组合视图 统一视图 树状图
讨论主题 [ 上一个 | 下一个 ]
toggle
Liferay 6 with existing CAS server John John 2012年2月29日 上午7:03
RE: Liferay 6 with existing CAS server David H Nebinger 2012年2月29日 上午7:49
RE: Liferay 6 with existing CAS server John John 2012年3月2日 上午9:45
RE: Liferay 6 with existing CAS server Juan Gonzalez 2012年3月2日 上午11:26
RE: Liferay 6 with existing CAS server Subhasis Roy 2012年3月5日 下午11:31
RE: Liferay 6 with existing CAS server John John 2012年3月26日 上午7:36
RE: Liferay 6 with existing CAS server David H Nebinger 2012年3月26日 上午8:54
RE: Liferay 6 with existing CAS server John John 2012年3月26日 上午9:46
RE: Liferay 6 with existing CAS server David H Nebinger 2012年3月26日 下午1:39
RE: Liferay 6 with existing CAS server John John 2012年3月26日 下午4:20
RE: Liferay 6 with existing CAS server David H Nebinger 2012年3月26日 下午4:23
RE: Liferay 6 with existing CAS server John John 2012年3月28日 下午4:15
RE: Liferay 6 with existing CAS server Juan Gonzalez 2012年3月29日 上午12:42
RE: Liferay 6 with existing CAS server John John 2012年3月30日 上午7:39
RE: Liferay 6 with existing CAS server Juan Gonzalez 2012年3月30日 上午8:32
RE: Liferay 6 with existing CAS server John John 2012年3月30日 上午9:05
RE: Liferay 6 with existing CAS server Juan Gonzalez 2012年3月31日 上午12:31
RE: Liferay 6 with existing CAS server Kamesh Sampath 2012年4月5日 下午10:49
RE: Liferay 6 with existing CAS server Juan Gonzalez 2012年4月6日 上午1:42
RE: Liferay 6 with existing CAS server Kamesh Sampath 2012年4月9日 下午8:55
RE: Liferay 6 with existing CAS server Juan Gonzalez 2012年4月10日 上午8:30
RE: Liferay 6 with existing CAS server Kamesh Sampath 2012年4月10日 上午9:14
RE: Liferay 6 with existing CAS server Juan Gonzalez 2012年4月10日 上午10:28
John John
Liferay 6 with existing CAS server
2012年2月29日 上午7:03
答复

John John

等级: New Member

帖子: 23

加入日期: 2012年2月12日

最近的帖子

Most of the documentation I've seen has you installing the cas server and starting from there. What if I just want to integrate my portal with a CAS server that already exists and is up and running? Do I need to only configure it to use CAS authentication with the correct settings under the Portal Settings and then have those running the CAS server configure it on their end? Do I still need to generate the SSL cert?
David H Nebinger
RE: Liferay 6 with existing CAS server
2012年2月29日 上午7:49
答复

David H Nebinger

Community Moderator

等级: Liferay Legend

帖子: 11771

加入日期: 2006年9月1日

最近的帖子

You can just skip the step for installing the CAS server since you already have one.
John John
RE: Liferay 6 with existing CAS server
2012年3月2日 上午9:45
答复

John John

等级: New Member

帖子: 23

加入日期: 2012年2月12日

最近的帖子

Okay, so the cas client is already in the root/web-inf/lib directory. Then what? How do I import CASReceipt into a project? import edu.yale.its.tp.cas.client.CASReceipt isn't recognized. The documentation doesn't go much into the CAS client other than it already being in the directory. My portal successfully redirects to CAS, authenticates, and then redirects back to my portal. I want to access attributes from CAS. Any link or help is appreciated.
Juan Gonzalez
RE: Liferay 6 with existing CAS server
2012年3月2日 上午11:26
答复

Juan Gonzalez

LIFERAY STAFF

等级: Liferay Legend

帖子: 2947

加入日期: 2008年10月28日

最近的帖子

John John:
Okay, so the cas client is already in the root/web-inf/lib directory. Then what? How do I import CASReceipt into a project? import edu.yale.its.tp.cas.client.CASReceipt isn't recognized. The documentation doesn't go much into the CAS client other than it already being in the directory. My portal successfully redirects to CAS, authenticates, and then redirects back to my portal. I want to access attributes from CAS. Any link or help is appreciated.


CAS works ok. If you want additional features (like attributes) probably you want SAML, and that is a EE feature.
Subhasis Roy
RE: Liferay 6 with existing CAS server
2012年3月5日 下午11:31
答复

Subhasis Roy

等级: Expert

帖子: 284

加入日期: 2012年1月19日

最近的帖子

John John:
Okay, so the cas client is already in the root/web-inf/lib directory. Then what? How do I import CASReceipt into a project? import edu.yale.its.tp.cas.client.CASReceipt isn't recognized. The documentation doesn't go much into the CAS client other than it already being in the directory. My portal successfully redirects to CAS, authenticates, and then redirects back to my portal. I want to access attributes from CAS. Any link or help is appreciated.



Are you trying to access the logged in user id? What attribute you want to access from CAS in your application?

You can access the userId / Roles from your theme after login.

Please be more clear on that.
John John
RE: Liferay 6 with existing CAS server
2012年3月26日 上午7:36
答复

John John

等级: New Member

帖子: 23

加入日期: 2012年2月12日

最近的帖子

I am using liferay 6. The portal is working with CAS and LDAP. Currently, when clicking the sign in link, it redirects the user to the CAS authentication page, authenticates, then redirects back to liferay signed in as the authenticated user and imports all the user information from LDAP to liferay which is mapped in the control panel. There are a bunch of attributes that CAS has that I want access to. I can map these directly from LDAP and create a custom attribute, though, I don't want this information imported, but instead accessed directly from CAS. I want to do this with the JASIG CAS client library. I have been following this example: https://wiki.jasig.org/display/CASC/Saml11TicketValidationFilter+Example

I have a few questions about this:
Which web.xml is the example referring to? I am assuming it is tomcat/webapps/root/WEB-INF since that is where all the filters are.
Whenever I make these changes in that web.xml and restart tomcat, liferay will not boot back up.

How can I validate the ticket without editing web.xml? All of the validation methods I've seen in this library take the ticket as a parameter. I don't have anyway of getting the ticket and using it as a parameter that I know of.

Are there any other examples out there that seem relevant to my condition?
David H Nebinger
RE: Liferay 6 with existing CAS server
2012年3月26日 上午8:54
答复

David H Nebinger

Community Moderator

等级: Liferay Legend

帖子: 11771

加入日期: 2006年9月1日

最近的帖子

Yes, it would be the web.xml under ROOT.

Tomcat not starting up is probably due to a missing class not found when loading the filter definitions - make sure you have the listed jars in the ROOT/WEB-INF/lib directory. The catalina.out file may have a pointer to what is failing during startup.

As far as examples, since Liferay is open source you should be able to check out the Liferay implementations dealing w/ cas and the ticket handling, those are probably the most relevant to your situation.
John John
RE: Liferay 6 with existing CAS server
2012年3月26日 上午9:46
答复

John John

等级: New Member

帖子: 23

加入日期: 2012年2月12日

最近的帖子

The jars are in there. And it seems like the classes are found as it is loading the parameters I set and setting default values for the parameters i didn't set.
Here is my catalina.out

SEVERE: Error filterStart
that looks to be the problem to me. any ideas?


Mar 26, 2012 4:40:47 PM org.apache.catalina.core.AprLifecycleListener init
INFO: The APR based Apache Tomcat Native library which allows optimal performance in production environments was not found on the java.library.path: .:/Library/Java/Extensions:/System/Library/Java/Extensions:/usr/lib/java
Mar 26, 2012 4:40:48 PM org.apache.coyote.AbstractProtocol init
INFO: Initializing ProtocolHandler ["http-bio-8080"]
Mar 26, 2012 4:40:48 PM org.apache.coyote.AbstractProtocol init
INFO: Initializing ProtocolHandler ["ajp-bio-8009"]
Mar 26, 2012 4:40:48 PM org.apache.catalina.startup.Catalina load
INFO: Initialization processed in 1739 ms
Mar 26, 2012 4:40:48 PM org.apache.catalina.core.StandardService startInternal
INFO: Starting service Catalina
Mar 26, 2012 4:40:48 PM org.apache.catalina.core.StandardEngine startInternal
INFO: Starting Servlet Engine: Apache Tomcat/7.0.23
Mar 26, 2012 4:40:48 PM org.apache.catalina.startup.HostConfig deployDescriptor
INFO: Deploying configuration descriptor /Users/johnpowers/CodeHome/bundles/liferay/tomcat-7.0.23/conf/Catalina/localhost/ROOT.xml
Loading jar:file:/Users/johnpowers/CodeHome/bundles/liferay/tomcat-7.0.23/webapps/ROOT/WEB-INF/lib/portal-impl.jar!/system.properties
16:40:51,847 INFO [EasyConf:122] Refreshed the configuration of all components
16:40:52,567 INFO [ConfigurationLoader:56] Properties for jar:file:/Users/johnpowers/CodeHome/bundles/liferay/tomcat-7.0.23/webapps/ROOT/WEB-INF/lib/portal-impl.jar!/portal loaded from [file:/Users/johnpowers/codehome/bundles/liferay/portal-setup-wizard.properties, file:/Users/johnpowers/codehome/bundles/liferay/portal-ext.properties, jar:file:/Users/johnpowers/CodeHome/bundles/liferay/tomcat-7.0.23/webapps/ROOT/WEB-INF/lib/portal-impl.jar!/portal.properties]
Loading jar:file:/Users/johnpowers/CodeHome/bundles/liferay/tomcat-7.0.23/webapps/ROOT/WEB-INF/lib/portal-impl.jar!/portal.properties
Loading file:/Users/johnpowers/codehome/bundles/liferay/portal-ext.properties
Loading file:/Users/johnpowers/codehome/bundles/liferay/portal-setup-wizard.properties
16:41:10,355 INFO [DialectDetector:80] Determine dialect for HSQL Database Engine 2
16:41:10,358 WARN [DialectDetector:95] Liferay is configured to use Hypersonic as its database. Do NOT use Hypersonic in production. Hypersonic is an embedded database useful for development and demo'ing purposes. The database settings can be changed in portal-ext.properties.
16:41:10,402 INFO [DialectDetector:145] Found dialect org.hibernate.dialect.HSQLDialect
16:41:35,408 INFO [Saml11TicketValidationFilter:41] Property loaded from FilterConfig.getInitParameter with value [http://xxxx]
16:41:35,418 INFO [Saml11TicketValidationFilter:75] Property not found. Using default value
16:41:35,419 INFO [Saml11TicketValidationFilter:75] Property [artifactParameterName] not found. Using default value
16:41:35,419 INFO [Saml11TicketValidationFilter:75] Property [serviceParameterName] not found. Using default value
16:41:35,420 INFO [Saml11TicketValidationFilter:75] Property not found. Using default value
16:41:35,420 INFO [Saml11TicketValidationFilter:75] Property [exceptionOnValidationFailure] not found. Using default value
16:41:35,420 INFO [Saml11TicketValidationFilter:41] Property [redirectAfterValidation] loaded from FilterConfig.getInitParameter with value
16:41:35,421 INFO [Saml11TicketValidationFilter:75] Property not found. Using default value
16:41:35,428 INFO [AuthenticationFilter:41] Property loaded from FilterConfig.getInitParameter with value [http://xxxx]
16:41:35,435 INFO [AuthenticationFilter:75] Property not found. Using default value
16:41:35,436 INFO [AuthenticationFilter:75] Property [artifactParameterName] not found. Using default value
16:41:35,438 INFO [AuthenticationFilter:75] Property [serviceParameterName] not found. Using default value
16:41:35,439 INFO [AuthenticationFilter:75] Property not found. Using default value
16:41:35,440 INFO [AuthenticationFilter:41] Property [casServerLoginUrl] loaded from FilterConfig.getInitParameter with value [https://xxxx]
16:41:35,440 INFO [AuthenticationFilter:75] Property not found. Using default value
16:41:35,441 INFO [AuthenticationFilter:75] Property not found. Using default value
16:41:35,442 INFO [AuthenticationFilter:75] Property [gatewayStorageClass] not found. Using default value
16:41:35,445 INFO [HttpServletRequestWrapperFilter:75] Property not found. Using default value
16:41:35,447 INFO [HttpServletRequestWrapperFilter:75] Property not found. Using default value
Mar 26, 2012 4:41:35 PM org.apache.catalina.core.StandardContext startInternal
SEVERE: Error filterStart
Mar 26, 2012 4:41:35 PM org.apache.catalina.core.StandardContext startInternal
SEVERE: Context [] startup failed due to previous errors
Mar 26, 2012 4:41:36 PM org.apache.catalina.loader.WebappClassLoader clearReferencesThreads
SEVERE: The web application [] appears to have started a thread named [HSQLDB Timer @4d97507c] but has failed to stop it. This is very likely to create a memory leak.
Mar 26, 2012 4:41:36 PM org.apache.catalina.startup.HostConfig deployDirectory
INFO: Deploying web application directory /Users/johnpowers/CodeHome/bundles/liferay/tomcat-7.0.23/webapps/cas-attribute-portlet
Mar 26, 2012 4:41:38 PM org.apache.catalina.startup.HostConfig deployDirectory
INFO: Deploying web application directory /Users/johnpowers/CodeHome/bundles/liferay/tomcat-7.0.23/webapps/chat-portlet
Mar 26, 2012 4:41:39 PM org.apache.catalina.startup.HostConfig deployDirectory
INFO: Deploying web application directory /Users/johnpowers/CodeHome/bundles/liferay/tomcat-7.0.23/webapps/google-maps-portlet
Mar 26, 2012 4:41:39 PM org.apache.catalina.startup.HostConfig deployDirectory
INFO: Deploying web application directory /Users/johnpowers/CodeHome/bundles/liferay/tomcat-7.0.23/webapps/kaleo-web
Mar 26, 2012 4:41:40 PM org.apache.catalina.startup.HostConfig deployDirectory
INFO: Deploying web application directory /Users/johnpowers/CodeHome/bundles/liferay/tomcat-7.0.23/webapps/knowledge-base-portlet
Mar 26, 2012 4:41:41 PM org.apache.catalina.startup.HostConfig deployDirectory
INFO: Deploying web application directory /Users/johnpowers/CodeHome/bundles/liferay/tomcat-7.0.23/webapps/mail-portlet
Mar 26, 2012 4:41:42 PM org.apache.catalina.startup.HostConfig deployDirectory
INFO: Deploying web application directory /Users/johnpowers/CodeHome/bundles/liferay/tomcat-7.0.23/webapps/opensocial-portlet
Mar 26, 2012 4:41:44 PM org.apache.catalina.startup.HostConfig deployDirectory
INFO: Deploying web application directory /Users/johnpowers/CodeHome/bundles/liferay/tomcat-7.0.23/webapps/sevencogs-hook
16:41:44,884 INFO [HotDeployEvent:95] Plugin sevencogs-hook requires google-maps-portlet, kaleo-web, mail-portlet, sevencogs-theme, social-networking-portlet, web-form-portlet
Mar 26, 2012 4:41:44 PM org.apache.catalina.startup.HostConfig deployDirectory
INFO: Deploying web application directory /Users/johnpowers/CodeHome/bundles/liferay/tomcat-7.0.23/webapps/sevencogs-theme
Mar 26, 2012 4:41:44 PM org.apache.catalina.startup.HostConfig deployDirectory
INFO: Deploying web application directory /Users/johnpowers/CodeHome/bundles/liferay/tomcat-7.0.23/webapps/social-networking-portlet
Mar 26, 2012 4:41:45 PM org.apache.catalina.startup.HostConfig deployDirectory
INFO: Deploying web application directory /Users/johnpowers/CodeHome/bundles/liferay/tomcat-7.0.23/webapps/student-calendar-portlet
Mar 26, 2012 4:41:46 PM org.apache.catalina.startup.HostConfig deployDirectory
INFO: Deploying web application directory /Users/johnpowers/CodeHome/bundles/liferay/tomcat-7.0.23/webapps/user-register-portlet
Mar 26, 2012 4:41:48 PM org.apache.catalina.startup.HostConfig deployDirectory
INFO: Deploying web application directory /Users/johnpowers/CodeHome/bundles/liferay/tomcat-7.0.23/webapps/web-form-portlet
Mar 26, 2012 4:41:48 PM org.apache.catalina.startup.HostConfig deployDirectory
INFO: Deploying web application directory /Users/johnpowers/CodeHome/bundles/liferay/tomcat-7.0.23/webapps/word-count-portlet
Mar 26, 2012 4:41:50 PM org.apache.catalina.startup.HostConfig deployDirectory
INFO: Deploying web application directory /Users/johnpowers/CodeHome/bundles/liferay/tomcat-7.0.23/webapps/wsrp-portlet
Mar 26, 2012 4:41:52 PM org.apache.coyote.AbstractProtocol start
INFO: Starting ProtocolHandler ["http-bio-8080"]
Mar 26, 2012 4:41:52 PM org.apache.coyote.AbstractProtocol start
INFO: Starting ProtocolHandler ["ajp-bio-8009"]
Mar 26, 2012 4:41:52 PM org.apache.catalina.startup.Catalina start
INFO: Server startup in 63143 ms
David H Nebinger
RE: Liferay 6 with existing CAS server
2012年3月26日 下午1:39
答复

David H Nebinger

Community Moderator

等级: Liferay Legend

帖子: 11771

加入日期: 2006年9月1日

最近的帖子

John John:
SEVERE: Error filterStart
that looks to be the problem to me. any ideas?


Yep, that is the problem and usually it's a classpath issue. Unfortunately you're not going to get a lot of help from catalina.out. You might try running under the debugger and hope it stops at the exception so you can figure out what's going wrong...

Filter issues like this are difficult to resolve...
John John
RE: Liferay 6 with existing CAS server
2012年3月26日 下午4:20
答复

John John

等级: New Member

帖子: 23

加入日期: 2012年2月12日

最近的帖子

i've been browsing the svn. any idea on where i would find an example?
David H Nebinger
RE: Liferay 6 with existing CAS server
2012年3月26日 下午4:23
答复

David H Nebinger

Community Moderator

等级: Liferay Legend

帖子: 11771

加入日期: 2006年9月1日

最近的帖子

how about com.liferay.portal.servlet.filters.sso.cas.CASFilter?
John John
RE: Liferay 6 with existing CAS server
2012年3月28日 下午4:15
答复

John John

等级: New Member

帖子: 23

加入日期: 2012年2月12日

最近的帖子

Thank you for your help! I feel that I am getting close. I just need help understanding one thing. It seems that the version of liferay I am using (6.1) has better CAS support than a lot of the documentation I find and end up reading. If I have CAS and LDAP set up in the control panel to the point that users are authenticated and redirected back to the Liferay portal and users are successfully being imported from ldap into liferay after being authenticated by CAS, did liferay validate the CAS ticket already on it's own? Or is that still left up to me to do manually?
Juan Gonzalez
RE: Liferay 6 with existing CAS server
2012年3月29日 上午12:42
答复

Juan Gonzalez

LIFERAY STAFF

等级: Liferay Legend

帖子: 2947

加入日期: 2008年10月28日

最近的帖子

John John:
If I have CAS and LDAP set up in the control panel to the point that users are authenticated and redirected back to the Liferay portal and users are successfully being imported from ldap into liferay after being authenticated by CAS, did liferay validate the CAS ticket already on it's own?


Yep, ticket is validated AFAIK. If it isn't that way, wouldn't be CAS....
John John
RE: Liferay 6 with existing CAS server
2012年3月30日 上午7:39
答复

John John

等级: New Member

帖子: 23

加入日期: 2012年2月12日

最近的帖子

So is it even necessary for me to edit web.xml as that example suggests? From what I understood, the whole purpose of that was to validate the cas ticket. But liferay seems like it is already doing that for me. If the ticket is already validated then it is only a matter of me getting attributes from the portal to my portlet, correct? This is where my confusion is. I don't know what liferay has already done for me and where in the docs I am supposed to pick up at.
Juan Gonzalez
RE: Liferay 6 with existing CAS server
2012年3月30日 上午8:32
答复

Juan Gonzalez

LIFERAY STAFF

等级: Liferay Legend

帖子: 2947

加入日期: 2008年10月28日

最近的帖子

John John:
So is it even necessary for me to edit web.xml as that example suggests? From what I understood, the whole purpose of that was to validate the cas ticket. But liferay seems like it is already doing that for me. If the ticket is already validated then it is only a matter of me getting attributes from the portal to my portlet, correct? This is where my confusion is. I don't know what liferay has already done for me and where in the docs I am supposed to pick up at.


What example do you refer? You don't have to modify web.xml for this at all.

Yep, if you want some custom attributes you would have to import them from LDAP, for example. CAS is only for authenticating, attributes comes from other places. In 6.1 EE you have SAML, which you can use for getting attributes from CAS directly, and hence LDAP shouldn't be mandatory for that.
John John
RE: Liferay 6 with existing CAS server
2012年3月30日 上午9:05
答复

John John

等级: New Member

帖子: 23

加入日期: 2012年2月12日

最近的帖子

This is the example I am referring to
https://wiki.jasig.org/display/CASC/Saml11TicketValidationFilter+Example

Liferay came with the jasig java cas client and I was trying to use this to get the attributes. Liferay had been configured with CAS / LDAP in the control panel and it had been suggested by colleagues that I would be able to use the java cas client to get the attributes. Will this not work?
Juan Gonzalez
RE: Liferay 6 with existing CAS server
2012年3月31日 上午12:31
答复

Juan Gonzalez

LIFERAY STAFF

等级: Liferay Legend

帖子: 2947

加入日期: 2008年10月28日

最近的帖子

John John:
This is the example I am referring to
https://wiki.jasig.org/display/CASC/Saml11TicketValidationFilter+Example

Liferay came with the jasig java cas client and I was trying to use this to get the attributes. Liferay had been configured with CAS / LDAP in the control panel and it had been suggested by colleagues that I would be able to use the java cas client to get the attributes. Will this not work?


Ohhh now I understand. Well, as I've said Liferay CE hasn't support of SAML (to get attributes from CAS). If you want that you have 2 options:

  1. Liferay EE version (commercial) has CAS with SAML support in it. Perhaps you want to ask Liferay sales for testing that.
  2. With Liferay 6.1 CE you can add custom attributes from LDAP. Instead getting from CAS, you could add those attributes to LDAP, add custom attributes to Users, and then mapping those with LDAP ones.
Kamesh Sampath
RE: Liferay 6 with existing CAS server
2012年4月5日 下午10:49
答复

Kamesh Sampath

等级: Regular Member

帖子: 159

加入日期: 2010年5月26日

最近的帖子

Hi,

This is ideal when CAS exposes set of LDAP attributes, but there could be cases where CAS might expose attributes from some other data source,

eg. CAS authentication happens with LDAP and then it will use an attribute form LDAP to look in to another data source from additional user attributes, in that case adding custom attribute to user object in portal and setting up synch with LDAP might not be that useful right ?

Is there any way by which we can extract the attribute from using CAS client API ? Something like having an hook that will add an custom Action to login.events.post, in that action we can use the CAS client API to extract the attributes and then flush it in to the User Object created by the LoginAction
Juan Gonzalez
RE: Liferay 6 with existing CAS server
2012年4月6日 上午1:42
答复

Juan Gonzalez

LIFERAY STAFF

等级: Liferay Legend

帖子: 2947

加入日期: 2008年10月28日

最近的帖子

Kamesh Sampath:
Hi,

This is ideal when CAS exposes set of LDAP attributes, but there could be cases where CAS might expose attributes from some other data source,

eg. CAS authentication happens with LDAP and then it will use an attribute form LDAP to look in to another data source from additional user attributes, in that case adding custom attribute to user object in portal and setting up synch with LDAP might not be that useful right ?

Is there any way by which we can extract the attribute from using CAS client API ? Something like having an hook that will add an custom Action to login.events.post, in that action we can use the CAS client API to extract the attributes and then flush it in to the User Object created by the LoginAction


For that cases you should use CAS SAML, and that is a feature of EE version. Of course you can try doing yourself, shouldn't be much difficult implementing it.
Kamesh Sampath
RE: Liferay 6 with existing CAS server
2012年4月9日 下午8:55
答复

Kamesh Sampath

等级: Regular Member

帖子: 159

加入日期: 2010年5月26日

最近的帖子

Gracias Juan !

But I feel it would worth that the CASFilter puts the the "Assertion" object in request attribute so that we can retrieve the same and extract any attributes form it using the getAttributePrincipal method. I feel that is a easier way than using SAML. Right now we just put only the login name.
Juan Gonzalez
RE: Liferay 6 with existing CAS server
2012年4月10日 上午8:30
答复

Juan Gonzalez

LIFERAY STAFF

等级: Liferay Legend

帖子: 2947

加入日期: 2008年10月28日

最近的帖子

Kamesh Sampath:
Gracias Juan !

But I feel it would worth that the CASFilter puts the the "Assertion" object in request attribute so that we can retrieve the same and extract any attributes form it using the getAttributePrincipal method. I feel that is a easier way than using SAML. Right now we just put only the login name.


Guess you're totally right.

Here is the class to modify/debug then:

https://github.com/liferay/liferay-portal/blob/master/portal-impl/src/com/liferay/portal/servlet/filters/sso/cas/CASFilter.java

It seems that AttributePrincipal is available. You can try debugging and see if it has your custom attributes from CAS.

Aftter that please share here your findings.

Thanks!
Kamesh Sampath
RE: Liferay 6 with existing CAS server
2012年4月10日 上午9:14
答复

Kamesh Sampath

等级: Regular Member

帖子: 159

加入日期: 2010年5月26日

最近的帖子

I did that exercise earlier emoticon We do get the attributes that are pushed by CAS. So i feel its worth that Portal code is updated to add the Assertion as request attribute.

I have raised an enhancement LPS-26622, please share your comments and further thoughts there and lets try to see what other Liferay experts has to say.

Thanks!
Juan Gonzalez
RE: Liferay 6 with existing CAS server
2012年4月10日 上午10:28
答复

Juan Gonzalez

LIFERAY STAFF

等级: Liferay Legend

帖子: 2947

加入日期: 2008年10月28日

最近的帖子

Hi Ramesh,

Great! I've seen in your LPS that you want to add the whole object in session. Wouldn't be better (and intuitive) to store this values as custom user attributes in Liferay?