Commit cbca7ac7 authored by Dmitriy Kopylenko's avatar Dmitriy Kopylenko

Initial commit

parents
.classpath
!/.project
.project
.settings
target/
.idea/
.DS_Store
.idea
overlays/
.gradle/
build/
bin/
*.iml
simple-cas4-overlay-template
============================
Generic CAS maven war overlay to exercise the latest versions of CAS 4.x line
This overlay could be freely used as a starting template for local CAS maven war overlays.
# Versions
```xml
<cas.version>4.1.0-SNAPSHOT</cas.version>
```
# Minimum Requirements
* JDK 1.7+
* Apache Maven 3+
* Servlet container supporting Servlet 3+ spec (e.g. Apache Tomcat 7+)
# Configuration
The `etc` directory contains the sample configuration files that would need to be copied to an external file system location (`/etc/cas` by default) and configured to satisfy local CAS installation needs.
# Deployment
* Execute `mvn clean package`
* Deploy resultant `target/cas.war` to a Servlet3 container of choice
#
# Licensed to Jasig under one or more contributor license
# agreements. See the NOTICE file distributed with this work
# for additional information regarding copyright ownership.
# Jasig licenses this file to you under the Apache License,
# Version 2.0 (the "License"); you may not use this file
# except in compliance with the License. You may obtain a
# copy of the License at the following location:
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
#
server.name=http://localhost:8080
server.prefix=${server.name}/cas
# Spring Security's EL-based access rules for the /status URI of CAS that exposes health check information
cas.securityContext.status.access=hasIpAddress('127.0.0.1')
# Spring Security's EL-based access rules for the /statistics URI of CAS that exposes stats about the CAS server
cas.securityContext.statistics.access=hasIpAddress('127.0.0.1')
cas.themeResolver.defaultThemeName=cas-theme-default
cas.viewResolver.basename=default_views
##
# Unique CAS node name
# host.name is used to generate unique Service Ticket IDs and SAMLArtifacts. This is usually set to the specific
# hostname of the machine running the CAS node, but it could be any label so long as it is unique in the cluster.
host.name=cas01.example.org
##
# Database flavors for Hibernate
#
# One of these is needed if you are storing Services or Tickets in an RDBMS via JPA.
#
# database.hibernate.dialect=org.hibernate.dialect.OracleDialect
# database.hibernate.dialect=org.hibernate.dialect.MySQLInnoDBDialect
# database.hibernate.dialect=org.hibernate.dialect.HSQLDialect
##
# CAS Logout Behavior
# WEB-INF/cas-servlet.xml
#
# Specify whether CAS should redirect to the specified service parameter on /logout requests
# cas.logout.followServiceRedirects=false
##
# Single Sign-On Session Timeouts
# Defaults sourced from WEB-INF/spring-configuration/ticketExpirationPolices.xml
#
# Maximum session timeout - TGT will expire in maxTimeToLiveInSeconds regardless of usage
# tgt.maxTimeToLiveInSeconds=28800
#
# Idle session timeout - TGT will expire sooner than maxTimeToLiveInSeconds if no further requests
# for STs occur within timeToKillInSeconds
# tgt.timeToKillInSeconds=7200
##
# Service Ticket Timeout
# Default sourced from WEB-INF/spring-configuration/ticketExpirationPolices.xml
#
# Service Ticket timeout - typically kept short as a control against replay attacks, default is 10s. You'll want to
# increase this timeout if you are manually testing service ticket creation/validation via tamperdata or similar tools
# st.timeToKillInSeconds=10
##
# Http Client Timeouts
#
# The http client read timeout in milliseconds
# http.client.read.timeout=5000
# The http client connection timeout in milliseconds
# http.client.connection.timeout=5000
##
# Single Logout Out Callbacks
# Default sourced from WEB-INF/spring-configuration/argumentExtractorsConfiguration.xml
#
# To turn off all back channel SLO requests set this to true
# slo.callbacks.disabled=false
#
# To send callbacks to endpoints synchronously, set this to false
# slo.callbacks.asynchronous=true
##
# Service Registry Periodic Reloading Scheduler
# Default sourced from WEB-INF/spring-configuration/applicationContext.xml
#
# Force a startup delay of 2 minutes.
# service.registry.quartz.reloader.startDelay=120000
#
# Reload services every 2 minutes
# service.registry.quartz.reloader.repeatInterval=120000
##
# Log4j
# Default sourced from WEB-INF/spring-configuration/log4jConfiguration.xml:
#
# It is often time helpful to externalize log4j.xml to a system path to preserve settings between upgrades.
# e.g. log4j.config.location=/etc/cas/log4j.xml
# log4j.config.location=classpath:log4j.xml
#
# log4j refresh interval in millis
# log4j.refresh.interval=60000
##
# Password Policy
#
# Warn all users of expiration date regardless of warningDays value.
password.policy.warnAll=false
# Threshold number of days to begin displaying password expiration warnings.
password.policy.warningDays=30
# URL to which the user will be redirected to change the password.
password.policy.url=https://password.example.edu/change
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE log4j:configuration SYSTEM "log4j.dtd">
<log4j:configuration debug="false" xmlns:log4j="http://jakarta.apache.org/log4j/">
<!--
This default ConsoleAppender is used to log all NON perf4j messages
to System.out
-->
<appender name="console" class="org.apache.log4j.ConsoleAppender">
<layout class="org.apache.log4j.PatternLayout">
<param name="ConversionPattern" value="%d %p [%c] - &lt;%m&gt;%n"/>
</layout>
</appender>
<appender name="cas" class="org.apache.log4j.RollingFileAppender">
<param name="File" value="/var/log/cas/cas.log" />
<param name="MaxFileSize" value="512KB" />
<param name="MaxBackupIndex" value="3" />
<layout class="org.apache.log4j.PatternLayout">
<param name="ConversionPattern" value="%d %p [%c] - %m%n"/>
</layout>
</appender>
<!--
WARNING: Setting the org.springframework logger to DEBUG displays debug information about
the request parameter values being bound to the command objects. This could expose your
password in the log file. If you are sharing your log files, it is recommend you selectively
apply DEBUG level logging on a an org.springframework.* package level (i.e. org.springframework.dao)
-->
<logger name="org.springframework">
<level value="WARN" />
</logger>
<logger name="org.springframework.webflow">
<level value="WARN" />
</logger>
<logger name="org.jasig" additivity="true">
<level value="DEBUG" />
<appender-ref ref="cas" />
</logger>
<logger name="net.unicon.cas" additivity="true">
<level value="DEBUG" />
<appender-ref ref="cas" />
</logger>
<logger name="com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager">
<level value="INFO" />
<appender-ref ref="cas" />
</logger>
<!--
WARNING: Setting the flow package to DEBUG will display
the parameters posted to the login servlet including
cleartext authentication credentials
-->
<logger name="org.jasig.cas.web.flow" additivity="true">
<level value="INFO" />
<appender-ref ref="cas" />
</logger>
<logger name="org.opensaml">
<level value="OFF" />
</logger>
<logger name="org.apache.xml">
<level value="OFF" />
</logger>
<!--
The root logger sends all log statements EXCEPT those sent to the perf4j
logger to System.out.
-->
<root>
<level value="DEBUG" />
<appender-ref ref="console" />
</root>
</log4j:configuration>
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd ">
<modelVersion>4.0.0</modelVersion>
<groupId>net.unicon</groupId>
<artifactId>cas4-overlay</artifactId>
<packaging>war</packaging>
<version>1.0</version>
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-war-plugin</artifactId>
<version>2.3</version>
<configuration>
<warName>cas</warName>
<overlays>
<overlay>
<groupId>org.jasig.cas</groupId>
<artifactId>cas-server-webapp</artifactId>
<excludes>
<exclude>WEB-INF/cas.properties</exclude>
<exclude>WEB-INF/classes/log4j.xml</exclude>
</excludes>
</overlay>
</overlays>
</configuration>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<version>3.1</version>
<configuration>
<source>1.7</source>
<target>1.7</target>
</configuration>
</plugin>
</plugins>
<finalName>cas</finalName>
</build>
<dependencies>
<dependency>
<groupId>org.jasig.cas</groupId>
<artifactId>cas-server-webapp</artifactId>
<version>${cas.version}</version>
<type>war</type>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>org.jasig.cas</groupId>
<artifactId>cas-server-integration-restlet</artifactId>
<version>${cas.version}</version>
<scope>runtime</scope>
</dependency>
</dependencies>
<properties>
<cas.version>4.1.0-SNAPSHOT</cas.version>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
</properties>
<repositories>
<repository>
<id>sonatype-releases</id>
<url>http://oss.sonatype.org/content/repositories/releases/</url>
</repository>
<repository>
<id>sonatype-snapshots</id>
<url>https://oss.sonatype.org/content/repositories/snapshots/</url>
</repository>
</repositories>
</project>
This diff is collapsed.
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:context="http://www.springframework.org/schema/context"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd">
<context:property-placeholder location="file:/etc/cas/cas.properties"/>
</beans>
\ No newline at end of file
<?xml version="1.0" encoding="ISO-8859-1"?>
<!--
Licensed to Jasig under one or more contributor license
agreements. See the NOTICE file distributed with this work
for additional information regarding copyright ownership.
Jasig licenses this file to you under the Apache License,
Version 2.0 (the "License"); you may not use this file
except in compliance with the License. You may obtain a
copy of the License at the following location:
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<web-app xmlns="http://java.sun.com/xml/ns/j2ee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_5.xsd"
version="2.5">
<display-name>Central Authentication System (CAS) 4.1.0-SNAPSHOT</display-name>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/spring-configuration/*.xml
/WEB-INF/deployerConfigContext.xml
</param-value>
</context-param>
<filter>
<filter-name>CAS Client Info Logging Filter</filter-name>
<filter-class>com.github.inspektr.common.web.ClientInfoThreadLocalFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>CAS Client Info Logging Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/status</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/statistics</url-pattern>
</filter-mapping>
<filter>
<filter-name>characterEncodingFilter</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>characterEncodingFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!--
- Loads the CAS ApplicationContext.
- The deployer choice here is how to handle Throwables thrown by Spring's
- ContextLoaderListener. The Spring ContextLoaderListener will throw an exception when the
- application context cannot be loaded, say because the bean XML files are not valid XML or do not
- refer to real classes and properties or because a bean configured via Spring throws an exception
- at construction, property setting, or on an afterPropertiesSet() lifecycle method.
-
- If you'd like these errors to be fatal and prevent the CAS servlet context from loading at all,
- use org.springframework.web.context.ContextLoaderListener.
-
- If you'd like these errors to result in all requests for CAS getting a "CAS is Unavailable" response,
- use org.jasig.cas.web.init.SafeContextLoaderListener
-->
<listener>
<listener-class>
org.jasig.cas.web.init.SafeContextLoaderListener
</listener-class>
</listener>
<servlet>
<servlet-name>restlet</servlet-name>
<servlet-class>org.restlet.ext.spring.RestletFrameworkServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>restlet</servlet-name>
<url-pattern>/v1/*</url-pattern>
</servlet-mapping>
<!--
- This is the Spring dispatcher servlet which delegates all requests to the
- Spring WebMVC controllers as configured in cas-servlet.xml.
-
- The choice made above about how to handle a broken ApplicationContext at
- context initialization applies here as well, since this servlet is load-on-startup.
-
- If you'd like these errors to be fatal and prevent the CAS servlet from loading at all,
- use org.springframework.web.servlet.DispatcherServlet.
-
- If you'd like these errors to result in all requests for CAS getting a "CAS is Unavailable" response,
- use org.jasig.cas.web.init.SafeDispatcherServlet
-->
<servlet>
<servlet-name>cas</servlet-name>
<servlet-class>
org.jasig.cas.web.init.SafeDispatcherServlet
</servlet-class>
<init-param>
<param-name>publishContext</param-name>
<param-value>false</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/login</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/logout</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/validate</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/serviceValidate</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/p3/serviceValidate</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/proxy</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/proxyValidate</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/p3/proxyValidate</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/CentralAuthenticationService</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/status</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/statistics</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/authorizationFailure.html</url-pattern>
</servlet-mapping>
<session-config>
<!-- Default to 5 minute session timeouts -->
<session-timeout>5</session-timeout>
</session-config>
<error-page>
<error-code>401</error-code>
<location>/authorizationFailure.html</location>
</error-page>
<error-page>
<error-code>403</error-code>
<location>/authorizationFailure.html</location>
</error-page>
<error-page>
<error-code>404</error-code>
<location>/</location>
</error-page>
<error-page>
<error-code>500</error-code>
<location>/WEB-INF/view/jsp/errors.jsp</location>
</error-page>
<error-page>
<error-code>501</error-code>
<location>/WEB-INF/view/jsp/errors.jsp</location>
</error-page>
<error-page>
<error-code>503</error-code>
<location>/WEB-INF/view/jsp/errors.jsp</location>
</error-page>
<welcome-file-list>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>
</web-app>
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment