CAS Setup( gradle overlay method): Ubuntu 20.04 + CAS 6.2 + LDAP - Need proper instructions.

[Root]

Hi All,

I am trying to build a working CAS setup with primary auth as LDAP and (alternate auths in future as SAML and Database).

I searched in google for proper doc for ubuntu with CAS & LDAP setup but was not able to find one, so i started giving a try myself.

I found one video tutorial but thats for 5.x version (https://www.youtube.com/watch?v=uuN2CvJ8I58)

Hardware specs:
VM instance
2 Vcpu
2 GB RAM + 2GB Swap
8GB SSD

Software specs:
Ubuntu 20.04 LTS server
JDK 11
gradle 6.3
Tomcat 9.0.35
LDAP- 389 Directory server-1.4.4.2


What I did till now:
I followed this basic tutorial here https://github.com/apereo/cas-overlay-template

Added below lines in build.gradle (Note: if i dont add plugin:java build throws error)

apply plugin:'java'
dependencies {

        compile "org.apereo.cas:cas-server-support-ldap:${project.'cas.version'}"
        compile "org.apereo.cas:cas-server-support-jdbc:${project.'cas.version'}"
        compile "org.apereo.cas:cas-server-support-saml:${project.'cas.version'}"
        compile "org.apereo.cas:cas-server-support-pm-webflow:${project.'cas.version'}"
        compile "org.apereo.cas:cas-server-webapp-config-server:${project.'cas.version'}"
}


Commands executed:

git clone https://github.com/apereo/cas-overlay-template.git

./gradlew clean build

./gradlew copyCasConfiguration

cp /home/it/cas-overlay-template/build/libs/cas.war /opt/tomcat/webapps/

After this i was able to get CAS page and able to login with default 'casuser' username and 'Mellon' password.

Issue:
I am not able to find the configuration files to change CAS url/ password reset URL, and LDAP connection configuration files!,  I deployed cas.war in /opt/tomcat/webapps/

inside /opt/tomcat/webapps/cas/WEB-INF/classes/ i can find only these files.

drwxr-x--- 4 tomcat tomcat 4.0K May 14 06:45 ./
drwxr-x--- 4 tomcat tomcat 4.0K May 14 06:45 ../
-rw-r----- 1 tomcat tomcat  205 May 14 06:24 cas-readme.txt
-rw-r----- 1 tomcat tomcat  198 May 14 06:24 git.properties
drwxr-x--- 2 tomcat tomcat 4.0K May 14 06:45 META-INF/
drwxr-x--- 3 tomcat tomcat 4.0K May 14 06:45 org/

The /opt/tomcat/webapps/cas/WEB-INF/lib/ directory contains all jar files

The file /etc/cas/config/cas.properties containes only 4 lines and i am sure it is not taking the config from there!, as its having default URL, but i am able to access the CAS with URL https://192.168.130.133:8443/cas .

I am not sure what i missed!, is it mandatory to install 'cas-management'? what do you guys suggest?.

[Kink Forumer]

Hi there,

I prepared my CAS 6.2 on a VM with

./gradlew clean
./gradlew copyCasConfiguration
./gradlew explodeWar
cp ./build/cas/WEB-INF/classes/application.properties /etc/cas/config/
cp ./build/cas/WEB-INF/classes/message.properties /etc/cas/config/

A gradlew run command takes the config from the local /etc/cas/...

When I compile I export the WAR file to another server (docker tomcat) in which I have replicated the /etc/cas/... folders and files.

This is where it reads it by default when using json properties.

You have added pm-webflow but I suspect it still requires pm-ldad or pm-somethigntohandlethestorage of password management.

Good luck! So CAS has giving me the hardest learning curve I have ever encountered! It is slowly coming in LOL

--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/28a98abb-4ef5-4257-954d-1a78bc5ba78d%40apereo.org.

[Root]

Hi Kink,

Thanks for the reply.

Strange!, for me the application.properties , messages and all html files are in this path "/build/cas-resources/" , do we need to copy it manually to /etc/cas/config/ ?

OR if we copy it in tomcat webapps it should work?, earlier versions worked like this.

/opt/tomcat/webapps/cas/WEB-INF/  ?

For LDAP support:

pm-ldap is for password management, i have a diff application which can manage password, but

I have already added ldap support in build.gradle file 

compile "org.apereo.cas:cas-server-support-ldap:${project.'cas.version'}"  

and in the tomcat webapps cas path i can see the ldap jar files.

root@it:/opt/tomcat/webapps/cas/WEB-INF/lib# ll | grep ldap

-rw-r----- 1 tomcat tomcat  20K May 14 06:12 cas-server-support-ldap-6.2.0-SNAPSHOT.jar
-rw-r----- 1 tomcat tomcat  32K May 14 06:12 cas-server-support-ldap-core-6.2.0-SNAPSHOT.jar
-rw-r----- 1 tomcat tomcat 871K May 13 06:17 ldaptive-2.0.0-RC4.jar
-rw-r----- 1 tomcat tomcat  94K May 13 06:17 ldaptive-beans-2.0.0-RC4.jar

To unsubscribe from this group and stop receiving emails from it, send an email to cas-...@apereo.org.

[Kink Forumer]

CAS can take its properties in so many ways this is flexible and insane at the same time.

https://apereo.github.io/cas/development/configuration/Configuration-Properties.html

I have personally chosen the Directory approach and more specifically with /etc/cas/...

It makes it independent from the WAR (settings in one place, application in the other), and the service settings, which I defined with json, are loadable on the fly as CAS detects changes!

So yes, copy the files manually and modify them according to your needs!

To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/f02695c6-d6e7-49e1-a44a-1864eeb2cb9d%40apereo.org.

[Root]

Hey Kink,

Thanks i copied the files manually to /etc/cas/config/ and after few trials with variables in cas.properties I was able to authenticate via LDAP in CAS web.

Next thing I have to change page texts, images and layout, you have any idea which files i have to copy and to where?.

I have one question. is it necessary to have  /etc/cas/services  folder? for authentication of websites?, I just want CAS to be free and authenticate to any websites requests.




Still i have to do many tests like doing reverse proxy with CAS, changing login and logout pages etc.. and dono whether this supports "google recaptcha"!.

To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/f02695c6-d6e7-49e1-a44a-1864eeb2cb9d%40apereo.org.

[Ray Bon]

For UI customization, see https://apereo.github.io/cas/6.1.x/ux/User-Interface-Customization.html

This default service will allow all applications, https://github.com/apereo/cas/tree/master/webapp/cas-server-webapp-resources, drill down to services directory. It is already included, so all you need to do is set up your client apps.

The default service does not support proxying. Unless you add proxying to the default service (and consequently every service), you will need to have more than one service defined.

Ray

On Fri, 2020-05-15 at 09:09 -0700, Root wrote:

Notice: This message was sent from outside the University of Victoria email system. Please be cautious with links and sensitive information.

-- 

Ray Bon

Programmer Analyst

Development Services, University Systems

2507218831 | CLE 019 | rb...@uvic.ca

I respectfully acknowledge that my place of work is located within the ancestral, traditional and unceded territory of the Songhees, Esquimalt and WSÁNEĆ Nations.

[Daniel Maldonado]

If either of you is able to customize the interface please let me know how.  I have tried as described here:  https://stackoverflow.com/questions/61300592/cas-switch-the-themes-based-on-different-services

However, so far my efforts have been futile  :-)

To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/c2d9e39770c949cfec465f3a637508ce3335fc8f.camel%40uvic.ca.

[Root]

@rbon,

Thanks for the link, i was just going through the link, and as specified here  https://apereo.github.io/cas/6.1.x/ux/User-Interface-Customization-CSSJS.html

I was trying to find cas.css and other js files, but i couldn't find it in the build src directory, instead i found 2 dirs as below.

root@it:/home/it/cas-overlay-template/src/main# ll
total 16K
drwxr-xr-x 4 root root 4.0K May 14 06:03 ./
drwxr-xr-x 3 root root 4.0K May 14 06:03 ../
drwxr-xr-x 3 root root 4.0K May 14 06:03 jib/
drwxr-xr-x 3 root root 4.0K May 14 06:03 webapp/

I found a resource directory in diff path but there were no mentioned files as below

root@it:/home/it/cas-overlay-template/build/resources/main# ll
total 12K
drwxr-xr-x 3 root root 4.0K May 15 06:59 ./
drwxr-xr-x 3 root root 4.0K May 15 06:59 ../
drwxr-xr-x 2 root root 4.0K May 15 06:59 META-INF/
root@it:/home/it/cas-overlay-template/build/resources/main# cd META-INF/

root@it:/home/it/cas-overlay-template/build/resources/main/META-INF# ll
total 12K
drwxr-xr-x 2 root root 4.0K May 15 06:59 ./
drwxr-xr-x 3 root root 4.0K May 15 06:59 ../
-rw-r--r-- 1 root root  128 May 15 06:59 build-info.properties
root@it:/home/it/cas-overlay-template/build/resources/main/META-INF#

Do i need to copy it from somewhere else?, because gradlew build didn't gave me these files!, and its not there even in tomcat webapps dir as below.

root@it:/opt/tomcat/webapps/cas/WEB-INF/classes# ll
total 20K
drwxr-x--- 4 tomcat tomcat 4.0K May 15 15:03 ./
drwxr-x--- 4 tomcat tomcat 4.0K May 15 09:05 ../
-rw-r----- 1 tomcat tomcat  205 May 15 06:59 cas-readme.txt
drwxr-x--- 2 tomcat tomcat 4.0K May 15 09:05 META-INF/
drwxr-x--- 3 tomcat tomcat 4.0K May 15 09:05 org/

[Matthieu Marc]

After having build your instance with gradle, you will find in build/overlays/bootWar/cas/WEB-INF/lib all jar files used by your instance. I am using tomcat embedded implementation, maybee jar are in another place.

You will find this jar file cas-server-webapp-resources-6.1.5.jar (or another version). This archive can be unzipped and you will find in it all the css/js/html/template... files you need.

If you do not find the jar file, check in your /opt/tomcat/webapps/cas/WEB-INF/lib/ directory.

To override file in this jar file, put your version in src/main/resources with the same directory structure you find in the jar file (for example, if you want to override the file static/js/cas.js, put your version in src/main/resources/static/js/cas.js).

Matthieu

[Root]

@Matthieu Marc

Thanks for the info, looks like there are some changes in the path for 6.2 version, i found all the files in 2 jar files

properties files present in below jar

cas-server-webapp-resources-6.2.0-SNAPSHOT.jar

All default  CSS / JS and HTML files are in

cas-server-support-thymeleaf-6.2.0-SNAPSHOT.jar

Then for testing i placed all extracted HTML/CSS files and folders under  /opt/tomcat/webapps/cas/WEB-INF/classes/  and changed some header and footer texts, after tomcat restart the changes were visible.

every time making changes and building war file takes time so making backup of jar files and changing in tomcat folder seems good for now.

@CanaryJudge

See if you are comfortable in changing themes like this.

[Daniel Maldonado]

I am comfortable doing this however it is very suspect to have to BUILD the project EVERY time I want to create a new theme. 

There are some properties in this section: https://apereo.github.io/cas/6.1.x/ux/User-Interface-Customization-Themes.html

Specifically under Dynamic Themes that seems to imply that the “new theme” does not have to be part of the build process.

I have a feeling that I am very close to solving this issue so I appreciate your input.

To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/f15df9ed-c63f-407f-b126-144c8e28261d%40apereo.org.

[Jason Everling]

It much easier, development wise, to use IntelliJ Idea to prepare and deploy CAS, you could also probably use Eclipse

[Daniel Maldonado]

Yes, from a development standpoint it would be.  However, to just “use” CAS we probably don’t need to be a developer.  A containerized app with some external configuration is not unheard of :-)

On May 17, 2020, at 6:45 PM, Jason Everling <jason.e...@gmail.com> wrote:

It much easier, development wise, to use IntelliJ Idea to prepare and deploy CAS, you could also probably use Eclipse

--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.

To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/5b8ab696-822a-4ea0-ac75-26dce95c6eb7%40apereo.org.

[Jason Everling]

ah yes for basic config no, i was really referring to changing the styles, layouts, etc.. you wouldn't have to keep rebuilding 

On Sunday, May 17, 2020 at 5:54:05 PM UTC-5, CanaryJudge wrote:

Yes, from a development standpoint it would be.  However, to just “use” CAS we probably don’t need to be a developer.  A containerized app with some external configuration is not unheard of :-)

On May 17, 2020, at 6:45 PM, Jason Everling <jason....@gmail.com> wrote:

It much easier, development wise, to use IntelliJ Idea to prepare and deploy CAS, you could also probably use Eclipse

--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.

To unsubscribe from this group and stop receiving emails from it, send an email to cas-...@apereo.org.

[Daniel Maldonado]

That is exactly the point of this configuration.  I did now want to rebuild every time I need to add/change a style.

To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/e228b956-eae7-4b3b-8e82-c200b12d0407%40apereo.org.