Spring Security CAS Plugin - Reference Documentation. Burt Beckwith. Version 3.0.0.M1



Similar documents
Table of contents. Jasig CAS support for the Spring Security plugin.

How To Configure The Jasig Casa Single Sign On On A Workstation On Ahtml.Org On A Server On A Microsoft Server On An Ubuntu (Windows) On A Linux Computer On A Raspberry V

Safewhere*Identify 3.4. Release Notes

BusinessObjects Enterprise XI Release 2

Absorb Single Sign-On (SSO) V3.0

Qualtrics Single Sign-On Specification

Authentication Methods

HarePoint Workflow Extensions for Office 365. Quick Start Guide

Tableau Server Trusted Authentication

Pierce County IT Department GIS Division Xuejin Ruan Dan King

Check list for web developers

Deploying RSA ClearTrust with the FirePass controller

INTEGRATION GUIDE. DIGIPASS Authentication for Google Apps using IDENTIKEY Federation Server

ClicktoFax Service Usage Manual

Step-by-Step guide for SSO from MS Sharepoint 2010 to SAP EP 7.0x

Work with PassKey Manager

Unlocking the Secrets of Alfresco Authentication. Mehdi BELMEKKI,! Consultancy Team! Alfresco!

SAML single sign-on configuration overview

Configuring Single Sign-on from the VMware Identity Manager Service to Dropbox

SSO Plugin. Integration for Jasper Server. J System Solutions. Version 3.6

Spring Security SAML module

WWPass External Authentication Solution for IBM Security Access Manager 8.0

skype ID: store.belvg US phone number:

PowerLink for Blackboard Vista and Campus Edition Install Guide

Desktop Web Access Single Sign-On Configuration Guide

Salesforce Opportunities Portlet Documentation v2

Using Internet or Windows Explorer to Upload Your Site

Configuration Guide - OneDesk to SalesForce Connector

Architecture of Enterprise Applications III Single Sign-On

Configuring Single Sign-on from the VMware Identity Manager Service to ServiceNow

Fairsail REST API: Guide for Developers

LICENTIA. InvoiceXpress Integration

Outlook Profile Setup Guide Exchange 2010 Quick Start and Detailed Instructions

MAGEJAM PLUGIN INSTALLATION GUIDE

SCAS: AN IMPROVED SINGLE SIGN-ON MODEL BASE ON CAS

Configuring. Moodle. Chapter 82

RCS Liferay Google Analytics Portlet Installation Guide

White Paper March 1, Integrating AR System with Single Sign-On (SSO) authentication systems

Integrating Moodle with an external tool

INUVIKA OPEN VIRTUAL DESKTOP ENTERPRISE

Working with Indicee Elements

Getting Started with One Search for Destiny

TRIPwire HSIN Federation:

PassKey Manager. Schoolwires Centricity

SINGLE SIGN-ON FOR MTWEB

Accessing the Illinois CRM Report Archive Database

Manufacturing Representative SSL VDM Login User s Guide

Synology SSO Server. Development Guide

esoc SSA DC-I Part 1 - Single Sign-On and Access Management ICD

Administrator Guide. v 11

INTEGRATION GUIDE. DIGIPASS Authentication for Office 365 using IDENTIKEY Authentication Server with Basic Web Filter

Copyright: WhosOnLocation Limited

Configuring ADFS 3.0 to Communicate with WhosOnLocation SAML

App Orchestration 2.5

Portal User Guide. Customers. Version 1.1. May of 5

Integrations. Help Documentation

CAS-anova: A University Proclaims its Love for Simplified Authentication

App Orchestration 2.0

SSO Plugin. Authentication service for HP, Kinetic, Jasper, SAP and CA products. J System Solutions. JSS SSO Plugin Authentication service

External Authentication with Citrix Secure Gateway - Presentation server Authenticating Users Using SecurAccess Server by SecurEnvoy

BackupAgent LabTech Integration Installation and Usage

OSF INTEGRATOR for INGRAM MICRO Integration Guide

INTEGRATE SALESFORCE.COM SINGLE SIGN-ON WITH THIRD-PARTY SINGLE SIGN-ON USING SENTRY A GUIDE TO SUCCESSFUL USE CASE

Managed Security Web Portal USER GUIDE

CA Nimsoft Service Desk

Acunetix Web Vulnerability Scanner. Getting Started. By Acunetix Ltd.

JOSSO 2.4. Internet Information Server (IIS) Tutorial

Egnyte Single Sign-On (SSO) Installation for Okta

Configuring Single Sign-On from the VMware Identity Manager Service to Office 365

Horizon Call Centre reporting with Akixi ACD

Sharepoint server SSO

Lenovo Partner Access - Overview

DOSarrest Security Services (DSS) Version 4.0

Portal Administration. Administrator Guide

Configuring on-premise Sharepoint server SSO

SAML single sign-on configuration overview

Migration Manual (For Outlook 2010)

Verify LDAP over SSL/TLS (LDAPS) and CA Certificate Using Ldp.exe

Installing Samsung SDS CellWe EMM cloud connectors and administrator consoles

Deployment Guide ICA Proxy for XenApp

DualShield SAML & SSO. Integration Guide. Copyright 2011 Deepnet Security Limited. Copyright 2011, Deepnet Security. All Rights Reserved.

Installation Logon Recording Basis. By AD Logon Name AD Logon Name(recommended) By Windows Logon Name IP Address

OneLogin Integration User Guide

CENTRAL AUTHENTICATION SERVICE (CAS) SSO FOR EMC DOCUMENTUM REST SERVICES

Getting Started With Delegated Administration

These instructions will allow you to configure your computer to install necessary software to access mystanwell.com.

Getting started with One Search for Destiny. Overview. Before you start. Enabling the One Search service

Cisco ASA Adaptive Security Appliance Single Sign-On: Solution Brief

Stoneware Inc. Hyland Software OnBase. Stoneware, Inc.

UNI Login. Authentication

Livezilla How to Install on Shared Hosting By: Jon Manning

Tenrox. Single Sign-On (SSO) Setup Guide. January, Tenrox. All rights reserved.

Tableau Server Trusted Authentication

INTEGRATION GUIDE. DIGIPASS Authentication for Salesforce using IDENTIKEY Federation Server

Transcription:

Spring Security CAS Plugin - Reference Documentation Burt Beckwith Version 3.0.0.M1

Table of Contents 1. Introduction to the Spring Security CAS Plugin................................................. 1 1.1. Release History.......................................................................... 1 2. Usage....................................................................................... 1 2.1. Installation.............................................................................. 2 2.2. Single Signout........................................................................... 2 3. Configuration............................................................................... 3

1. Introduction to the Spring Security CAS Plugin The CAS plugin adds CAS single sign-on support to a Grails application that uses Spring Security. It depends on the Spring Security Core plugin. Once you have configured a CAS server and have configured your Grails application(s) as clients, you can authenticate to any application that is a client of the CAS server and be automatically authenticated to all other clients. 1.1. Release History Version 3.0.0.M1 released September 23, 2015 Version 2.0-RC1 released November 11, 2013 Version 1.0.4 released July 11, 2012 Version 1.0.3 released July 4, 2012 Version 1.0.2 released February 12, 2011 Version 1.0.1 released September 1, 2010 Version 1.0 released July 27, 2010 Version 0.1 released June 18, 2010 2. Usage Configuring your CAS server is beyond the scope of this document. There are many different approaches and this will most likely be done by IT staff. It s assumed here that you already have a running CAS server. CAS is a popular single sign-on implementation. It s open source and has an Apache-like license, and is 1

easy to get started with but is also highly configurable. In addition it has clients written in Java,.Net, PHP, Perl, and other languages. 2.1. Installation There isn t much that you need to do in your application to be a CAS client. Add a dependency in build.gradle for this dependencies {... compile 'org.grails.plugins:spring-security-cas:3.0.0.m1' } then configure any required parameters and whatever optional parameters you want in application.yml or application.groovy. These are described in detail in the Configuration section but typically you only need to set these properties: cas: loginuri: /login serviceurl: http://localhost:8080/j_spring_cas_security_check serverurlprefix: https://your-cas-server/cas proxycallbackurl: http://localhost:8080/secure/receptor proxyreceptorurl: /secure/receptor 2.2. Single Signout Single signout is enabled by default and enables signing out for all CAS-managed applications with one logout. This works best in the plugin when combined with the afterlogouturl parameter, for example: logout: afterlogouturl: https://your-cas-server/cas/logout?url=http://localhost:8080/ With this configuration, when a user logs out locally by navigating to /logout/ they ll then be redirected to the CAS server s logout URL. This request includes a local URL to redirect back afterwards. When the whole process is finished they ll be logged out locally and at the CAS server, so subsequent secure URLs at the local server or other CAS-managed servers will require a new login. 2

If you don t want the single signout filter registered, you can disable the feature: cas: usesinglesignout: false 3. Configuration There are a few configuration options for the CAS plugin. All of these property overrides must be specified in grails-app/conf/application.yml (or application.groovy) using the grails.plugin.springsecurity suffix, for example cas: serverurlprefix: https://cas-server/cas Name Default Meaning cas.active true whether the plugin is enabled (e.g. to disable per-environment) cas.serverurlprefix null, must be set the 'root' of all CAS server URLs, e.g. https://cas-server/cas cas.serverurlencoding 'UTF-8' encoding for the server URL cas.loginuri null, must be set the login URI, relative to cas.serverurlprefix, e.g. /login cas.sendrenew false if true, ticket validation will only succeed if it was issued from a login form, but will fail if it was issued from a single sign-on session. Analogous to IS_AUTHENTICATED_FULLY in Spring Security cas.serviceurl null, must be set the local application login URL, e.g. http://localhost:8080/ j_spring_cas_security_check 3

Name Default Meaning cas.key 'grails-spring-security-cas', should be changed used by CasAuthenticationProvider to identify tokens it previously authenticated cas.artifactparameter 'ticket' the ticket login url parameter cas.serviceparameter 'service' the service login url parameter cas.filterprocessesurl '/j_spring_cas_security_check' the URL that the filter intercepts for login cas.proxycallbackurl null, should be set proxy callback url, e.g. 'http://localhost:8080/secure/rece ptor' cas.proxyreceptorurl null, should be set proxy receptor url, e.g. '/secure/receptor' cas.usesinglesignout true if true a org.jasig.cas.client.session. SingleSignOutFilter is registered 4

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information