Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

trouble with alfresco + cas

sean
Champ in-the-making
Champ in-the-making

‎08-15-2006 05:45 AM

hi folks,

i've been tasked with evaluating alfresco for my company.  it seems like a really cool product.  after playing around with the default install for a bit and r'ing tfm's, i've attempted unsuccessfully to get SSO via CAS working.

first i tried to use the acegi hooks in the authentication context file but couldn't seem to get things working via that route.  things were further complicated by the bundled version of acegi being outdated wrt the latest upstream version (and hence the documentation i had was not fully accurate).  furthermore, the latest version has a different namespace (org.acegisecurity instead of under net.sf), with some subtle yet non-backwards-compatible API changes.

i'm now trying to authenticate via CAS directly, by replacing the authentication filter in web.xml.  i've had more success with this route, though not much.  now when i request /alfresco, i'm sent to the cas login page, and after authenticating i'm sent back to alfresco (so far so good), but then alfresco sends me a 302 header sending me back to cas, which thinks there's nothing wrong and 302's me back to alfresco, etc etc.

i saw a similar problem in the forums that was solved by recompiling alfresco with a different name for ARG_TICKET in baseServlet.java, which i've tried without success.

does anyone have an idea of what else could be a problem?  any help would be greatly appreciated!

    sean
Labels:
0 Kudos
32 REPLIES 32

jayesh_prajapat
Star Contributor
Star Contributor

‎05-10-2007 08:12 AM

What version of the CAS client are you using?  Are you using cas-web.war from the Liferay site?  Where did you put the casclient.jar? 

How do you relate alfresco's user with the CAS user?  I'm using liferay.com.1 from the liferay-CAS installation and when I access the Alfresco portlet I still need to login.

i have deploy liferay4.2.1 and also deploy alfresco2.0's .war file in it. now i want SSO for both liferay and alfresco client. so how can i do so..  :?

i also want to know u are talking about casclient.jar, so from where i can have that jar file     :?:
0 Kudos

jlopez
Champ in-the-making
Champ in-the-making

‎07-18-2007 05:56 AM

Hi everybody, I have Alfresco 2.0 integrated in liferay 4.2.2 trought an IFrame and I want to use CAS to autologin in Alfresco and anothers Iframes and I want to test the solution that alarocca has posted, the problem is that I don't have the development environment installed and I would appreciate if somebody could upload the CASAuthenticationFilter.class to try this solution.

If I have the CAS filter written in the liferay's web.xml, is necessary to put it in the Alfresco's web.xml too?

Than you very much.
0 Kudos

jlopez
Champ in-the-making
Champ in-the-making

‎07-23-2007 07:04 AM

Hi, anybody can help me?

When I try to modify the Novell… class the bold part throughs an error, do I have to write any import or any package in the class?

String authHdr = (String) req.getSession().getAttribute(CASFilter.CAS_FILTER_USER);

Thank you very much.
0 Kudos

jonas
Champ in-the-making
Champ in-the-making

‎07-24-2007 12:49 PM

Hi

There is one bug at casclient.jar, as well as I had mentioned in Liferay-Alfresco meet-up presentation.

You can get an example for Liferay Portal (4.3), Alfresco Portlet (2.1), LDAP ADS and SSO CAS - full integration at

http://liferay.cignex.com.

and Real Demo, Instructions for Do-It-Yourselfers.

It is my pleasure to see that instructions are working for everyone. Furthermore, it would be nice that you could let me know your usage and enjoy your success.


Good luck!
0 Kudos

jlopez
Champ in-the-making
Champ in-the-making

‎07-25-2007 02:15 AM

Thank you very much but I have to use the version 4.2.2 of LP and my company uses OpenLDAP so I'm afraid that your example won't be useful for me.
0 Kudos

jonas
Champ in-the-making
Champ in-the-making

‎07-25-2007 01:35 PM

Hi

We have tested all in Liferay 4.2.2. It is working fine.

For LDAP, we have tested in ADS (Active Directory Server) and Apache Directory Server. The testing in OpenLDAP is on the way.

For different LDAP servers, there are only configure files changes.

The solution is generic for any LDAP servers.

Good luck!
0 Kudos

kevinr
Star Contributor
Star Contributor

‎08-22-2007 04:51 AM

PLEASE only post once.
0 Kudos

jonas
Champ in-the-making
Champ in-the-making

‎08-22-2007 10:33 AM

Hi,

Should anyone reply alfresco_asia's or others post? or just leave it? :shock:

for alfresco_asia,

You should use LDAP absolutely for CAS SSO server. For more details, please refer to instructions for Do-It-Yourselfers at http://liferay.cignex.com
0 Kudos

patrik
Champ on-the-rise
Champ on-the-rise

‎08-29-2007 08:05 AM

I'd like to get alfresco to authenticate against CAS but i'm having trouble. After logging in on the CAS login page i get the following error:
org.alfresco.error.AlfrescoRuntimeException: Transaction must be active and synchronization is required

Someone had a similar problem described in http://issues.alfresco.com/browse/AWC-952 but i didn't get a solution.

I'm using authentication filter NovellIChainsHTTPRequestAuthenticationFilter where i have modified
String authHdr = (String) req.getSession().getAttribute(CASFilter.CAS_FILTER_USER);

Relevant parts of my web.xml are:

<filter>
      <filter-name>CAS Filter</filter-name>
   <filter-class>edu.yale.its.tp.cas.client.filter.CASFilter</filter-class>
   <init-param>
      <param-name>edu.yale.its.tp.cas.client.filter.loginUrl</param-name>
      <param-value>https://server:8443/cas-web/login</param-value>
   </init-param>
   <init-param>
      <param-name>edu.yale.its.tp.cas.client.filter.validateUrl</param-name>
      <param-value>https://server:8443/cas-web/serviceValidate</param-value>
   </init-param>
   <init-param>
      <param-name>edu.yale.its.tp.cas.client.filter.serviceUrl</param-name>
      <param-value>http://localhost:8080/alfresco/faces/jsp/login.jsp</param-value>
   </init-param>
   </filter>
  
   <filter>
      <filter-name>Authentication Filter</filter-name>
  <filter-class>org.alfresco.web.app.servlet.NovellIChainsHTTPRequestAuthenticationFilter</filter-class>
       
   </filter>

   <filter>
      <filter-name>WebDAV Authentication Filter</filter-name>
      <filter-class>org.alfresco.repo.webdav.auth.AuthenticationFilter</filter-class>
     
      <!– For NTLM authentication support use the following filter –>
      <!–
        <filter-class>org.alfresco.repo.webdav.auth.NTLMAuthenticationFilter</filter-class>
      –>
   </filter>

   <filter>
      <filter-name>Admin Authentication Filter</filter-name>
      <filter-class>org.alfresco.web.app.servlet.AdminAuthenticationFilter</filter-class>
   </filter>
   <filter-mapping>
      <filter-name>CAS Filter</filter-name>
      <url-pattern>/faces/*</url-pattern>
   </filter-mapping>
  
   <filter-mapping>
      <filter-name>CAS Filter</filter-name>
      <url-pattern>/template/*</url-pattern>
   </filter-mapping>
  
   <filter-mapping>
      <filter-name>CAS Filter</filter-name>
      <url-pattern>/download/*</url-pattern>
   </filter-mapping>
  
   <filter-mapping>
      <filter-name>Authentication Filter</filter-name>
      <url-pattern>/faces/*</url-pattern>
   </filter-mapping>

I use alfresco 2.1 and casclient 2.0.11.
Regards
0 Kudos

patrik
Champ on-the-rise
Champ on-the-rise

‎08-29-2007 08:32 AM

solved it myself. Of course things get solved first when i got so desperate to post here Smiley Happy

I only needed to configure my ldap authentication context.
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2025 Khoros, LLC