Authentication Wiki  CAS Authentication
  
Hierarchy
  • RSS Feed

Last modified on 1/10/2018 3:24 PM by User.

Tags:
CAS

CAS Authentication

 

Single sign using CAS involves adding the Brainfuse provided service URL into the CAS configuration file as a CAS service provider. Additionally there are usually configuration changes required to release the attributes to Brainfuse.

Brainfuse will need to be provided with the CAS URL that Brainfuse will send the students to for authentication upon arriving at the site.

Brainfuse side of the CAS integration expects the following attributes in the ticket response:

  • cn the unique identifier of the student.
  • gn the should be the student's first name.
  • sn the student's last name.
  • EmailAddress the email address of the student.

 

JASIG Version 3.5.2 and below

Due to a bug in Jasig version 3.5.2 and before, it was fixed in version 4 and above. According to the references below,  you need to make these changes:

 

http://comments.gmane.org/gmane.comp.java.jasig.cas.user/25347

and this

http://stackoverflow.com/questions/4882298/getting-more-attributes-from-cas-than-just-user-id

 

Basically what you need to do is modify the jsp file casServiceValidationSuccess.jsp. Add the bolded lines before the </cas:authenticationSuccess>. Your final code should look like this.

 

1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
16:
17:
18:
19:
20:
21:
22:
23:
24:
25:
26:
27:
28:
29:
30:
31:
32:
33:
34:
35:
36:
37:
38:
39:
40:
41:
42:
43:
44:
45:
46:
47:
48:
49:
50:
51:

<cas:authenticationSuccess>	 



	                <cas:user>${fn:escapeXml(assertion.primaryAuthentication.principal.id)}</cas:user>



<c:if test="${not empty pgtIou}">	 



	                       <cas:proxyGrantingTicket>${pgtIou}</cas:proxyGrantingTicket>	



	        </c:if>	



	        <c:if test="${fn:length(assertion.chainedAuthentications) > 1}">	



	                 <cas:proxies>	



	            <c:forEach var="proxy" 

                        items="${assertion.chainedAuthentications}" 

                        varStatus="loopStatus" begin="0" 

                        end="${fn:length(assertion.chainedAuthentications)-2}" step="1">	



	                            <cas:proxy>${fn:escapeXml(proxy.principal.id)}</cas:proxy>	



	            </c:forEach>	



	                 </cas:proxies>	



	        </c:if>

<cas:attributes>

 

 

    <c:forEach var="attr"

          items="${assertion.chainedAuthentications[fn:length(assertion.chainedAuthentications)-1].principal.attributes}">

         <cas:${fn:escapeXml(attr.key)}>${fn:escapeXml(attr.value)}</cas:${fn:escapeXml(attr.key)}>

    </c:forEach>

 

</cas:attributes>

</cas:authenticationSuccess>