For being used with my centos-httpd-cas and centos-tomcat-cas docker containers.
--- /dev/null
+mvn clean package -DskipTests=true
--- /dev/null
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+ <groupId>de.example.cas</groupId>
+ <artifactId>gumartinm-cas-management</artifactId>
+ <packaging>war</packaging>
+ <version>1.0-SNAPSHOT</version>
+ <build>
+ <plugins>
+ <plugin>
+ <artifactId>maven-war-plugin</artifactId>
+ <configuration>
+ <warName>cas-management</warName>
+ </configuration>
+ </plugin>
+ </plugins>
+ </build>
+ <dependencies>
+ <dependency>
+ <groupId>org.jasig.cas</groupId>
+ <artifactId>cas-management-webapp</artifactId>
+ <version>${cas.version}</version>
+ <type>war</type>
+ <scope>runtime</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.jasig.cas</groupId>
+ <artifactId>cas-server-support-ldap</artifactId>
+ <version>${cas.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>commons-dbcp</groupId>
+ <artifactId>commons-dbcp</artifactId>
+ <version>1.4</version>
+ <scope>runtime</scope>
+ </dependency>
+ <dependency>
+ <groupId>mysql</groupId>
+ <artifactId>mysql-connector-java</artifactId>
+ <version>5.1.36</version>
+ <scope>runtime</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.hibernate</groupId>
+ <artifactId>hibernate-entitymanager</artifactId>
+ <version>5.0.1.Final</version>
+ <scope>runtime</scope>
+ <type>jar</type>
+ </dependency>
+ <dependency>
+ <groupId>concurrent</groupId>
+ <artifactId>concurrent</artifactId>
+ <version>1.3.4</version>
+ <scope>runtime</scope>
+ </dependency>
+ </dependencies>
+ <properties>
+ <cas.version>4.1.0</cas.version>
+ </properties>
+ <repositories>
+ <repository>
+ <id>ja-sig</id>
+ <url>http://oss.sonatype.org/content/repositories/releases/</url>
+ </repository>
+ <repository>
+ <id>jboss</id>
+ <url>http://repository.jboss.org/nexus/content/groups/public-jboss/</url>
+ </repository>
+ </repositories>
+</project>
--- /dev/null
+#\r
+# Licensed to Apereo under one or more contributor license\r
+# agreements. See the NOTICE file distributed with this work\r
+# for additional information regarding copyright ownership.\r
+# Apereo licenses this file to you under the Apache License,\r
+# Version 2.0 (the "License"); you may not use this file\r
+# except in compliance with the License. You may obtain a\r
+# copy of the License at the following location:\r
+#\r
+# http://www.apache.org/licenses/LICENSE-2.0\r
+#\r
+# Unless required by applicable law or agreed to in writing,\r
+# software distributed under the License is distributed on an\r
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY\r
+# KIND, either express or implied. See the License for the\r
+# specific language governing permissions and limitations\r
+# under the License.\r
+#\r
+\r
+# hosts and urls\r
+\r
+# CAS\r
+cas.host=https://192.168.1.11:8443\r
+cas.prefix=${cas.host}/cas\r
+cas.securityContext.casProcessingFilterEntryPoint.loginUrl=${cas.prefix}/login\r
+cas.securityContext.ticketValidator.casServerUrlPrefix=${cas.prefix}\r
+\r
+# Management\r
+cas-management.host=${cas.host}\r
+cas-management.prefix=${cas-management.host}/cas-management\r
+cas-management.securityContext.serviceProperties.service=${cas-management.prefix}/login/cas\r
+cas-management.securityContext.serviceProperties.adminRoles=hasRole('ROLE_ADMIN')\r
+\r
+# views\r
+cas-management.viewResolver.basename=default_views\r
+\r
+##\r
+# User details file location that contains list of users\r
+# who are allowed access to the management webapp:\r
+# \r
+# user.details.file.location = classpath:user-details.properties\r
+\r
+##\r
+# JSON Service Registry\r
+#\r
+# Directory location where JSON service files may be found.\r
+# service.registry.config.location=classpath:services\r
+\r
+##\r
+# Database flavors for Hibernate\r
+#\r
+# One of these is needed if you are storing Services in an RDBMS via JPA.\r
+#\r
+# database.hibernate.dialect=org.hibernate.dialect.OracleDialect\r
+# database.hibernate.dialect=org.hibernate.dialect.MySQLInnoDBDialect\r
+# database.hibernate.dialect=org.hibernate.dialect.HSQLDialect\r
+\r
+##\r
+# Log4j\r
+# Default sourced from WEB-INF/spring-configuration/log4jConfiguration.xml:\r
+#\r
+# It is often time helpful to externalize log4j.xml to a system path to preserve settings between upgrades.\r
+# e.g. log4j.config.location=file:/etc/cas/log4j2.xml\r
+# log4j.config.location=classpath:log4j2.xml\r
+\r
+##\r
+# Metrics\r
+# Default sourced from WEB-INF/spring-configuration/metricsConfiguration.xml:\r
+#\r
+# Define how often should metric data be reported. Default is 30 seconds.\r
+# metrics.refresh.internal=30s\r
--- /dev/null
+<?xml version="1.0" encoding="UTF-8" ?>\r
+\r
+<!--\r
+ AVISO: ES MUCHO MEJOR PONER ESTE ARCHIVO EN /etc/cas DEL SERVIDOR\r
+ DONDE SE EJECUTA EL Tomcat QUE CORRE ESTA APLICACION.\r
+\r
+ DE ESTE MODO, ES EL ADMINISTRADOR DEL SERVIDOR EL QUE PUEDE CONTROLAR A SU GUSTO\r
+ DONDE Y COMO SE VAN A GENERAR LOS LOGS.\r
+\r
+ VER: cas-management.properties PARA SABER COMO PONER ESTE ARCHIVO EN POR EJEMPLO /etc/cas\r
+-->\r
+\r
+<!--\r
+\r
+ Licensed to Apereo under one or more contributor license\r
+ agreements. See the NOTICE file distributed with this work\r
+ for additional information regarding copyright ownership.\r
+ Apereo licenses this file to you under the Apache License,\r
+ Version 2.0 (the "License"); you may not use this file\r
+ except in compliance with the License. You may obtain a\r
+ copy of the License at the following location:\r
+\r
+ http://www.apache.org/licenses/LICENSE-2.0\r
+\r
+ Unless required by applicable law or agreed to in writing,\r
+ software distributed under the License is distributed on an\r
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY\r
+ KIND, either express or implied. See the License for the\r
+ specific language governing permissions and limitations\r
+ under the License.\r
+\r
+-->\r
+<!-- Specify the refresh internal in seconds. -->\r
+<Configuration monitorInterval="60">\r
+ <Appenders>\r
+ <Console name="console" target="SYSTEM_OUT">\r
+ <PatternLayout pattern="%d %p [%c] - <%m>%n"/>\r
+ </Console>\r
+ <RollingFile name="cas-management" fileName="/opt/tomcat/apache-tomcat-8.0.26/logs/cas-management.log" append="true"\r
+ filePattern="cas-management-%d{yyyy-MM-dd-HH}-%i.log.gz">\r
+ <PatternLayout pattern="%d %p [%c] - %m%n"/>\r
+ <Policies>\r
+ <OnStartupTriggeringPolicy />\r
+ <SizeBasedTriggeringPolicy size="512 KB"/>\r
+ <TimeBasedTriggeringPolicy />\r
+ </Policies>\r
+ </RollingFile>\r
+ </Appenders>\r
+ <Loggers>\r
+ <Logger name="org.springframework" level="warn" />\r
+ <Logger name="org.springframework.webflow" level="warn" />\r
+ <Logger name="org.springframework.web" level="warn" />\r
+ <Logger name="org.springframework.security" level="warn" />\r
+\r
+ <Logger name="org.jasig" level="debug" additivity="false">\r
+ <AppenderRef ref="cas-management"/>\r
+ <AppenderRef ref="console"/>\r
+ </Logger>\r
+ <Logger name="org.jasig.inspektr.audit.support.Slf4jLoggingAuditTrailManager" level="info">\r
+ <AppenderRef ref="cas-management"/>\r
+ </Logger>\r
+\r
+ <Root level="error">\r
+ <AppenderRef ref="console"/>\r
+ </Root>\r
+ </Loggers>\r
+</Configuration>\r
--- /dev/null
+{\r
+ "@class" : "org.jasig.cas.services.RegexRegisteredService",\r
+ "serviceId" : "https://192.168.1.11:8443/cas-management/login/cas",\r
+ "name" : "Services Management Web Application",\r
+ "id" : 52497044623301,\r
+ "description" : "Services Management Web Application",\r
+ "proxyPolicy" : {\r
+ "@class" : "org.jasig.cas.services.RefuseRegisteredServiceProxyPolicy"\r
+ },\r
+ "evaluationOrder" : 2,\r
+ "usernameAttributeProvider" : {\r
+ "@class" : "org.jasig.cas.services.DefaultRegisteredServiceUsernameProvider"\r
+ },\r
+ "logoutType" : "BACK_CHANNEL",\r
+ "attributeReleasePolicy" : {\r
+ "@class" : "org.jasig.cas.services.ReturnAllowedAttributeReleasePolicy",\r
+ "principalAttributesRepository" : {\r
+ "@class" : "org.jasig.cas.authentication.principal.DefaultPrincipalAttributesRepository"\r
+ },\r
+ "authorizedToReleaseCredentialPassword" : false,\r
+ "authorizedToReleaseProxyGrantingTicket" : false\r
+ },\r
+ "accessStrategy" : {\r
+ "@class" : "org.jasig.cas.services.DefaultRegisteredServiceAccessStrategy",\r
+ "enabled" : true,\r
+ "ssoEnabled" : true\r
+ }\r
+}\r
--- /dev/null
+ #\r
+# Licensed to Apereo under one or more contributor license\r
+# agreements. See the NOTICE file distributed with this work\r
+# for additional information regarding copyright ownership.\r
+# Apereo licenses this file to you under the Apache License,\r
+# Version 2.0 (the "License"); you may not use this file\r
+# except in compliance with the License. You may obtain a\r
+# copy of the License at the following location:\r
+#\r
+# http://www.apache.org/licenses/LICENSE-2.0\r
+#\r
+# Unless required by applicable law or agreed to in writing,\r
+# software distributed under the License is distributed on an\r
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY\r
+# KIND, either express or implied. See the License for the\r
+# specific language governing permissions and limitations\r
+# under the License.\r
+#\r
+\r
+# This file lists the set of users that are allowed access to the management app.\r
+# See this link for more info: \r
+# http://docs.spring.io/spring-security/site/docs/3.0.x/reference/ns-config.html\r
+#\r
+# The syntax of each entry should be in the form of:\r
+# \r
+# username=password,grantedAuthority[,grantedAuthority][,enabled|disabled]\r
+gustavo=gustavo,ROLE_ADMIN\r
+\r
+# Example:\r
+# casuser=notused,ROLE_ADMIN\r
--- /dev/null
+mvn clean package -DskipTests=true
--- /dev/null
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+ <groupId>de.example.cas</groupId>
+ <artifactId>gumartinm-cas</artifactId>
+ <packaging>war</packaging>
+ <version>1.0-SNAPSHOT</version>
+ <build>
+ <plugins>
+ <plugin>
+ <artifactId>maven-war-plugin</artifactId>
+ <configuration>
+ <warName>cas</warName>
+ </configuration>
+ </plugin>
+ </plugins>
+ </build>
+ <dependencies>
+ <dependency>
+ <groupId>org.jasig.cas</groupId>
+ <artifactId>cas-server-webapp</artifactId>
+ <version>${cas.version}</version>
+ <type>war</type>
+ <scope>runtime</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.jasig.cas</groupId>
+ <artifactId>cas-server-support-ldap</artifactId>
+ <version>${cas.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>commons-dbcp</groupId>
+ <artifactId>commons-dbcp</artifactId>
+ <version>1.4</version>
+ <scope>runtime</scope>
+ </dependency>
+ <dependency>
+ <groupId>mysql</groupId>
+ <artifactId>mysql-connector-java</artifactId>
+ <version>5.1.36</version>
+ <scope>runtime</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.hibernate</groupId>
+ <artifactId>hibernate-entitymanager</artifactId>
+ <version>5.0.1.Final</version>
+ <scope>runtime</scope>
+ <type>jar</type>
+ </dependency>
+ <dependency>
+ <groupId>concurrent</groupId>
+ <artifactId>concurrent</artifactId>
+ <version>1.3.4</version>
+ <scope>runtime</scope>
+ </dependency>
+ </dependencies>
+ <properties>
+ <cas.version>4.1.0</cas.version>
+ </properties>
+ <repositories>
+ <repository>
+ <id>ja-sig</id>
+ <url>http://oss.sonatype.org/content/repositories/releases/</url>
+ </repository>
+ <repository>
+ <id>jboss</id>
+ <url>http://repository.jboss.org/nexus/content/groups/public-jboss/</url>
+ </repository>
+ </repositories>
+</project>
--- /dev/null
+#\r
+# Licensed to Apereo under one or more contributor license\r
+# agreements. See the NOTICE file distributed with this work\r
+# for additional information regarding copyright ownership.\r
+# Apereo licenses this file to you under the Apache License,\r
+# Version 2.0 (the "License"); you may not use this file\r
+# except in compliance with the License. You may obtain a\r
+# copy of the License at the following location:\r
+#\r
+# http://www.apache.org/licenses/LICENSE-2.0\r
+#\r
+# Unless required by applicable law or agreed to in writing,\r
+# software distributed under the License is distributed on an\r
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY\r
+# KIND, either express or implied. See the License for the\r
+# specific language governing permissions and limitations\r
+# under the License.\r
+#\r
+\r
+server.name=https://192.168.1.11:8443\r
+server.prefix=${server.name}/cas\r
+\r
+# Spring Security's EL-based access rules for the /status URI of CAS that exposes health check information\r
+cas.securityContext.status.access=permitAll\r
+\r
+# Spring Security's EL-based access rules for the /statistics URI of CAS that exposes stats about the CAS server\r
+cas.securityContext.statistics.access=hasIpAddress('127.0.0.1')\r
+\r
+cas.themeResolver.defaultThemeName=cas-theme-default\r
+\r
+# Path prefix for where views are to be found\r
+# cas.viewResolver.defaultViewsPathPrefix=/WEB-INF/view/jsp/default/ui/\r
+\r
+# Location of the Spring xml config file where views may be collected\r
+# cas.viewResolver.xmlFile=/META-INF/spring/views.xml\r
+\r
+##\r
+# Unique CAS node name\r
+# host.name is used to generate unique Service Ticket IDs and SAMLArtifacts. This is usually set to the specific\r
+# hostname of the machine running the CAS node, but it could be any label so long as it is unique in the cluster.\r
+# host.name=cas01.example.org\r
+host.name=192.168.1.11\r
+\r
+##\r
+# Database flavors for Hibernate\r
+#\r
+# One of these is needed if you are storing Services or Tickets in an RDBMS via JPA.\r
+#\r
+# database.hibernate.dialect=org.hibernate.dialect.OracleDialect\r
+database.hibernate.dialect=org.hibernate.dialect.MySQLInnoDBDialect\r
+# database.hibernate.dialect=org.hibernate.dialect.HSQLDialect\r
+# database.hibernate.batchSize=10\r
+\r
+##\r
+# CAS SSO Cookie Generation & Security\r
+# See https://github.com/mitreid-connect/json-web-key-generator\r
+#\r
+# Do note that the following settings MUST be generated per deployment.\r
+#\r
+# Defaults at spring-configuration/ticketGrantingTicketCookieGenerator.xml\r
+# The encryption secret key. By default, must be a octet string of size 256.\r
+tgc.encryption.key=1PbwSbnHeinpkZOSZjuSJ8yYpUrInm5aaV18J2Ar4rM\r
+\r
+# The signing secret key. By default, must be a octet string of size 512.\r
+tgc.signing.key=szxK-5_eJjs-aUj-64MpUZ-GPPzGLhYPLGl0wrYjYNVAGva2P0lLe6UGKGM7k8dWxsOVGutZWgvmY3l5oVPO3w\r
+\r
+##\r
+# CAS Logout Behavior\r
+# WEB-INF/cas-servlet.xml\r
+#\r
+# Specify whether CAS should redirect to the specified service parameter on /logout requests\r
+# cas.logout.followServiceRedirects=false\r
+\r
+##\r
+# CAS Cached Attributes Timeouts\r
+# Controls the cached attribute expiration policy\r
+#\r
+# Notes the duration in which attributes will be kept alive\r
+# cas.attrs.timeToExpireInHours=2\r
+\r
+##\r
+# Single Sign-On Session\r
+#\r
+# Indicates whether an SSO session should be created for renewed authentication requests.\r
+# create.sso.renewed.authn=true\r
+#\r
+# Indicates whether an SSO session can be created if no service is present.\r
+# create.sso.missing.service=true\r
+\r
+##\r
+# Spring Webflow Web Application Session\r
+# Define the settings that are required to encrypt and persist the CAS web application session.\r
+# See the cas-servlet.xml file to understand how these properties are used.\r
+#\r
+# cas.webflow.cipher.alg=AES\r
+# cas.webflow.cipher.mode=CBC\r
+# cas.webflow.cipher.padding=PKCS7\r
+# cas.webflow.keystore=classpath:/etc/keystore.jceks\r
+# cas.webflow.keystore.type=JCEKS\r
+# cas.webflow.keystore.password=changeit\r
+# cas.webflow.keyalias=aes128\r
+# cas.webflow.keypassword=changeit\r
+##\r
+# Single Sign-On Session Timeouts\r
+# Defaults sourced from WEB-INF/spring-configuration/ticketExpirationPolices.xml\r
+#\r
+# Maximum session timeout - TGT will expire in maxTimeToLiveInSeconds regardless of usage\r
+# tgt.maxTimeToLiveInSeconds=28800\r
+#\r
+# Idle session timeout - TGT will expire sooner than maxTimeToLiveInSeconds if no further requests\r
+# for STs occur within timeToKillInSeconds\r
+# tgt.timeToKillInSeconds=7200\r
+\r
+##\r
+# Service Ticket Timeout\r
+# Default sourced from WEB-INF/spring-configuration/ticketExpirationPolices.xml\r
+#\r
+# Service Ticket timeout - typically kept short as a control against replay attacks, default is 10s. You'll want to\r
+# increase this timeout if you are manually testing service ticket creation/validation via tamperdata or similar tools\r
+# st.timeToKillInSeconds=10\r
+\r
+## \r
+# Http Client Settings\r
+#\r
+# The http client read timeout in milliseconds\r
+# http.client.read.timeout=5000\r
+\r
+# The http client connection timeout in milliseconds\r
+# http.client.connection.timeout=5000\r
+#\r
+# The http client truststore file, in addition to the default's\r
+# http.client.truststore.file=classpath:truststore.jks\r
+#\r
+# The http client truststore's password\r
+# http.client.truststore.psw=changeit\r
+ \r
+##\r
+# Single Logout Out Callbacks\r
+# Default sourced from WEB-INF/spring-configuration/argumentExtractorsConfiguration.xml\r
+#\r
+# To turn off all back channel SLO requests set this to true\r
+# slo.callbacks.disabled=false\r
+#\r
+# To send callbacks to endpoints synchronously, set this to false\r
+# slo.callbacks.asynchronous=true\r
+\r
+##\r
+# CAS Protocol Security Filter\r
+#\r
+# Are multi-valued parameters accepted?\r
+# cas.http.allow.multivalue.params=false\r
+\r
+# Define the list of request parameters to examine for sanity\r
+# cas.http.check.params=ticket,service,renew,gateway,warn,target,SAMLart,pgtUrl,pgt,pgtId,pgtIou,targetService\r
+\r
+# Define the list of request parameters only allowed via POST\r
+# cas.http.allow.post.params=username,password\r
+\r
+##\r
+# JSON Service Registry\r
+#\r
+# Directory location where JSON service files may be found.\r
+# service.registry.config.location=classpath:services\r
+\r
+##\r
+# Service Registry Periodic Reloading Scheduler\r
+# Default sourced from WEB-INF/spring-configuration/applicationContext.xml\r
+#\r
+# Force a startup delay of 2 minutes.\r
+# service.registry.quartz.reloader.startDelay=120000\r
+# \r
+# Reload services every 2 minutes\r
+# service.registry.quartz.reloader.repeatInterval=120000\r
+\r
+##\r
+# Log4j\r
+# Default sourced from WEB-INF/spring-configuration/log4jConfiguration.xml:\r
+#\r
+# It is often time helpful to externalize log4j.xml to a system path to preserve settings between upgrades.\r
+# log4j.config.location=file:///etc/cas/log4j2.xml\r
+# log4j.config.location=classpath:log4j2.xml\r
+\r
+##\r
+# Metrics\r
+# Default sourced from WEB-INF/spring-configuration/metricsConfiguration.xml:\r
+#\r
+# Define how often should metric data be reported. Default is 30 seconds.\r
+# metrics.refresh.internal=30s\r
+\r
+##\r
+# Encoding\r
+#\r
+# Set the encoding to use for requests. Default is UTF-8\r
+# httprequest.web.encoding=UTF-8\r
+\r
+# Default is true. Switch this to "false" to not enforce the specified encoding in any case,\r
+# applying it as default response encoding as well.\r
+# httprequest.web.encoding.force=true\r
+\r
+##\r
+# Reports\r
+#\r
+# Setting to whether include the ticket granting ticket id in the report\r
+# sso.sessions.include.tgt=false\r
+\r
+##\r
+# Password Policy\r
+#\r
+# Warn all users of expiration date regardless of warningDays value.\r
+# password.policy.warnAll=false\r
+\r
+# Threshold number of days to begin displaying password expiration warnings.\r
+# password.policy.warningDays=30\r
+\r
+# URL to which the user will be redirected to change the password.\r
+# password.policy.url=https://password.example.edu/change\r
--- /dev/null
+<?xml version="1.0" encoding="UTF-8" ?>\r
+\r
+<!--\r
+ AVISO: ES MUCHO MEJOR PONER ESTE ARCHIVO EN /etc/cas DEL SERVIDOR\r
+ DONDE SE EJECUTA EL Tomcat QUE CORRE ESTA APLICACION.\r
+\r
+ DE ESTE MODO, ES EL ADMINISTRADOR DEL SERVIDOR EL QUE PUEDE CONTROLAR A SU GUSTO\r
+ DONDE Y COMO SE VAN A GENERAR LOS LOGS.\r
+\r
+ VER: cas.properties PARA SABER COMO PONER ESTE ARCHIVO EN POR EJEMPLO /etc/cas\r
+-->\r
+\r
+<!--\r
+\r
+ Licensed to Apereo under one or more contributor license\r
+ agreements. See the NOTICE file distributed with this work\r
+ for additional information regarding copyright ownership.\r
+ Apereo licenses this file to you under the Apache License,\r
+ Version 2.0 (the "License"); you may not use this file\r
+ except in compliance with the License. You may obtain a\r
+ copy of the License at the following location:\r
+\r
+ http://www.apache.org/licenses/LICENSE-2.0\r
+\r
+ Unless required by applicable law or agreed to in writing,\r
+ software distributed under the License is distributed on an\r
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY\r
+ KIND, either express or implied. See the License for the\r
+ specific language governing permissions and limitations\r
+ under the License.\r
+\r
+-->\r
+\r
+<!-- Specify the refresh internal in seconds. -->\r
+<Configuration monitorInterval="60">\r
+ <Appenders>\r
+ <Console name="console" target="SYSTEM_OUT">\r
+ <PatternLayout pattern="%d %p [%c] - <%m>%n"/>\r
+ </Console>\r
+ <RollingFile name="file" fileName="/opt/tomcat/apache-tomcat-8.0.26/logs/cas.log" append="true"\r
+ filePattern="cas-%d{yyyy-MM-dd-HH}-%i.log">\r
+ <PatternLayout pattern="%d %p [%c] - %m%n"/>\r
+ <Policies>\r
+ <OnStartupTriggeringPolicy />\r
+ <SizeBasedTriggeringPolicy size="10 MB"/>\r
+ <TimeBasedTriggeringPolicy />\r
+ </Policies>\r
+ </RollingFile>\r
+ <RollingFile name="perfFileAppender" fileName="/opt/tomcat/apache-tomcat-8.0.26/logs/perfStats.log" append="true"\r
+ filePattern="perfStats-%d{yyyy-MM-dd-HH}-%i.log">\r
+ <PatternLayout pattern="%m%n"/>\r
+ <Policies>\r
+ <OnStartupTriggeringPolicy />\r
+ <SizeBasedTriggeringPolicy size="10 MB"/>\r
+ <TimeBasedTriggeringPolicy />\r
+ </Policies>\r
+ </RollingFile>\r
+ </Appenders>\r
+ <Loggers>\r
+ <Logger name="org.jasig" level="info" additivity="false">\r
+ <AppenderRef ref="console"/>\r
+ <AppenderRef ref="file"/>\r
+ </Logger>\r
+ <Logger name="org.springframework" level="warn" />\r
+ <Logger name="org.springframework.webflow" level="warn" />\r
+ <Logger name="org.springframework.web" level="warn" />\r
+ <Logger name="org.springframework.security" level="warn" />\r
+\r
+ <Logger name="perfStatsLogger" level="info" additivity="false">\r
+ <AppenderRef ref="perfFileAppender"/>\r
+ </Logger>\r
+\r
+ <Logger name="org.jasig.cas.web.flow" level="info" additivity="true">\r
+ <AppenderRef ref="file"/>\r
+ </Logger>\r
+ <Logger name="org.jasig.inspektr.audit.support.Slf4jLoggingAuditTrailManager" level="info">\r
+ <AppenderRef ref="file"/>\r
+ </Logger>\r
+ <Root level="error">\r
+ <AppenderRef ref="console"/>\r
+ </Root>\r
+ </Loggers>\r
+</Configuration>\r
--- /dev/null
+{
+ "@class" : "org.jasig.cas.services.RegexRegisteredService",
+ "serviceId" : "^http://192.168.1.6/.*",
+ "name" : "apache-mod-cas",
+ "id" : 6969697,
+ "description" : "apache-mod-cas",
+ "usernameAttributeProvider" : {
+ "@class" : "org.jasig.cas.services.PrincipalAttributeRegisteredServiceUsernameProvider",
+ "usernameAttribute" : "cn"
+ }
+}
--- /dev/null
+<?xml version="1.0" encoding="UTF-8"?>\r
+\r
+<!--\r
+ EN ESTE ARCHIVO TENGO PUESTO EN EL bean primaryAuthenticationHandler EL USUARIO gustavo CON PASSWORD gustavo.\r
+\r
+ gustavo ES EL USUARIO QUE UTILIZARE PARA HACER LOGIN EN EL CAS. ES UNA AUTENTICACION SUPER SIMPLE SOLO PARA PRUEBAS.\r
+\r
+ ASI CON gustavo PUEDO ACCEDER A CUALQUIER COSA PROTEGIDA POR mod_auth_cas.\r
+-->\r
+\r
+<!--\r
+\r
+ Licensed to Apereo under one or more contributor license\r
+ agreements. See the NOTICE file distributed with this work\r
+ for additional information regarding copyright ownership.\r
+ Apereo licenses this file to you under the Apache License,\r
+ Version 2.0 (the "License"); you may not use this file\r
+ except in compliance with the License. You may obtain a\r
+ copy of the License at the following location:\r
+\r
+ http://www.apache.org/licenses/LICENSE-2.0\r
+\r
+ Unless required by applicable law or agreed to in writing,\r
+ software distributed under the License is distributed on an\r
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY\r
+ KIND, either express or implied. See the License for the\r
+ specific language governing permissions and limitations\r
+ under the License.\r
+\r
+-->\r
+<!--\r
+| deployerConfigContext.xml centralizes into one file some of the declarative configuration that\r
+| all CAS deployers will need to modify.\r
+|\r
+| This file declares some of the Spring-managed JavaBeans that make up a CAS deployment.\r
+| The beans declared in this file are instantiated at context initialization time by the Spring\r
+| ContextLoaderListener declared in web.xml. It finds this file because this\r
+| file is among those declared in the context parameter "contextConfigLocation".\r
+|\r
+| By far the most common change you will need to make in this file is to change the last bean\r
+| declaration to replace the default authentication handler with\r
+| one implementing your approach for authenticating usernames and passwords.\r
++-->\r
+\r
+<beans xmlns="http://www.springframework.org/schema/beans"\r
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"\r
+ xmlns:p="http://www.springframework.org/schema/p"\r
+ xmlns:c="http://www.springframework.org/schema/c"\r
+ xmlns:tx="http://www.springframework.org/schema/tx"\r
+ xmlns:util="http://www.springframework.org/schema/util"\r
+ xmlns:sec="http://www.springframework.org/schema/security"\r
+ xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd\r
+ http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx.xsd\r
+ http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd\r
+ http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd">\r
+\r
+ <!--\r
+ | The authentication manager defines security policy for authentication by specifying at a minimum\r
+ | the authentication handlers that will be used to authenticate credential. While the AuthenticationManager\r
+ | interface supports plugging in another implementation, the default PolicyBasedAuthenticationManager should\r
+ | be sufficient in most cases.\r
+ +-->\r
+ <bean id="authenticationManager" class="org.jasig.cas.authentication.PolicyBasedAuthenticationManager">\r
+ <constructor-arg>\r
+ <map>\r
+ <!--\r
+ | IMPORTANT\r
+ | Every handler requires a unique name.\r
+ | If more than one instance of the same handler class is configured, you must explicitly\r
+ | set its name to something other than its default name (typically the simple class name).\r
+ -->\r
+ <entry key-ref="proxyAuthenticationHandler" value-ref="proxyPrincipalResolver" />\r
+ <entry key-ref="primaryAuthenticationHandler" value-ref="primaryPrincipalResolver" />\r
+ </map>\r
+ </constructor-arg>\r
+\r
+ <!-- Uncomment the metadata populator to capture the password.\r
+ <property name="authenticationMetaDataPopulators">\r
+ <util:list>\r
+ <bean class="org.jasig.cas.authentication.CacheCredentialsMetaDataPopulator"/>\r
+ </util:list>\r
+ </property>\r
+ -->\r
+\r
+ <!--\r
+ | Defines the security policy around authentication. Some alternative policies that ship with CAS:\r
+ |\r
+ | * NotPreventedAuthenticationPolicy - all credential must either pass or fail authentication\r
+ | * AllAuthenticationPolicy - all presented credential must be authenticated successfully\r
+ | * RequiredHandlerAuthenticationPolicy - specifies a handler that must authenticate its credential to pass\r
+ -->\r
+ <property name="authenticationPolicy">\r
+ <bean class="org.jasig.cas.authentication.AnyAuthenticationPolicy" />\r
+ </property>\r
+ </bean>\r
+\r
+ <!-- Required for proxy ticket mechanism. -->\r
+ <bean id="proxyAuthenticationHandler"\r
+ class="org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler"\r
+ p:httpClient-ref="supportsTrustStoreSslSocketFactoryHttpClient" />\r
+\r
+ <!--\r
+ | TODO: Replace this component with one suitable for your enviroment.\r
+ |\r
+ | This component provides authentication for the kind of credential used in your environment. In most cases\r
+ | credential is a username/password pair that lives in a system of record like an LDAP directory.\r
+ | The most common authentication handler beans:\r
+ |\r
+ | * org.jasig.cas.authentication.LdapAuthenticationHandler\r
+ | * org.jasig.cas.adaptors.jdbc.QueryDatabaseAuthenticationHandler\r
+ | * org.jasig.cas.adaptors.x509.authentication.handler.support.X509CredentialsAuthenticationHandler\r
+ | * org.jasig.cas.support.spnego.authentication.handler.support.JCIFSSpnegoAuthenticationHandler\r
+ -->\r
+ <bean id="primaryAuthenticationHandler"\r
+ class="org.jasig.cas.authentication.AcceptUsersAuthenticationHandler">\r
+ <property name="users">\r
+ <map>\r
+ <entry key="casuser" value="Mellon"/>\r
+ <entry key="test" value="test"/>\r
+ <entry key="gustavo" value="gustavo"/>\r
+ </map>\r
+ </property>\r
+ </bean>\r
+\r
+ <!-- Required for proxy ticket mechanism -->\r
+ <bean id="proxyPrincipalResolver"\r
+ class="org.jasig.cas.authentication.principal.BasicPrincipalResolver" />\r
+\r
+ <!--\r
+ | Resolves a principal from a credential using an attribute repository that is configured to resolve\r
+ | against a deployer-specific store (e.g. LDAP).\r
+ -->\r
+ <bean id="primaryPrincipalResolver"\r
+ class="org.jasig.cas.authentication.principal.PersonDirectoryPrincipalResolver"\r
+ p:principalFactory-ref="principalFactory"\r
+ p:attributeRepository-ref="attributeRepository" />\r
+\r
+ <!--\r
+ Bean that defines the attributes that a service may return. This example uses the Stub/Mock version. A real implementation\r
+ may go against a database or LDAP server. The id should remain "attributeRepository" though.\r
+ +-->\r
+ <bean id="attributeRepository" class="org.jasig.services.persondir.support.NamedStubPersonAttributeDao"\r
+ p:backingMap-ref="attrRepoBackingMap" />\r
+\r
+ <util:map id="attrRepoBackingMap">\r
+ <entry key="uid" value="uid" />\r
+ <entry key="eduPersonAffiliation" value="eduPersonAffiliation" />\r
+ <entry key="groupMembership" value="groupMembership" />\r
+ <entry>\r
+ <key><value>memberOf</value></key>\r
+ <list>\r
+ <value>faculty</value>\r
+ <value>staff</value>\r
+ <value>org</value>\r
+ </list>\r
+ </entry>\r
+ </util:map>\r
+\r
+ <bean id="serviceRegistryDao" class="org.jasig.cas.services.JsonServiceRegistryDao"\r
+ c:configDirectory="${service.registry.config.location:classpath:services}" />\r
+\r
+ <bean id="auditTrailManager" class="org.jasig.inspektr.audit.support.Slf4jLoggingAuditTrailManager" />\r
+\r
+ <bean id="healthCheckMonitor" class="org.jasig.cas.monitor.HealthCheckMonitor" p:monitors-ref="monitorsList" />\r
+\r
+ <util:list id="monitorsList">\r
+ <bean class="org.jasig.cas.monitor.MemoryMonitor" p:freeMemoryWarnThreshold="10" />\r
+ <!--\r
+ NOTE\r
+ The following ticket registries support SessionMonitor:\r
+ * DefaultTicketRegistry\r
+ * JpaTicketRegistry\r
+ Remove this monitor if you use an unsupported registry.\r
+ -->\r
+ <bean class="org.jasig.cas.monitor.SessionMonitor"\r
+ p:ticketRegistry-ref="ticketRegistry"\r
+ p:serviceTicketCountWarnThreshold="5000"\r
+ p:sessionCountWarnThreshold="100000" />\r
+ </util:list>\r
+</beans>\r
projects / JavaForFun / commitdiff