Hi,
Our site is also looking at using CAS in Opencast v11 and having difficulties.
When debugging, I notice that a couple months after a CAS module patch was merged into a previous version of OC, a library update patch got merged in that updated the version of a security-cas-client-wrapper module dependency “opensaml" from 1.1 to 2.6.4 in the main pom. This affects the version in the opencast-security-cas-client-wrapper.
The previous opensaml library 1.1 has no dependencies, but the updated opensaml library 2.6.4 has seven additional dependencies.
See:
A possible resolution for the missing opencast-security-cas-client-wrapper dependency issue is to declare some potentially missing dependencies into its pom
<dependency>
<groupId>org.jasig.cas.client</groupId>
<artifactId>cas-client-core</artifactId>
<!— correct version 3.3.3 in main POM -->
</dependency>
<!-- ---------------- -->
<!-- The 2 jasig cas-client-core dependencies -->
<!-- ---------------- -->
<dependency>
<!-- ADD?! currently missing -->
<groupId>commons-codec</groupId>
<artifactId>commons-codec</artifactId>
<!— correct version 1.15 version in main POM -->
</dependency>
<dependency>
<groupId>org.opensaml</groupId>
<artifactId>opensaml</artifactId>
<!-- correct version>2.6.4</version in main POM -->
</dependency>
<!-- ---------------- -->
<!-- The 7 opensaml dependencies -->
<!-- ---------------- -->
<dependency>
<!-- ADD?! currently missing -->
<groupId>org.apache.commons</groupId>
<artifactId>commons-collections4</artifactId>
<!-- correct version>4.4</version in main POM -->
</dependency>
<dependency>
<!-- ADD?! currently missing -->
<groupId>org.apache.commons</groupId>
<artifactId>commons-lang3</artifactId>
<!-- correct version>3.12.0</version in main POM -->
</dependency>
<dependency>
<!-- ADD?! currently missing -->
<groupId>joda-time</groupId>
<artifactId>joda-time</artifactId>
<!— earlier version 2.10.10 in main POM -->
<version>2.10.14</version>
</dependency>
<dependency>
<groupId>org.apache.santuario</groupId>
<artifactId>xmlsec</artifactId>
<!— earlier version 2.1.7 in main POM -->
<version>3.0.0</version>
</dependency>
<dependency>
<!-- NOT mentioned in main pom -->
<groupId>org.apache.velocity</groupId>
<artifactId>velocity-engine-core</artifactId>
<version>2.3</version>
</dependency>
<dependency>
<!-- NOT mentioned in main pom -->
<groupId>org.opensaml</groupId>
<artifactId>openws</artifactId>
<version>1.5.4</version>
</dependency>
<dependency>
<groupId>org.owasp.esapi</groupId>
<artifactId>esapi</artifactId>
<!— earlier version 2.1.0.1 in main POM -->
<version>2.4.0.0</version>
</dependency>
We haven’t tested this yet.
Best regards,
Karen