├── .gitignore ├── README.md ├── cas-sample-java-webapp.iml ├── etc └── jetty │ ├── jetty-https.xml │ ├── jetty-ssl.xml │ ├── jetty.xml │ └── web.xml ├── pom.xml └── src └── main ├── resources └── log4j.xml └── webapp ├── WEB-INF └── web.xml ├── index.jsp └── logout.jsp /.gitignore: -------------------------------------------------------------------------------- 1 | .classpath 2 | !/.project 3 | .project 4 | .settings 5 | target/ 6 | .idea/ 7 | .DS_Store 8 | .idea 9 | overlays/ 10 | 11 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Example CASified Java Web Application 2 | 3 | This is sample java web application that exercises the CAS protocol features via the Java CAS Client. 4 | 5 | Configure 6 | --------- 7 | 8 | - Adjust the url endpoints of the CAS server and 9 | the application server in the [`web.xml`](https://github.com/UniconLabs/cas-sample-java-webapp/blob/master/src/main/webapp/WEB-INF/web.xml) file. 10 | 11 | ## Build 12 | 13 | * Create a Java keystore at `/etc/cas/jetty/thekeystore` with the password `changeit`. 14 | * Import your server certificate inside this keystore. 15 | 16 | ```bash 17 | mvn clean package jetty:run-forked 18 | ``` 19 | 20 | The application will be available on: 21 | ```bash 22 | http://localhost:9080/sample 23 | ``` 24 | and 25 | ```bash 26 | https://localhost:9443/sample 27 | ``` 28 | 29 | 30 | ## Testing High Availability 31 | 32 | Assuming you have deployed CAS on two nodes, you can use the sample application to make sure all nodes are properly 33 | sharing the ticket state. To do this, in the `web.xml` file ensure that: 34 | 35 | - The `casServerLoginUrl` of the `CAS Authentication Filter` points to CAS node 1 (i.e `https://cas1.sso.edu:8443/cas/login`). 36 | - The `casServerUrlPrefix` of the `CAS Validation Filter` points to CAS node 2 (i.e `https://cas2.sso.edu:8443/cas`) 37 | - For both of the above filters, the `serverName` should always point to the location where *this sample application* is deployed. 38 | 39 | 40 | Deploy the application and test. You may also want to reverse the order of CAS 41 | nodes 1 and 2 in the above configuration, redeploy and test again. 42 | 43 | > Alternatively, one could test distributed CAS nodes without any client application 44 | set up using [this](https://github.com/UniconLabs/duct) small command line utility 45 | 46 | 47 | 48 | 49 | -------------------------------------------------------------------------------- /cas-sample-java-webapp.iml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | -------------------------------------------------------------------------------- /etc/jetty/jetty-https.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | http/1.1 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | -------------------------------------------------------------------------------- /etc/jetty/jetty-ssl.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 | 70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 | 88 | 89 | 90 | 91 | 92 | 93 | -------------------------------------------------------------------------------- /etc/jetty/jetty.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 48 | 49 | 50 | 51 | 52 | false 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 | 70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 | 88 | 89 | 90 | 95 | 96 | 97 | 98 | 99 | 100 | 101 | 102 | 103 | 104 | 105 | 106 | 107 | 108 | 109 | 110 | 111 | 112 | 113 | 114 | 115 | 116 | 117 | 118 | 119 | 120 | 121 | 122 | 123 | 124 | 125 | 126 | 127 | 5000 128 | 129 | 130 | 131 | 132 | -------------------------------------------------------------------------------- /etc/jetty/web.xml: -------------------------------------------------------------------------------- 1 | 2 | 20 | 23 | 24 | 25 | -------------------------------------------------------------------------------- /pom.xml: -------------------------------------------------------------------------------- 1 | 3 | 4.0.0 4 | iamlabs.unicon.net 5 | cas-sample-java-webapp 6 | 0.0.1-SNAPSHOT 7 | war 8 | CAS Example Java Web App 9 | A sample web application that exercises the CAS protocol features via the Java CAS Client. 10 | 11 | cas-sample-java-webapp 12 | 13 | 14 | org.apache.maven.plugins 15 | maven-compiler-plugin 16 | 3.5.1 17 | 18 | 1.8 19 | 1.8 20 | 21 | 22 | 23 | org.eclipse.jetty 24 | jetty-maven-plugin 25 | 9.3.6.v20151106 26 | 27 | ${basedir}/etc/jetty/jetty.xml,${basedir}/etc/jetty/jetty-ssl.xml,${basedir}/etc/jetty/jetty-https.xml 28 | 29 | 30 | org.eclipse.jetty.annotations.maxWait 31 | 300 32 | 33 | 34 | 35 | /sample 36 | ${basedir}/etc/jetty/web.xml 37 | 38 | -Xdebug -Xrunjdwp:transport=dt_socket,address=5002,server=y,suspend=n 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | commons-logging 48 | commons-logging 49 | 1.1.1 50 | 51 | 52 | 53 | log4j 54 | log4j 55 | 1.2.17 56 | 57 | 58 | 59 | org.jasig.cas.client 60 | cas-client-core 61 | 3.4.1 62 | 63 | 64 | javax.servlet 65 | servlet-api 66 | 67 | 68 | 69 | 70 | 71 | -------------------------------------------------------------------------------- /src/main/resources/log4j.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 5 | 6 | 7 | 8 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | -------------------------------------------------------------------------------- /src/main/webapp/WEB-INF/web.xml: -------------------------------------------------------------------------------- 1 | 2 | 4 | 5 | 11 | 12 | 13 | CAS Single Sign Out Filter 14 | org.jasig.cas.client.session.SingleSignOutFilter 15 | 16 | casServerUrlPrefix 17 | https://mmoayyed.unicon.net:8443/cas 18 | 19 | 20 | 21 | 22 | org.jasig.cas.client.session.SingleSignOutHttpSessionListener 23 | 24 | 25 | 26 | CAS Authentication Filter 27 | 28 | org.jasig.cas.client.authentication.AuthenticationFilter 29 | 30 | casServerLoginUrl 31 | https://mmoayyed.unicon.net:8443/cas/login 32 | 33 | 34 | serverName 35 | https://mmoayyed.unicon.net:9443 36 | 37 | 38 | 39 | 40 | CAS Validation Filter 41 | 42 | org.jasig.cas.client.validation.Cas30ProxyReceivingTicketValidationFilter 43 | 44 | casServerUrlPrefix 45 | https://mmoayyed.unicon.net:8443/cas 46 | 47 | 48 | serverName 49 | https://mmoayyed.unicon.net:9443 50 | 51 | 52 | redirectAfterValidation 53 | true 54 | 55 | 56 | useSession 57 | true 58 | 59 | 73 | 74 | authn_method 75 | mfa-duo 76 | 77 | 78 | 79 | 80 | CAS HttpServletRequest Wrapper Filter 81 | org.jasig.cas.client.util.HttpServletRequestWrapperFilter 82 | 83 | 84 | 85 | CAS Single Sign Out Filter 86 | /* 87 | 88 | 89 | 90 | CAS Validation Filter 91 | /* 92 | 93 | 94 | 95 | CAS Authentication Filter 96 | /* 97 | 98 | 99 | 100 | CAS HttpServletRequest Wrapper Filter 101 | /* 102 | 103 | 104 | 105 | 106 | index.jsp 107 | 108 | 109 | 110 | -------------------------------------------------------------------------------- /src/main/webapp/index.jsp: -------------------------------------------------------------------------------- 1 | <%@page contentType="text/html" %> 2 | <%@page pageEncoding="UTF-8" %> 3 | <%@ page import="java.util.Map" %> 4 | <%@ page import="java.util.Iterator" %> 5 | <%@ page import="java.util.List" %> 6 | <%@ page import="org.jasig.cas.client.authentication.AttributePrincipal" %> 7 | 8 | 10 | 11 | 12 | 13 | 14 | CAS Example Java Web App 15 | 16 | 17 | 18 |

CAS Example Java Web App

19 |

A sample web application that exercises the CAS protocol features via the Java CAS Client.

20 |

21 | 22 |

Authenticated User Id: <%= request.getRemoteUser() %> 23 |

24 | 25 | <% 26 | if (request.getUserPrincipal() != null) { 27 | AttributePrincipal principal = (AttributePrincipal) request.getUserPrincipal(); 28 | 29 | final Map attributes = principal.getAttributes(); 30 | 31 | if (attributes != null) { 32 | Iterator attributeNames = attributes.keySet().iterator(); 33 | out.println("Attributes:"); 34 | 35 | if (attributeNames.hasNext()) { 36 | out.println("

"); 37 | out.println(""); 38 | out.println(""); 39 | 40 | for (; attributeNames.hasNext(); ) { 41 | out.println(""); 59 | } 60 | out.println("

Attributes
Key	Value
"); 42 \| String attributeName = (String) attributeNames.next(); 43 \| out.println(attributeName); 44 \| out.println("	"); 45 \| final Object attributeValue = attributes.get(attributeName); 46 \| 47 \| if (attributeValue instanceof List) { 48 \| final List values = (List) attributeValue; 49 \| out.println("Multi-valued attribute: " + values.size() + ""); 50 \| out.println(" "); 51 \| for (Object value : values) { 52 \| out.println(" " + value + " "); 53 \| } 54 \| out.println(" "); 55 \| } else { 56 \| out.println(attributeValue); 57 \| } 58 \| out.println("

Attributes

Key

Value

"); 42 | String attributeName = (String) attributeNames.next(); 43 | out.println(attributeName); 44 | out.println("

"); 45 | final Object attributeValue = attributes.get(attributeName); 46 | 47 | if (attributeValue instanceof List) { 48 | final List values = (List) attributeValue; 49 | out.println("Multi-valued attribute: " + values.size() + ""); 50 | out.println("

" + value + "

"); 55 | } else { 56 | out.println(attributeValue); 57 | } 58 | out.println("

"); 61 | } else { 62 | out.print("No attributes are supplied by the CAS server.

"); 63 | } 64 | } else { 65 | out.println("

The attribute map is empty. Review your CAS filter configurations.

"); 66 | } 67 | } else { 68 | out.println("

The user principal is empty from the request object. Review the wrapper filter configuration.

"); 69 | } 70 | %> 71 | 72 | 73 | 74 | -------------------------------------------------------------------------------- /src/main/webapp/logout.jsp: -------------------------------------------------------------------------------- 1 | <%@page contentType="text/html" %> 2 | <%@page pageEncoding="UTF-8" %> 3 | <%@ page import="java.util.Map" %> 4 | <%@ page import="java.util.Iterator" %> 5 | <%@ page import="org.jasig.cas.client.authentication.AttributePrincipal" %> 6 | 7 | 9 | 10 | <% 11 | session.invalidate(); 12 | %> 13 | 14 | 15 | 16 | 17 | CAS Example Java Web App 18 | 19 | 20 |

CAS Example Java Web App

21 |

Application session is now invalidated. You may also issue a request to "/cas/logout" to destroy the CAS SSO Session as well.

22 |

23 | 24 | Back to Home 25 | 26 | 27 | --------------------------------------------------------------------------------