOME% which is used by LR. Please sign in to reply. Reply as... Cancel
Nidhi Singh Freddi Fischer 14 Years Ago - Edited Yes correct, you have to make sure that cert is created inside %JAVA_HOME% which is used by LR. Please sign in to reply. Reply as... Cancel
Saravanan V 14 Years Ago Hi,Thanks for your blog,In portal.properties for CAS, below comment is provided, # # Set the default values for the required CAS URLs. Set either # "cas.server.name" or "cas.service.url". Setting "cas.server.name" allows # deep linking. See LEP-4423. #please let me know do we need to specify cas.server.name and cas.servive.url or any one as commented in the property file,in my case if i provide both the values it didnt work, after CAS authentication page was blank, if i enter only ther cas.service.url and not cas.server.name in this case Authentication works fine and i am getting the page but here also redirect didnt work. Please sign in to reply. Reply as... Cancel
coe-jek same 13 Years Ago thanks for the tutorial, but actually it didn' solve my problem in "single sign out".I've implemented this single sign on, and it works, but when I sign out from other application which is connected to CAS, the session in liferay didn't invalidate this session_ID, so what's shoul I do.thanks & regards Please sign in to reply. Reply as... Cancel
Daljeet Kaur 13 Years Ago I need urgent help on CAS+Liferay on Linux Centos.Please help. Please sign in to reply. Reply as... Cancel Nidhi Singh Daljeet Kaur 13 Years Ago Please write your problem so that i can solve Please sign in to reply. Reply as... Cancel Daljeet Kaur Nidhi Singh 13 Years Ago Hi Nidhii am trying to integrate CAS+liferay on centOS, i have created signature certificate but the problem is that i am unable to locate jre/lib/security on centOS as it uses OpenJDK.I tried to integrate CAS+Liferay without doing the above step but it didnot work. Please help!Thanks for your early response. Please sign in to reply. Reply as... Cancel (You) Nidhi Singh 13 Years Ago Hi I have located jre. Would contact for further helpThanks Please sign in to reply. Reply as... Cancel Daljeet Kaur 13 Years Ago Hi,i am trying to integrate Liferay+CAS. When i click on signin on Liferay portal it opens the Liferay Portal again instead of CAS Login page.Can anyone please help in solving this issue.Thanks in advanceDaljeet Please sign in to reply. Reply as... Cancel Nidhi Singh Daljeet Kaur 13 Years Ago Hi,you did CAS setting in liferay, system-ext.properties file and portal-ext.properties file.Nidhi Please sign in to reply. Reply as... Cancel Daljeet Kaur Nidhi Singh 13 Years Ago HiI am having problem in adding authentication handler in the file deployerConfigContext.xmlWhen i add the code by replacing simple authentication it gives exception of class not found for FastBindLdapAuthenticationHandler.Please help out.Thanks Please sign in to reply. Reply as... Cancel Nidhi Singh Daljeet Kaur 13 Years Ago Hi,you have added this cas-server-support-ldap-3.2.1.jar Nidhi Please sign in to reply. Reply as... Cancel (You) Nidhi Singh 13 Years Ago Hi,yes i have added cas-server-support-ldap-3.2.1.jarIt is giving the following exception Line 124 in XML document from ServletContext resource [/WEB-INF/deployerConfigContext.xml] is invalid; nested exception is org.xml.sax.SAXParseException: cvc-complex-type.2.3: Element 'list' cannot have character [children], because the type's content type is element-only.Daljeet Please sign in to reply. Reply as... Cancel (You) 13 Years Ago I have also added system-ext.properties file and portal-ext.properties file.As I am working on Linux please tell how to do settings that you mentioned by visiting control panel.Thanks Please sign in to reply. Reply as... Cancel Daljeet Kaur 13 Years Ago Hi Nidhi,When i click on signin on Liferay Portal home page it takes me to url : https://server:8443/c/portal/login?p_l_id=10298But Internet explorer cannot display page.Kindly help for the needfulThanks DJ Please sign in to reply. Reply as... Cancel
Nidhi Singh Daljeet Kaur 13 Years Ago Please write your problem so that i can solve Please sign in to reply. Reply as... Cancel Daljeet Kaur Nidhi Singh 13 Years Ago Hi Nidhii am trying to integrate CAS+liferay on centOS, i have created signature certificate but the problem is that i am unable to locate jre/lib/security on centOS as it uses OpenJDK.I tried to integrate CAS+Liferay without doing the above step but it didnot work. Please help!Thanks for your early response. Please sign in to reply. Reply as... Cancel (You) Nidhi Singh 13 Years Ago Hi I have located jre. Would contact for further helpThanks Please sign in to reply. Reply as... Cancel Daljeet Kaur 13 Years Ago Hi,i am trying to integrate Liferay+CAS. When i click on signin on Liferay portal it opens the Liferay Portal again instead of CAS Login page.Can anyone please help in solving this issue.Thanks in advanceDaljeet Please sign in to reply. Reply as... Cancel Nidhi Singh Daljeet Kaur 13 Years Ago Hi,you did CAS setting in liferay, system-ext.properties file and portal-ext.properties file.Nidhi Please sign in to reply. Reply as... Cancel Daljeet Kaur Nidhi Singh 13 Years Ago HiI am having problem in adding authentication handler in the file deployerConfigContext.xmlWhen i add the code by replacing simple authentication it gives exception of class not found for FastBindLdapAuthenticationHandler.Please help out.Thanks Please sign in to reply. Reply as... Cancel Nidhi Singh Daljeet Kaur 13 Years Ago Hi,you have added this cas-server-support-ldap-3.2.1.jar Nidhi Please sign in to reply. Reply as... Cancel (You) Nidhi Singh 13 Years Ago Hi,yes i have added cas-server-support-ldap-3.2.1.jarIt is giving the following exception Line 124 in XML document from ServletContext resource [/WEB-INF/deployerConfigContext.xml] is invalid; nested exception is org.xml.sax.SAXParseException: cvc-complex-type.2.3: Element 'list' cannot have character [children], because the type's content type is element-only.Daljeet Please sign in to reply. Reply as... Cancel (You) 13 Years Ago I have also added system-ext.properties file and portal-ext.properties file.As I am working on Linux please tell how to do settings that you mentioned by visiting control panel.Thanks Please sign in to reply. Reply as... Cancel Daljeet Kaur 13 Years Ago Hi Nidhi,When i click on signin on Liferay Portal home page it takes me to url : https://server:8443/c/portal/login?p_l_id=10298But Internet explorer cannot display page.Kindly help for the needfulThanks DJ Please sign in to reply. Reply as... Cancel
Daljeet Kaur Nidhi Singh 13 Years Ago Hi Nidhii am trying to integrate CAS+liferay on centOS, i have created signature certificate but the problem is that i am unable to locate jre/lib/security on centOS as it uses OpenJDK.I tried to integrate CAS+Liferay without doing the above step but it didnot work. Please help!Thanks for your early response. Please sign in to reply. Reply as... Cancel
(You) Nidhi Singh 13 Years Ago Hi I have located jre. Would contact for further helpThanks Please sign in to reply. Reply as... Cancel Daljeet Kaur 13 Years Ago Hi,i am trying to integrate Liferay+CAS. When i click on signin on Liferay portal it opens the Liferay Portal again instead of CAS Login page.Can anyone please help in solving this issue.Thanks in advanceDaljeet Please sign in to reply. Reply as... Cancel Nidhi Singh Daljeet Kaur 13 Years Ago Hi,you did CAS setting in liferay, system-ext.properties file and portal-ext.properties file.Nidhi Please sign in to reply. Reply as... Cancel Daljeet Kaur Nidhi Singh 13 Years Ago HiI am having problem in adding authentication handler in the file deployerConfigContext.xmlWhen i add the code by replacing simple authentication it gives exception of class not found for FastBindLdapAuthenticationHandler.Please help out.Thanks Please sign in to reply. Reply as... Cancel Nidhi Singh Daljeet Kaur 13 Years Ago Hi,you have added this cas-server-support-ldap-3.2.1.jar Nidhi Please sign in to reply. Reply as... Cancel (You) Nidhi Singh 13 Years Ago Hi,yes i have added cas-server-support-ldap-3.2.1.jarIt is giving the following exception Line 124 in XML document from ServletContext resource [/WEB-INF/deployerConfigContext.xml] is invalid; nested exception is org.xml.sax.SAXParseException: cvc-complex-type.2.3: Element 'list' cannot have character [children], because the type's content type is element-only.Daljeet Please sign in to reply. Reply as... Cancel (You) 13 Years Ago I have also added system-ext.properties file and portal-ext.properties file.As I am working on Linux please tell how to do settings that you mentioned by visiting control panel.Thanks Please sign in to reply. Reply as... Cancel Daljeet Kaur 13 Years Ago Hi Nidhi,When i click on signin on Liferay Portal home page it takes me to url : https://server:8443/c/portal/login?p_l_id=10298But Internet explorer cannot display page.Kindly help for the needfulThanks DJ Please sign in to reply. Reply as... Cancel
Daljeet Kaur 13 Years Ago Hi,i am trying to integrate Liferay+CAS. When i click on signin on Liferay portal it opens the Liferay Portal again instead of CAS Login page.Can anyone please help in solving this issue.Thanks in advanceDaljeet Please sign in to reply. Reply as... Cancel Nidhi Singh Daljeet Kaur 13 Years Ago Hi,you did CAS setting in liferay, system-ext.properties file and portal-ext.properties file.Nidhi Please sign in to reply. Reply as... Cancel Daljeet Kaur Nidhi Singh 13 Years Ago HiI am having problem in adding authentication handler in the file deployerConfigContext.xmlWhen i add the code by replacing simple authentication it gives exception of class not found for FastBindLdapAuthenticationHandler.Please help out.Thanks Please sign in to reply. Reply as... Cancel Nidhi Singh Daljeet Kaur 13 Years Ago Hi,you have added this cas-server-support-ldap-3.2.1.jar Nidhi Please sign in to reply. Reply as... Cancel (You) Nidhi Singh 13 Years Ago Hi,yes i have added cas-server-support-ldap-3.2.1.jarIt is giving the following exception Line 124 in XML document from ServletContext resource [/WEB-INF/deployerConfigContext.xml] is invalid; nested exception is org.xml.sax.SAXParseException: cvc-complex-type.2.3: Element 'list' cannot have character [children], because the type's content type is element-only.Daljeet Please sign in to reply. Reply as... Cancel (You) 13 Years Ago I have also added system-ext.properties file and portal-ext.properties file.As I am working on Linux please tell how to do settings that you mentioned by visiting control panel.Thanks Please sign in to reply. Reply as... Cancel Daljeet Kaur 13 Years Ago Hi Nidhi,When i click on signin on Liferay Portal home page it takes me to url : https://server:8443/c/portal/login?p_l_id=10298But Internet explorer cannot display page.Kindly help for the needfulThanks DJ Please sign in to reply. Reply as... Cancel
Nidhi Singh Daljeet Kaur 13 Years Ago Hi,you did CAS setting in liferay, system-ext.properties file and portal-ext.properties file.Nidhi Please sign in to reply. Reply as... Cancel Daljeet Kaur Nidhi Singh 13 Years Ago HiI am having problem in adding authentication handler in the file deployerConfigContext.xmlWhen i add the code by replacing simple authentication it gives exception of class not found for FastBindLdapAuthenticationHandler.Please help out.Thanks Please sign in to reply. Reply as... Cancel Nidhi Singh Daljeet Kaur 13 Years Ago Hi,you have added this cas-server-support-ldap-3.2.1.jar Nidhi Please sign in to reply. Reply as... Cancel (You) Nidhi Singh 13 Years Ago Hi,yes i have added cas-server-support-ldap-3.2.1.jarIt is giving the following exception Line 124 in XML document from ServletContext resource [/WEB-INF/deployerConfigContext.xml] is invalid; nested exception is org.xml.sax.SAXParseException: cvc-complex-type.2.3: Element 'list' cannot have character [children], because the type's content type is element-only.Daljeet Please sign in to reply. Reply as... Cancel (You) 13 Years Ago I have also added system-ext.properties file and portal-ext.properties file.As I am working on Linux please tell how to do settings that you mentioned by visiting control panel.Thanks Please sign in to reply. Reply as... Cancel Daljeet Kaur 13 Years Ago Hi Nidhi,When i click on signin on Liferay Portal home page it takes me to url : https://server:8443/c/portal/login?p_l_id=10298But Internet explorer cannot display page.Kindly help for the needfulThanks DJ Please sign in to reply. Reply as... Cancel
Daljeet Kaur Nidhi Singh 13 Years Ago HiI am having problem in adding authentication handler in the file deployerConfigContext.xmlWhen i add the code by replacing simple authentication it gives exception of class not found for FastBindLdapAuthenticationHandler.Please help out.Thanks Please sign in to reply. Reply as... Cancel Nidhi Singh Daljeet Kaur 13 Years Ago Hi,you have added this cas-server-support-ldap-3.2.1.jar Nidhi Please sign in to reply. Reply as... Cancel (You) Nidhi Singh 13 Years Ago Hi,yes i have added cas-server-support-ldap-3.2.1.jarIt is giving the following exception Line 124 in XML document from ServletContext resource [/WEB-INF/deployerConfigContext.xml] is invalid; nested exception is org.xml.sax.SAXParseException: cvc-complex-type.2.3: Element 'list' cannot have character [children], because the type's content type is element-only.Daljeet Please sign in to reply. Reply as... Cancel (You) 13 Years Ago I have also added system-ext.properties file and portal-ext.properties file.As I am working on Linux please tell how to do settings that you mentioned by visiting control panel.Thanks Please sign in to reply. Reply as... Cancel Daljeet Kaur 13 Years Ago Hi Nidhi,When i click on signin on Liferay Portal home page it takes me to url : https://server:8443/c/portal/login?p_l_id=10298But Internet explorer cannot display page.Kindly help for the needfulThanks DJ Please sign in to reply. Reply as... Cancel
Nidhi Singh Daljeet Kaur 13 Years Ago Hi,you have added this cas-server-support-ldap-3.2.1.jar Nidhi Please sign in to reply. Reply as... Cancel (You) Nidhi Singh 13 Years Ago Hi,yes i have added cas-server-support-ldap-3.2.1.jarIt is giving the following exception Line 124 in XML document from ServletContext resource [/WEB-INF/deployerConfigContext.xml] is invalid; nested exception is org.xml.sax.SAXParseException: cvc-complex-type.2.3: Element 'list' cannot have character [children], because the type's content type is element-only.Daljeet Please sign in to reply. Reply as... Cancel (You) 13 Years Ago I have also added system-ext.properties file and portal-ext.properties file.As I am working on Linux please tell how to do settings that you mentioned by visiting control panel.Thanks Please sign in to reply. Reply as... Cancel Daljeet Kaur 13 Years Ago Hi Nidhi,When i click on signin on Liferay Portal home page it takes me to url : https://server:8443/c/portal/login?p_l_id=10298But Internet explorer cannot display page.Kindly help for the needfulThanks DJ Please sign in to reply. Reply as... Cancel
(You) Nidhi Singh 13 Years Ago Hi,yes i have added cas-server-support-ldap-3.2.1.jarIt is giving the following exception Line 124 in XML document from ServletContext resource [/WEB-INF/deployerConfigContext.xml] is invalid; nested exception is org.xml.sax.SAXParseException: cvc-complex-type.2.3: Element 'list' cannot have character [children], because the type's content type is element-only.Daljeet Please sign in to reply. Reply as... Cancel (You) 13 Years Ago I have also added system-ext.properties file and portal-ext.properties file.As I am working on Linux please tell how to do settings that you mentioned by visiting control panel.Thanks Please sign in to reply. Reply as... Cancel Daljeet Kaur 13 Years Ago Hi Nidhi,When i click on signin on Liferay Portal home page it takes me to url : https://server:8443/c/portal/login?p_l_id=10298But Internet explorer cannot display page.Kindly help for the needfulThanks DJ Please sign in to reply. Reply as... Cancel
(You) 13 Years Ago I have also added system-ext.properties file and portal-ext.properties file.As I am working on Linux please tell how to do settings that you mentioned by visiting control panel.Thanks Please sign in to reply. Reply as... Cancel Daljeet Kaur 13 Years Ago Hi Nidhi,When i click on signin on Liferay Portal home page it takes me to url : https://server:8443/c/portal/login?p_l_id=10298But Internet explorer cannot display page.Kindly help for the needfulThanks DJ Please sign in to reply. Reply as... Cancel
Daljeet Kaur 13 Years Ago Hi Nidhi,When i click on signin on Liferay Portal home page it takes me to url : https://server:8443/c/portal/login?p_l_id=10298But Internet explorer cannot display page.Kindly help for the needfulThanks DJ Please sign in to reply. Reply as... Cancel
Ananda Ramana 13 Years Ago Hi nidhi,We have some PHP-Mysql based applications running on a different server. I want to sign into liferay and get access to those applications using single sign on. Is it possible?. I have added those URLs as embedded pages into liferay. Please sign in to reply. Reply as... Cancel Ed Holderman Ananda Ramana 13 Years Ago Ananda, I am sort of new at this, but I believe that if you have CAS-enabled the PHP-Mysql applications so that you can login to them through CAS (without any Liferay involvement) then yes, you should be able to set up an SSO situation between Liferay and your applications. The key point is that _all_ of them must use CAS for login before SSO will work. Ed Please sign in to reply. Reply as... Cancel Ananda Ramana Ed Holderman 13 Years Ago Hi, Iam not able to get how installing CAS would enable single sign on for an external application. How CAS will talk to my external application? Should i install CAS in my external aplication as well??? Please sign in to reply. Reply as... Cancel Ed Holderman Ananda Ramana 13 Years Ago Yes, you would have to integrate CAS into your other applications so that they could all have the same trust relationship with the CAS validation ticket. If you were to use SiteMinder instead of CAS, you would have the same situation where all of the apps would have to be protected by SiteMinder. The other option is to not use SSO at all and use some sort of uid/password storage mechanism in custom portlets that would send the credentials to the external system, but that isn't as flexible. Please sign in to reply. Reply as... Cancel
Ed Holderman Ananda Ramana 13 Years Ago Ananda, I am sort of new at this, but I believe that if you have CAS-enabled the PHP-Mysql applications so that you can login to them through CAS (without any Liferay involvement) then yes, you should be able to set up an SSO situation between Liferay and your applications. The key point is that _all_ of them must use CAS for login before SSO will work. Ed Please sign in to reply. Reply as... Cancel Ananda Ramana Ed Holderman 13 Years Ago Hi, Iam not able to get how installing CAS would enable single sign on for an external application. How CAS will talk to my external application? Should i install CAS in my external aplication as well??? Please sign in to reply. Reply as... Cancel Ed Holderman Ananda Ramana 13 Years Ago Yes, you would have to integrate CAS into your other applications so that they could all have the same trust relationship with the CAS validation ticket. If you were to use SiteMinder instead of CAS, you would have the same situation where all of the apps would have to be protected by SiteMinder. The other option is to not use SSO at all and use some sort of uid/password storage mechanism in custom portlets that would send the credentials to the external system, but that isn't as flexible. Please sign in to reply. Reply as... Cancel
Ananda Ramana Ed Holderman 13 Years Ago Hi, Iam not able to get how installing CAS would enable single sign on for an external application. How CAS will talk to my external application? Should i install CAS in my external aplication as well??? Please sign in to reply. Reply as... Cancel Ed Holderman Ananda Ramana 13 Years Ago Yes, you would have to integrate CAS into your other applications so that they could all have the same trust relationship with the CAS validation ticket. If you were to use SiteMinder instead of CAS, you would have the same situation where all of the apps would have to be protected by SiteMinder. The other option is to not use SSO at all and use some sort of uid/password storage mechanism in custom portlets that would send the credentials to the external system, but that isn't as flexible. Please sign in to reply. Reply as... Cancel
Ed Holderman Ananda Ramana 13 Years Ago Yes, you would have to integrate CAS into your other applications so that they could all have the same trust relationship with the CAS validation ticket. If you were to use SiteMinder instead of CAS, you would have the same situation where all of the apps would have to be protected by SiteMinder. The other option is to not use SSO at all and use some sort of uid/password storage mechanism in custom portlets that would send the credentials to the external system, but that isn't as flexible. Please sign in to reply. Reply as... Cancel
Joe Osowski 13 Years Ago Is it possible to setup Liferay to use CAS without an LDAP server and without creating an autologin hook? That is, once the user is authenticated, can liferay be configured to complete the user creation by asking the user for the missing profile information? Please sign in to reply. Reply as... Cancel Ed Holderman Joe Osowski 13 Years Ago I have seen information about configuring CAS to use the Liferay database via JDBC instead of the LDAP for a user store so that would solve your first problem: https://wiki.jasig.org/display/CASUM/JDBC. You can extend the functionality of the CAS post-login process to ask the user for the information and store it in the portal DB before sending them back to Liferay (something like this: https://wiki.jasig.org/display/CASUM/Acceptable+Use+interface+for+Login+Webflow). You can also modify Liferay to extend the functionality of it's post-login process: http://www.liferay.com/web/guest/community/wiki/-/wiki/Main/Customizing+the+default+page+after+login I've only read about any of these and they all seem fairly involved. -Ed Please sign in to reply. Reply as... Cancel
Ed Holderman Joe Osowski 13 Years Ago I have seen information about configuring CAS to use the Liferay database via JDBC instead of the LDAP for a user store so that would solve your first problem: https://wiki.jasig.org/display/CASUM/JDBC. You can extend the functionality of the CAS post-login process to ask the user for the information and store it in the portal DB before sending them back to Liferay (something like this: https://wiki.jasig.org/display/CASUM/Acceptable+Use+interface+for+Login+Webflow). You can also modify Liferay to extend the functionality of it's post-login process: http://www.liferay.com/web/guest/community/wiki/-/wiki/Main/Customizing+the+default+page+after+login I've only read about any of these and they all seem fairly involved. -Ed Please sign in to reply. Reply as... Cancel
Nagendra Kumar Busam 13 Years Ago That's a very nice post.Can you let me know is there any way by configuration/any simple means doing following scenarioWe have a CAS + Liferay integrated environment, but it looks like that the “concurrent login prevention” does not work in some occasions for Liferay. For example, we have an iframe enclosing the portal menu bar and the page content. User logs in on Browser 1 and the same User logs in on Browser 2. User then navigates on Browser 1 by clicking on the menu bar (some private pages), but he did not get logged out.Practically i think user's old token should be invalid.Can you give me suggestion regarding the same Please sign in to reply. Reply as... Cancel kiruba garan Nagendra Kumar Busam 13 Years Ago Can u please help me configuring Liferay 6.0.5 with CAS 3.0.7? CAS is working fine with validating user credentials properly with OpenLDAP. But I am confused with the three entries i.e. Server Name, Server URL, and Service URL on the CAS configuraton screen on liferay and not sure what to provide where. I tried with many combimantions but of no use.Please guide me!Thanks!Kiru Please sign in to reply. Reply as... Cancel
kiruba garan Nagendra Kumar Busam 13 Years Ago Can u please help me configuring Liferay 6.0.5 with CAS 3.0.7? CAS is working fine with validating user credentials properly with OpenLDAP. But I am confused with the three entries i.e. Server Name, Server URL, and Service URL on the CAS configuraton screen on liferay and not sure what to provide where. I tried with many combimantions but of no use.Please guide me!Thanks!Kiru Please sign in to reply. Reply as... Cancel
Apoorva Prakash 13 Years Ago Hi Nidhi,Nice artice... very informative... Please sign in to reply. Reply as... Cancel
Apoorva Prakash 13 Years Ago Hello,I am working on a web-application, in which I am using Liferay and Pentaho. I wish to use CAS for aunthenticating users. I followed all the steps, and CAS is working fine. When I am logging in CAS, and then opening the Pentaho portion, i get it signed in, as CAS is login, and when I am logging out from CAS, it as also reflecting in Pentaho, (and vice-versa too). It depicts that Pentaho is sharing the login ticket. But when I am using it with Liferay, it is giving the following problem-when I am logging in through Liferay Sigh In button, then its opening the CAS page and logs in properly, but when I am logging in CAS first, and then open Liferay, then it is not getting that login ticket. () The same problem is persisting at the time of log out also. Please give solution...Thanks in advance !!! Please sign in to reply. Reply as... Cancel
diego santiviago 13 Years Ago hi,when i am logging in through Liferay Sign In button (dock), then its opening the CAS page and logs in properly, but when I am logging in CAS first, and then open Liferay, then it is not getting that login ticket. but if i click in 'sign in' link, liferay acquire the ticket.how i use autologin, logging in cas first ? Please sign in to reply. Reply as... Cancel Ed Holderman diego santiviago 13 Years Ago Diego, I think if you are just going to the public home page, there is no need for Liferay to authenticate so it doesn't check the ticket or try to do autologin. Try this: create a private page and make note of the friendly URL. Log out of everything and close browsers, in a new browser log in to CAS, then use your friendly private page URL. You should go through the autologin. - Ed Please sign in to reply. Reply as... Cancel kiruba garan Ed Holderman 13 Years Ago Can u please help me configuring Liferay 6.0.5 with CAS 3.0.7? CAS is working fine with validating user credentials properly with OpenLDAP. But I am confused with the three entries i.e. Server Name, Server URL, and Service URL on the CAS configuraton screen on liferay and not sure what to provide where. I tried with many combimantions but of no use.Please guide me!Thanks!Kiru Please sign in to reply. Reply as... Cancel Ed Holderman kiruba garan 13 Years Ago Kiru, The best documentation on the use of these settings is in portal-ext.properties and the portal admin guide. If you want people to be able to email or bookmark friendly URLs to pages other than the home page, then you should use combination of server name and server url while leaving the service url blank. This will allow the portal to generate a dynamic service url based on the one the user is trying to access. Here is a summary of portal 5.2.3 settings:- cas.server.name: This is the server name of the portal that CAS should use when calling back to the CAS client. Set either "cas.server.name" or "cas.service.url". Setting "cas.server.name" allows deep linking. See LEP-4423. ex: portal.acme.com- cas.server.url: URL address of the CAS server. ex: https://cas.acme.com:8443/cas- cas.service.url: This parameter replaces the serverName parameter above. It becomes the URL that CAS redirects to after login. If you have one specific point of entry to your web application and you want all logins to proceed through that page, you would specify the full URL of that page here. Either this parameter or the serverName parameter must be set. ex: (don't have example since we don't use this setting)- cas.validate.url: The URL whereat CAS offers its service ticket or proxy ticket validation service. ex: https://cas.acme.com:8443/cas/proxyValidate- cas.login.url: The URL whereat CAS offers its Login page. ex: https://cas.acme.com:8443/cas/login- cas.logout.url: The CAS URL that triggers session invalidation logic. This depends on CAS functionality to redirect the user back to the portal. ex (you may have to alter this depending on your logged out page strategy): https://cas.acme.com:8443/cas/logout?service=http://portal.acme.com/c Please sign in to reply. Reply as... Cancel
Ed Holderman diego santiviago 13 Years Ago Diego, I think if you are just going to the public home page, there is no need for Liferay to authenticate so it doesn't check the ticket or try to do autologin. Try this: create a private page and make note of the friendly URL. Log out of everything and close browsers, in a new browser log in to CAS, then use your friendly private page URL. You should go through the autologin. - Ed Please sign in to reply. Reply as... Cancel kiruba garan Ed Holderman 13 Years Ago Can u please help me configuring Liferay 6.0.5 with CAS 3.0.7? CAS is working fine with validating user credentials properly with OpenLDAP. But I am confused with the three entries i.e. Server Name, Server URL, and Service URL on the CAS configuraton screen on liferay and not sure what to provide where. I tried with many combimantions but of no use.Please guide me!Thanks!Kiru Please sign in to reply. Reply as... Cancel Ed Holderman kiruba garan 13 Years Ago Kiru, The best documentation on the use of these settings is in portal-ext.properties and the portal admin guide. If you want people to be able to email or bookmark friendly URLs to pages other than the home page, then you should use combination of server name and server url while leaving the service url blank. This will allow the portal to generate a dynamic service url based on the one the user is trying to access. Here is a summary of portal 5.2.3 settings:- cas.server.name: This is the server name of the portal that CAS should use when calling back to the CAS client. Set either "cas.server.name" or "cas.service.url". Setting "cas.server.name" allows deep linking. See LEP-4423. ex: portal.acme.com- cas.server.url: URL address of the CAS server. ex: https://cas.acme.com:8443/cas- cas.service.url: This parameter replaces the serverName parameter above. It becomes the URL that CAS redirects to after login. If you have one specific point of entry to your web application and you want all logins to proceed through that page, you would specify the full URL of that page here. Either this parameter or the serverName parameter must be set. ex: (don't have example since we don't use this setting)- cas.validate.url: The URL whereat CAS offers its service ticket or proxy ticket validation service. ex: https://cas.acme.com:8443/cas/proxyValidate- cas.login.url: The URL whereat CAS offers its Login page. ex: https://cas.acme.com:8443/cas/login- cas.logout.url: The CAS URL that triggers session invalidation logic. This depends on CAS functionality to redirect the user back to the portal. ex (you may have to alter this depending on your logged out page strategy): https://cas.acme.com:8443/cas/logout?service=http://portal.acme.com/c Please sign in to reply. Reply as... Cancel
kiruba garan Ed Holderman 13 Years Ago Can u please help me configuring Liferay 6.0.5 with CAS 3.0.7? CAS is working fine with validating user credentials properly with OpenLDAP. But I am confused with the three entries i.e. Server Name, Server URL, and Service URL on the CAS configuraton screen on liferay and not sure what to provide where. I tried with many combimantions but of no use.Please guide me!Thanks!Kiru Please sign in to reply. Reply as... Cancel Ed Holderman kiruba garan 13 Years Ago Kiru, The best documentation on the use of these settings is in portal-ext.properties and the portal admin guide. If you want people to be able to email or bookmark friendly URLs to pages other than the home page, then you should use combination of server name and server url while leaving the service url blank. This will allow the portal to generate a dynamic service url based on the one the user is trying to access. Here is a summary of portal 5.2.3 settings:- cas.server.name: This is the server name of the portal that CAS should use when calling back to the CAS client. Set either "cas.server.name" or "cas.service.url". Setting "cas.server.name" allows deep linking. See LEP-4423. ex: portal.acme.com- cas.server.url: URL address of the CAS server. ex: https://cas.acme.com:8443/cas- cas.service.url: This parameter replaces the serverName parameter above. It becomes the URL that CAS redirects to after login. If you have one specific point of entry to your web application and you want all logins to proceed through that page, you would specify the full URL of that page here. Either this parameter or the serverName parameter must be set. ex: (don't have example since we don't use this setting)- cas.validate.url: The URL whereat CAS offers its service ticket or proxy ticket validation service. ex: https://cas.acme.com:8443/cas/proxyValidate- cas.login.url: The URL whereat CAS offers its Login page. ex: https://cas.acme.com:8443/cas/login- cas.logout.url: The CAS URL that triggers session invalidation logic. This depends on CAS functionality to redirect the user back to the portal. ex (you may have to alter this depending on your logged out page strategy): https://cas.acme.com:8443/cas/logout?service=http://portal.acme.com/c Please sign in to reply. Reply as... Cancel
Ed Holderman kiruba garan 13 Years Ago Kiru, The best documentation on the use of these settings is in portal-ext.properties and the portal admin guide. If you want people to be able to email or bookmark friendly URLs to pages other than the home page, then you should use combination of server name and server url while leaving the service url blank. This will allow the portal to generate a dynamic service url based on the one the user is trying to access. Here is a summary of portal 5.2.3 settings:- cas.server.name: This is the server name of the portal that CAS should use when calling back to the CAS client. Set either "cas.server.name" or "cas.service.url". Setting "cas.server.name" allows deep linking. See LEP-4423. ex: portal.acme.com- cas.server.url: URL address of the CAS server. ex: https://cas.acme.com:8443/cas- cas.service.url: This parameter replaces the serverName parameter above. It becomes the URL that CAS redirects to after login. If you have one specific point of entry to your web application and you want all logins to proceed through that page, you would specify the full URL of that page here. Either this parameter or the serverName parameter must be set. ex: (don't have example since we don't use this setting)- cas.validate.url: The URL whereat CAS offers its service ticket or proxy ticket validation service. ex: https://cas.acme.com:8443/cas/proxyValidate- cas.login.url: The URL whereat CAS offers its Login page. ex: https://cas.acme.com:8443/cas/login- cas.logout.url: The CAS URL that triggers session invalidation logic. This depends on CAS functionality to redirect the user back to the portal. ex (you may have to alter this depending on your logged out page strategy): https://cas.acme.com:8443/cas/logout?service=http://portal.acme.com/c Please sign in to reply. Reply as... Cancel
Jordi Torne 13 Years Ago Simple and straight forward explanation to setting up CAS with Liferay and LDAP.However, I've tried but I didn't manage to get it working.I'm stuck on a ClassNotFoundException. The authentication handler is not loaded because the "org/springframework/ldap/NamingException" class is not found. I've tried both the CAS Server 3.2.1.1 and the CAS 3.4.3.1 with identical results. The spring-ldap-*.jar are in the WEB-INF/lib but for some reason, the Tomcat does not load those jars.Anyone with the same issue? Thanks in advance for any advice on this.Jordi Please sign in to reply. Reply as... Cancel Ed Holderman Jordi Torne 13 Years Ago Jordi, Are you getting the exception from Liferay/CAS Client or the CAS Server? Liferay needs to have a cas-client-core.jar installed in ROOT\WEB-INF\lib with a version that supports the CAS server version since they will be talking to each other. On the CAS server side, I'm building using the maven overlay method detailed in CAS and my pom.xml has an LDAP reference which probably brings in everything needed for the war:<dependency> <groupId>org.jasig.cas</groupId> <artifactId>cas-server-support-ldap</artifactId> <version>${cas.version}</version></dependency> Please sign in to reply. Reply as... Cancel Jordi Torne Ed Holderman 13 Years Ago Hi Ed,I finally solved the issue by reinstalling everything from scratch (Liferay, tomcat and CAS from sources). No idea what was the problem. I have another weird issue now ("CAS is Unavailable" with no single line of error on the logs after submitting user/password) but I'm still working on it.The problem was on the server (at tomcat startup). I haven't reached the point of talking to Liferay yet.Thanks Please sign in to reply. Reply as... Cancel
Ed Holderman Jordi Torne 13 Years Ago Jordi, Are you getting the exception from Liferay/CAS Client or the CAS Server? Liferay needs to have a cas-client-core.jar installed in ROOT\WEB-INF\lib with a version that supports the CAS server version since they will be talking to each other. On the CAS server side, I'm building using the maven overlay method detailed in CAS and my pom.xml has an LDAP reference which probably brings in everything needed for the war:<dependency> <groupId>org.jasig.cas</groupId> <artifactId>cas-server-support-ldap</artifactId> <version>${cas.version}</version></dependency> Please sign in to reply. Reply as... Cancel Jordi Torne Ed Holderman 13 Years Ago Hi Ed,I finally solved the issue by reinstalling everything from scratch (Liferay, tomcat and CAS from sources). No idea what was the problem. I have another weird issue now ("CAS is Unavailable" with no single line of error on the logs after submitting user/password) but I'm still working on it.The problem was on the server (at tomcat startup). I haven't reached the point of talking to Liferay yet.Thanks Please sign in to reply. Reply as... Cancel
Jordi Torne Ed Holderman 13 Years Ago Hi Ed,I finally solved the issue by reinstalling everything from scratch (Liferay, tomcat and CAS from sources). No idea what was the problem. I have another weird issue now ("CAS is Unavailable" with no single line of error on the logs after submitting user/password) but I'm still working on it.The problem was on the server (at tomcat startup). I haven't reached the point of talking to Liferay yet.Thanks Please sign in to reply. Reply as... Cancel
Apoorva PRAKASH 13 Years Ago Hi All,The BasicAutoLogin clss is renamed to RememberMeAutoLogin, I hope the following will help you in case you encounter 'java.lang.ClassNotFoundException: com.liferay.portal.security.auth.BasicAutoLogin' exception...auto.login.hooks=com.liferay.portal.security.auth.RememberMeAutoLoginauto.login.hooks=com.liferay.portal.security.auth.BRememberMeAutoLogin,com.liferay.portal.security.auth.CASAutoLoginThanks and Regards... Please sign in to reply. Reply as... Cancel
jelmer kuperus 13 Years Ago As of CAS 3.3.2, you MUST use Spring LDAP's LdapContextSource (org.springframework.ldap.core.support.LdapContextSource) instead of the AuthenticatedLdapContextSource)https://wiki.jasig.org/display/CASUM/LDAP Please sign in to reply. Reply as... Cancel
jelmer kuperus 13 Years Ago If you authenticate based on email address instead of screenname you cannot use the FastBindLdapAuthenticationHandler instead you can use this<bean class="org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler"> <property name="filter" value="mail=%u" /> <property name="searchBase" value="dc=example,dc=com" /> <property name="contextSource" ref="contextSource" /></bean> Please sign in to reply. Reply as... Cancel
Biresh Choudhury 13 Years Ago Hi Nidhi,Thanks for a nice explanation on how to integrate. I have a little different requirement like integrating liferay 6 with CAS(already available in a web application) without any LDAP.Since the CAS set up is already available what are the steps I need to take? As of now I am trying out the below things without any result.1) Added casclient.jar into ROOT\WEB-INF\lib2) Added auto.login.hooks=com.liferay.portal.security.auth.BasicAutoLogin,com.liferay.portal.security.auth.CASAutoLogin to portal-ext.properties.3) Enabled the CAS from Administrative's control panel with values as: (i)Enabled - Check box enabled by default. (ii)Import from LDAP - Didn't check the check box since no LDAP in my case. (iii) Login URL - http://(MACHINE NAME WHERE CAS IS INSTALLED):9080/cas-web/login (iv) Logout URL - http://(MACHINE NAME WHERE CAS IS INSTALLED):9080/cas-web/logout (v) Server Name - (MACHINE NAME WHERE CAS IS INSTALLED):9080 (vi) Server URL - http://(MACHINE NAME WHERE CAS IS INSTALLED):9080/cas-web (vii) Service URL - http://localhost:8080/web/guest/referenceI am able to login into the portal page instead of me getting redirected to cas-web page. Need help on anything I am missing out. Please sign in to reply. Reply as... Cancel Duy Linh Nguyen Biresh Choudhury 13 Years Ago I do step by step but when start Tomcat http://localhost:8443/cas-web/login error. Can you help me ? i want to SSO liferay and Sakai by CAS Please sign in to reply. Reply as... Cancel
Duy Linh Nguyen Biresh Choudhury 13 Years Ago I do step by step but when start Tomcat http://localhost:8443/cas-web/login error. Can you help me ? i want to SSO liferay and Sakai by CAS Please sign in to reply. Reply as... Cancel
zulfa arifah 11 Years Ago hello.. i need help. the quest is, if ive allready installed CAS in liferay, used the free one, do i need follow the configuration above? regards,iefa Please sign in to reply. Reply as... Cancel
zulfa arifah 11 Years Ago additional quest, how i can used the service that i already installed in liferay. for example CAS,? Please sign in to reply. Reply as... Cancel