Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Alfresco Community and CAS - SSO

frank_s
Champ in-the-making
Champ in-the-making

‎05-13-2008 09:00 AM

Hi,

over the last few weeks, I've tried to configure Alfresco Community with CAS, and have failed to do so. I have posted a number of questions regarding this on the forums, yet these have been left unanswered. I noticed that other forum members posted questions about the same topic, but a lot of these threads seem to have been abandoned.

This makes me wonder:
1. Has anybody been successful in setting up Alfresco CE using CAS authentication without using the Cignex war?
2. Is it possible to do so with the currently available distributable (Alfresco CE 2.9B), or am I trying to do the impossible?

Any feedback and/or personal experiences would be extremely welcome.

Thanks for your time,

Frank.
Labels:
0 Kudos
14 REPLIES 14

mikewaters
Champ in-the-making
Champ in-the-making

‎05-21-2008 12:55 PM

Hi again - I have created that wiki page with instructions to integrate Alfresco with CAS

http://wiki.alfresco.com/wiki/Central_Authentication_Service_Configuration

Let us know how you get on!

-Mike
Keem Bay Research
http://keembay.com
0 Kudos

frank_s
Champ in-the-making
Champ in-the-making

‎05-21-2008 01:01 PM

Wow! You totally rock - that's an absolutely spectacular effort! Thank you so much - I'll give it a whirl first thing tomorrow.

Thanks again,

f.
0 Kudos

frank_s
Champ in-the-making
Champ in-the-making

‎05-22-2008 10:35 AM

Mike,

thank you again for the sterling effort - I followed your instructions on the wiki and I'm now running a fully CASified Alfresco, thanks to you! Here's what I learned:

  • I didn't get any joy using cas-client-core-3.1.1.jar. When starting up Tomcat in step "Testing CAS Protection", Tomcat threw an exception ("ClassNotFound exception: edu.yale.its.tp.cas.client.filter.CASFilter").
    • Closer inspection revealed that the structure of the 2.x casclient.jar seems to differ fundamentally from the cas-client-core-3.1.1.jar:
    • The class structure is no longer 'edu.yale.its.tp.cas.client…', but 'org.jasig.cas.client…'

    • There doesn't seem to be a CASFilter.class in cas-client-core.3.1.1.jar.
      • Tomcat started up without a hitch when I followed your instructions but used the casclient.jar from the cas-client-2.0.11 distribution.
  • There seems to be a typo in your web.xml snippet. In the filter-mapping, the url-pattern is
    • <url-pattern>/faces*</url-pattern>
    but I believe it should be
    <url-pattern>/faces/*</url-pattern>

  • A really weird thing happened when I tried to make the redirect work (step "Testing CAS Protection"). Alfresco displayed a "System error" screen every time when it returned from CAS, despite closing all browser windows religiously and restarting Tomcat. I only figured out after some time that this was due to me just using the

    •          <filter-mapping>
                <filter-name>Authentication Filter</filter-name>
                <url-pattern>/faces/*</url-pattern>
             </filter-mapping>
    and changing Authentication to CAS in the filter-name.
The last point is probably not worth mentioning on the wiki page - I just included it so that plonkers like myself  :? can find it here and know that Bad Things will happen if they do this, because there's really no clue (at least none that would be obvious to me) in the error messages what causes them…

For reference, here's the setup I'm using: JA-SIG CAS Server 3.2 is authenticating against ApacheDS 1.0.2, both are running on the same Windows XP box.
Alfresco 2.1 CE (using JA-SIG CAS Client 2.0.11) is running on a separate machine (Windows Server 2003 under VMWare); I'm using Java SDK 1.6.0-05 on both machines.

The only things that remain for me to do is to set up LDAP synch to the Alfresco user accounts (a whole new world of pain all on its own, by the sound of it…), and CASifying the PHP application that I'm also using (I'm almost looking forward to that one, 'cos it'll be the first time for a long time that I'm going to be in a situation where I know what I'm doing…  Smiley Very Happy ).

Again, I can't thank you enough - I'd already given up on getting this to work…

All the best,

Frank.
0 Kudos

mikewaters
Champ in-the-making
Champ in-the-making

‎05-23-2008 02:08 PM

Hi Frank

Congratulations! and thanks for the feedback - and sorry for the typos.

About the client jar file I double checked my cas-client jar version, the one I used was in fact casclient-2.1.1.jar

It actually comes with the server release, inside the war file. (ie in cas-server-3.2.1-release.tar.gz at path cas-server-3.2.1/modules/cas-server-webapp-3.2.1.war. The path inside the war is WEB-INF/lib) so there is no need for the cas-client release at least for what we are doing.

I'll update the wiki

cheers

-Mike
0 Kudos

mmontecchi
Champ in-the-making
Champ in-the-making

‎08-01-2008 06:24 AM

Hi,
thanks all for the very usefull info to integrate CAS and Alfresco.
I have only a more question: what's about the CAS/ALfresco logout ? Someone was able to configure?

Thanks
Massimo Montecchi
EC Company
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2025 Khoros, LLC