ΑΠ: CAS authentication / authorization

Hi list,

I think I have found some solutions (attached).

- for allowing public pages to be visible to guess user and also allow jetspeed 
users (not CAS user like admin) to login I have introduced a folder "caslogin" 
and configured CAS filter with pattern "/portal/caslogin". So only then the 
user is being redirected to the CAS authentication service. I simply provide a 
login link with url "/portal/caslogin"

- my second problem was about users that appear in CAS but not in jetspeed. I 
have developed a filter that when such a login takes place, jetspeed creates a 
jetspeed user with same username and default roles and pages. 

- my 3rd problem was logout. When a user logout need to be logout both from 
jetspeed2 context and CAS. For that I have slightly modified the jetspeed 
logout servet. 

That’s all for now.. Please let me know for any better solutions. 
Thanks,
Vangelis


________________________________________
Από: Evangelos Vlachogiannis [evlach@xxxxxxxxx]
Αποστολή: Τετάρτη, 22 Ιουλίου 2009 6:55 μμ
Προς: Jetspeed Developers List
Θέμα: Re: CAS authentication / authorization

I would like to ask if Portaladministation.registeruser created also
userfolder and create appropriate permissions so that the user can
personalize its pages (Add portlets e.t.c.)

thnx in advance,
Vangelis

David Sean Taylor wrote:
> On Jul 21, 2009, at 1:35 AM, Evangelos Vlachogiannis wrote:
>
>
>> Hi again,
>>
>> thnx for the response. I use jetspeed 2.2 but I do not want to talk
>> directly to the LDAP.
>> I am introducing a filter based on PortalFilter (see attached
>> CASPortalFilter.java implementation in order to: 
>> (http://u-portal.gunet.gr:8080/uportal3/
>> )
>> - get the username of authenticated user -> done
>> - if username does not appear in portal db -> create new user with
>> username and assign default group/roles (in future I plan to
>> introduce a mapping mechanism)
>> - put principal in portal context
>>
>> Problems till now:
>> - exception (see attached exception.txt) Any help ??
>> - As the CAS filter has a url-pattern="/*" (see web.xml) how can a
>> user see public pages without being redirected to CAS
>> Any help would be appreciated.
>>
>>
>  From the line number of the NPE, my guess is that the user is null
>
> Do you see any of these exceptions occurring?
>
>       } catch (RegistrationException e1) {
>                                       // TODO Auto-generated catch block
>                                       System.out.println("user: " + userName 
> + " not created");
>                               } catch (SecurityException e1) {
>                                       // TODO Auto-generated catch block
>                                       System.out.println("user: " + userName 
> + " not created");
>                               }
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: jetspeed-dev-unsubscribe@xxxxxxxxxxxxxxxxxx
> For additional commands, e-mail: jetspeed-dev-help@xxxxxxxxxxxxxxxxxx
>
>
> No virus found in this incoming message.
> Checked by AVG - www.avg.com
> Version: 8.5.392 / Virus Database: 270.13.20/2251 - Release Date: 07/20/09 
> 18:29:00
>

---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@xxxxxxxxxxxxxxxxxx
For additional commands, e-mail: jetspeed-dev-help@xxxxxxxxxxxxxxxxxx

main.zip
Description: main.zip

---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@xxxxxxxxxxxxxxxxxx
For additional commands, e-mail: jetspeed-dev-help@xxxxxxxxxxxxxxxxxx