Georgia Clinical and Translational Science Alliance (Georgia CTSA), Emory University, Atlanta, GA
It is a patched JASIG (now Apereo) CAS server used for authentication by Eureka! Clinical projects. It provides single sign on across all Eureka! Clinical microservices, thus allowing microservices to be composed into a single integrated application. It can provide its own screens for the user to enter credentials, which are checked against a local database provided by eurekaclinical-user-service or an LDAP server. Alternatively, it can delegate that function to an OAuth or other CAS server.
This project depends on version 3.6.0 of CAS server, which implements support for versions 1 and 2 of the CAS protocol.
This project does not provide user authorization. Eureka! Clinical microservices are responsible for providing their own authorization.
Latest release:
The version 3.0 series has integrated password resets and password changes into this project (they previously were in Eureka! Clinical Analytics).
Turned on the REST API access.
Initial version supported version 1 of Eureka! Clinical Analytics.
- Oracle Java JRE 8
- Tomcat 7
- Also running eurekaclinical-user-service in order to use local authentication
The project uses the maven build tool. Typically, you build it by invoking mvn clean install at the command line. For simple file changes, not additions or deletions, you can usually use mvn install. See https://github.com/eurekaclinical/dev-wiki/wiki/Building-Eureka!-Clinical-projects for more details.
Eureka! Clinical CAS is configured via a properties file located at /etc/ec-cas-server/cas.properties. In addition to the properties described in the JASIG CAS documentation, it supports the following properties:
eureka.authHandlers: comma-separated list of handlers for checking credentials entered on the built-in login screen, which may bejdbc(check with eurekaclinical-user-service) orldap(check with a specified LDAP directory); default isjdbc.eureka.ldap.uid.attribute: for specifying the UID attribute for an LDAP directory; default iscn.eureka.ldap.email.attribute1: for specifying the email attribute for an LDAP directory; default ismail.eureka.ldap.firstName.attribute1: for specifying the first name attribute for an LDAP directory; default isfirstName.eureka.ldap.lastName.attribute1: for specifying the last name attribute for an LDAP directory; default islastName.eureka.ldap.title.attribute1: for specifying the title attribute for an LDAP directory; default istitle.eureka.ldap.department.attribute1: for specifying the department attribute for an LDAP directory; default isou.eureka.ldap.organization.attribute1: for specifying the organization attribute for an LDAP directory; default iso.
A typical cas.properties file looks like the following:
server.name=https://hostname.running.cas
server.prefix=${server.name}/cas-server
host.name=hostname.running.cas
eureka.authHandlers=jdbc
# Whitelist the services that may access this CAS server.
cas.services.filter=https://(hostname1\\.edu|hostname2\\.edu|localhost).*
A Tomcat restart is required to detect any changes to the configuration file.
- Stop Tomcat.
- Remove any old copies of the unpacked war from Tomcat's webapps directory.
- Copy the warfile into the Tomcat webapps directory, renaming it to remove the version. For example, rename
cas-server-1.0.wartocas-server.war. - Start Tomcat.
<dependency>
<groupId>org.eurekaclinical</groupId>
<artifactId>cas-server</artifactId>
<version>version</version>
</dependency>
Feel free to contact us at help@eurekaclinical.org.