CAS_filter

looselytyped edited this page Jan 6, 2011 · 1 revision

How to use a servlet filter

You can use servlet filters in your rails-in-a-war-file applications. This page shows you how to use Yale's CAS-filter but you should be able to use other filters as well.

1. Add the necessary dependencies in config/war.rb

      maven_library 'cas', 'casclient', '2.1.1'
      maven_library 'commons-logging', 'commons-logging', '1.1'

2. Add your filter configuration to the web.xml template in vendor/plugins/war/lib/create_war.rb (the web.xml file is regenerated from this template each time you create the war-file). The xml is embedded in the ruby code, search for "def create_webxml".

      <filter>
        <filter-name>CAS Filter</filter-name>
        <filter-class>edu.yale.its.tp.cas.client.filter.CASFilter</filter-class>
        <init-param>
          <param-name>edu.yale.its.tp.cas.client.filter.loginUrl</param-name>
          <param-value>https://secure.its.yale.edu/cas/login</param-value>
        </init-param>
        <init-param>
          <param-name>edu.yale.its.tp.cas.client.filter.validateUrl</param-name>
          <param-value>https://secure.its.yale.edu/cas/serviceValidate</param-value>
        </init-param>
        <init-param>
          <param-name>edu.yale.its.tp.cas.client.filter.serverName</param-name>
          <param-value>your server name and port (e.g., www.yale.edu:8080)</param-value>
        </init-param>
      </filter>
      
      <filter-mapping>
        <filter-name>CAS Filter</filter-name>
        <url-pattern>/requires-cas-authetication/*</url-pattern>
      </filter-mapping>

3. If you're CAS server use a certificate that has not been signed by a root-ca you need to make the certificate available to your application server. If you use Tomcat you can do this by getting the certificate into a keystore http://blogs.sun.com/andreas/entry/no_more_unable_to_find and startup tomcat like this

      startup.bat -Djavax.net.ssl.trustStore=C:/path/to/my/keystore -Djavax.net.ssl.trustStorePassword=changeit
Clone this wiki locally
You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.
Press h to open a hovercard with more details.