CAS SSO integration with Delivery tier using Spring Security

[Bhupendra]

Hi Team,

I have a requirement to integrate CAS based sso integration for site application pages. I have integrated delivery tier with spring security using the below lab tutorial - 

https://www.onehippo.org/labs/setting-up-spring-security-in-hippo.html

Using this I am able to authenticate site pages with Hippo provided users.

But I want to enable CAS SSO intergration so that the pages can be authenticated against the custom SSO implementation.

Thanks

Bhupendra

[Bhupendra Singh]

Hi,

Can anyone help on this?

Regards

Bhupendra

[Jasper Floor]

Hi,

have you seen [1]?

Basically if you have a security provider setup it should work the same way as an internal user. 

[1] https://onehippo-forge.github.io/hst-spring-security/

mvg,

Jasper

--
Hippo Community Group: The place for all discussions and announcements about Hippo CMS (and HST, repository etc. etc.)
 
To post to this group, send email to hippo-community@googlegroups.com
RSS: https://groups.google.com/group/hippo-community/feed/rss_v2_0_msgs.xml?num=50
---
You received this message because you are subscribed to the Google Groups "Hippo Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to hippo-community+unsubscribe@googlegroups.com.
Visit this group at https://groups.google.com/group/hippo-community.
For more options, visit https://groups.google.com/d/optout.

[Giacomo Lamonaco]

Hi,
from my understanding that lab tutorial is just showing how to set up spring security in hippo.

I think you need to integrate the spring-security-cas library [1] in your project and set up your idp correctly

You can also have a look at apereo client library as alternative to spring.

[1] https://docs.spring.io/autorepo/docs/spring-security/4.0.x/reference/html/cas.html
[2] https://github.com/apereo/java-cas-client

HTH,

> --
> Hippo Community Group: The place for all discussions and announcements about Hippo CMS (and HST, repository etc. etc.)
>

> To post to this group, send email to hippo-c...@googlegroups.com

> RSS: https://groups.google.com/group/hippo-community/feed/rss_v2_0_msgs.xml?num=50
> ---
> You received this message because you are subscribed to the Google Groups "Hippo Community" group.

> To unsubscribe from this group and stop receiving emails from it, send an email to hippo-communi...@googlegroups.com.

[Rahul]

Hi All,

I have referred to [1] for cas sso using the web.xml configuration. It works fine on my local system(http://localhost:8080/site). However when i have deployed the same on DEV, after authentication, when it redirects, it adds '/site' to the url and hence it show 404.

I have used following filter configuration:

<filter>
  <filter-name>CAS Authentication Filter</filter-name>
  <filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class>
  <init-param>
    <param-name>casServerLoginUrl</param-name>
    <param-value>https://dev-mycasserver.com/login</param-value>
  </init-param>
  <init-param>
    <param-name>serverName</param-name>
    <param-value>http://dev-myhipposerver.com</param-value>
  </init-param>
</filter>

So when it redirects, it redirects to http://dev-myhipposerver.com/site". Please guide what i could be missing?

[1] https://github.com/apereo/java-cas-client

Thanks

Rahul

[Giacomo Lamonaco]

Hi,
probably your SP redirects are including your servlet context path.

You can try to deploy the site application as ROOT.war [1]

[1] https://www.onehippo.org/library/development/package-the-delivery-application-as-root.war.html