From e6a06d99592849a548564a669155f0f94f2056fe Mon Sep 17 00:00:00 2001
From: Gustavo Martin Morcuende <gu.martinm@gmail.com>
Date: Sun, 4 Oct 2015 16:41:50 +0200
Subject: [PATCH] CAS: cas and cas-management

For being used with my centos-httpd-cas and centos-tomcat-cas docker containers.
---
 CAS/CAS-MANAGEMENT/README                          |   1 +
 CAS/CAS-MANAGEMENT/pom.xml                         |  72 +++++++
 .../main/webapp/WEB-INF/cas-management.properties  |  71 +++++++
 .../src/main/webapp/WEB-INF/classes/log4j2.xml     |  67 +++++++
 ...cesManagementWebApplication-52497044623301.json |  28 +++
 .../webapp/WEB-INF/classes/user-details.properties |  30 +++
 CAS/CAS/README                                     |   1 +
 CAS/CAS/pom.xml                                    |  72 +++++++
 CAS/CAS/src/main/webapp/WEB-INF/cas.properties     | 216 +++++++++++++++++++++
 CAS/CAS/src/main/webapp/WEB-INF/classes/log4j2.xml |  83 ++++++++
 .../webapp/WEB-INF/classes/services/mod-cas.json   |  11 ++
 .../main/webapp/WEB-INF/deployerConfigContext.xml  | 180 +++++++++++++++++
 12 files changed, 832 insertions(+)
 create mode 100644 CAS/CAS-MANAGEMENT/README
 create mode 100644 CAS/CAS-MANAGEMENT/pom.xml
 create mode 100644 CAS/CAS-MANAGEMENT/src/main/webapp/WEB-INF/cas-management.properties
 create mode 100644 CAS/CAS-MANAGEMENT/src/main/webapp/WEB-INF/classes/log4j2.xml
 create mode 100644 CAS/CAS-MANAGEMENT/src/main/webapp/WEB-INF/classes/services/ServicesManagementWebApplication-52497044623301.json
 create mode 100644 CAS/CAS-MANAGEMENT/src/main/webapp/WEB-INF/classes/user-details.properties
 create mode 100644 CAS/CAS/README
 create mode 100644 CAS/CAS/pom.xml
 create mode 100644 CAS/CAS/src/main/webapp/WEB-INF/cas.properties
 create mode 100644 CAS/CAS/src/main/webapp/WEB-INF/classes/log4j2.xml
 create mode 100644 CAS/CAS/src/main/webapp/WEB-INF/classes/services/mod-cas.json
 create mode 100644 CAS/CAS/src/main/webapp/WEB-INF/deployerConfigContext.xml

diff --git a/CAS/CAS-MANAGEMENT/README b/CAS/CAS-MANAGEMENT/README
new file mode 100644
index 0000000..a7d9734
--- /dev/null
+++ b/CAS/CAS-MANAGEMENT/README
@@ -0,0 +1 @@
+mvn clean package -DskipTests=true
diff --git a/CAS/CAS-MANAGEMENT/pom.xml b/CAS/CAS-MANAGEMENT/pom.xml
new file mode 100644
index 0000000..bc20568
--- /dev/null
+++ b/CAS/CAS-MANAGEMENT/pom.xml
@@ -0,0 +1,72 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+    xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+  <modelVersion>4.0.0</modelVersion>
+  <groupId>de.example.cas</groupId>
+  <artifactId>gumartinm-cas-management</artifactId>
+  <packaging>war</packaging>
+  <version>1.0-SNAPSHOT</version>
+  <build>
+    <plugins>
+      <plugin>
+        <artifactId>maven-war-plugin</artifactId>
+          <configuration>
+             <warName>cas-management</warName>
+          </configuration>
+      </plugin>
+    </plugins>
+  </build>
+  <dependencies>
+    <dependency>
+      <groupId>org.jasig.cas</groupId>
+      <artifactId>cas-management-webapp</artifactId>
+      <version>${cas.version}</version>
+      <type>war</type>
+      <scope>runtime</scope>
+    </dependency>
+    <dependency>
+      <groupId>org.jasig.cas</groupId>
+      <artifactId>cas-server-support-ldap</artifactId>
+      <version>${cas.version}</version>
+    </dependency>
+    <dependency>
+      <groupId>commons-dbcp</groupId>
+      <artifactId>commons-dbcp</artifactId>
+      <version>1.4</version>
+      <scope>runtime</scope>
+    </dependency>
+    <dependency>
+      <groupId>mysql</groupId>
+      <artifactId>mysql-connector-java</artifactId>
+      <version>5.1.36</version>
+      <scope>runtime</scope>
+    </dependency>
+    <dependency>
+      <groupId>org.hibernate</groupId>
+      <artifactId>hibernate-entitymanager</artifactId>
+      <version>5.0.1.Final</version>
+      <scope>runtime</scope>
+      <type>jar</type>
+    </dependency>
+    <dependency>
+      <groupId>concurrent</groupId>
+      <artifactId>concurrent</artifactId>
+      <version>1.3.4</version>
+      <scope>runtime</scope>
+    </dependency>
+  </dependencies>
+  <properties>
+    <cas.version>4.1.0</cas.version>
+  </properties>
+  <repositories>
+    <repository>
+      <id>ja-sig</id>
+      <url>http://oss.sonatype.org/content/repositories/releases/</url>
+    </repository>
+    <repository>
+      <id>jboss</id>
+      <url>http://repository.jboss.org/nexus/content/groups/public-jboss/</url>
+    </repository>
+  </repositories>
+</project>
diff --git a/CAS/CAS-MANAGEMENT/src/main/webapp/WEB-INF/cas-management.properties b/CAS/CAS-MANAGEMENT/src/main/webapp/WEB-INF/cas-management.properties
new file mode 100644
index 0000000..d9f6086
--- /dev/null
+++ b/CAS/CAS-MANAGEMENT/src/main/webapp/WEB-INF/cas-management.properties
@@ -0,0 +1,71 @@
+#
+# Licensed to Apereo under one or more contributor license
+# agreements. See the NOTICE file distributed with this work
+# for additional information regarding copyright ownership.
+# Apereo licenses this file to you under the Apache License,
+# Version 2.0 (the "License"); you may not use this file
+# except in compliance with the License.  You may obtain a
+# copy of the License at the following location:
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+
+# hosts and urls
+
+# CAS
+cas.host=https://192.168.1.11:8443
+cas.prefix=${cas.host}/cas
+cas.securityContext.casProcessingFilterEntryPoint.loginUrl=${cas.prefix}/login
+cas.securityContext.ticketValidator.casServerUrlPrefix=${cas.prefix}
+
+# Management
+cas-management.host=${cas.host}
+cas-management.prefix=${cas-management.host}/cas-management
+cas-management.securityContext.serviceProperties.service=${cas-management.prefix}/login/cas
+cas-management.securityContext.serviceProperties.adminRoles=hasRole('ROLE_ADMIN')
+
+# views
+cas-management.viewResolver.basename=default_views
+
+##
+# User details file location that contains list of users
+# who are allowed access to the management webapp:
+# 
+# user.details.file.location = classpath:user-details.properties
+
+##
+# JSON Service Registry
+#
+# Directory location where JSON service files may be found.
+# service.registry.config.location=classpath:services
+
+##
+# Database flavors for Hibernate
+#
+# One of these is needed if you are storing Services in an RDBMS via JPA.
+#
+# database.hibernate.dialect=org.hibernate.dialect.OracleDialect
+# database.hibernate.dialect=org.hibernate.dialect.MySQLInnoDBDialect
+# database.hibernate.dialect=org.hibernate.dialect.HSQLDialect
+
+##
+# Log4j
+# Default sourced from WEB-INF/spring-configuration/log4jConfiguration.xml:
+#
+# It is often time helpful to externalize log4j.xml to a system path to preserve settings between upgrades.
+# e.g. log4j.config.location=file:/etc/cas/log4j2.xml
+# log4j.config.location=classpath:log4j2.xml
+
+##
+# Metrics
+# Default sourced from WEB-INF/spring-configuration/metricsConfiguration.xml:
+#
+# Define how often should metric data be reported. Default is 30 seconds.
+# metrics.refresh.internal=30s
diff --git a/CAS/CAS-MANAGEMENT/src/main/webapp/WEB-INF/classes/log4j2.xml b/CAS/CAS-MANAGEMENT/src/main/webapp/WEB-INF/classes/log4j2.xml
new file mode 100644
index 0000000..87b05c2
--- /dev/null
+++ b/CAS/CAS-MANAGEMENT/src/main/webapp/WEB-INF/classes/log4j2.xml
@@ -0,0 +1,67 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+
+<!--
+    AVISO: ES MUCHO MEJOR PONER ESTE ARCHIVO EN /etc/cas DEL SERVIDOR
+    DONDE SE EJECUTA EL Tomcat QUE CORRE ESTA APLICACION.
+
+    DE ESTE MODO, ES EL ADMINISTRADOR DEL SERVIDOR EL QUE PUEDE CONTROLAR A SU GUSTO
+    DONDE Y COMO SE VAN A GENERAR LOS LOGS.
+
+    VER: cas-management.properties PARA SABER COMO PONER ESTE ARCHIVO EN POR EJEMPLO /etc/cas
+-->
+
+<!--
+
+    Licensed to Apereo under one or more contributor license
+    agreements. See the NOTICE file distributed with this work
+    for additional information regarding copyright ownership.
+    Apereo licenses this file to you under the Apache License,
+    Version 2.0 (the "License"); you may not use this file
+    except in compliance with the License.  You may obtain a
+    copy of the License at the following location:
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+    Unless required by applicable law or agreed to in writing,
+    software distributed under the License is distributed on an
+    "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+    KIND, either express or implied.  See the License for the
+    specific language governing permissions and limitations
+    under the License.
+
+-->
+<!-- Specify the refresh internal in seconds. -->
+<Configuration monitorInterval="60">
+    <Appenders>
+        <Console name="console" target="SYSTEM_OUT">
+            <PatternLayout pattern="%d %p [%c] - &lt;%m&gt;%n"/>
+        </Console>
+        <RollingFile name="cas-management" fileName="/opt/tomcat/apache-tomcat-8.0.26/logs/cas-management.log" append="true"
+                     filePattern="cas-management-%d{yyyy-MM-dd-HH}-%i.log.gz">
+            <PatternLayout pattern="%d %p [%c] - %m%n"/>
+            <Policies>
+                <OnStartupTriggeringPolicy />
+                <SizeBasedTriggeringPolicy size="512 KB"/>
+                <TimeBasedTriggeringPolicy />
+            </Policies>
+        </RollingFile>
+    </Appenders>
+    <Loggers>
+        <Logger name="org.springframework" level="warn" />
+        <Logger name="org.springframework.webflow" level="warn" />
+        <Logger name="org.springframework.web" level="warn" />
+        <Logger name="org.springframework.security" level="warn" />
+
+        <Logger name="org.jasig" level="debug" additivity="false">
+            <AppenderRef ref="cas-management"/>
+            <AppenderRef ref="console"/>
+        </Logger>
+        <Logger name="org.jasig.inspektr.audit.support.Slf4jLoggingAuditTrailManager" level="info">
+            <AppenderRef ref="cas-management"/>
+        </Logger>
+
+        <Root level="error">
+            <AppenderRef ref="console"/>
+        </Root>
+    </Loggers>
+</Configuration>
diff --git a/CAS/CAS-MANAGEMENT/src/main/webapp/WEB-INF/classes/services/ServicesManagementWebApplication-52497044623301.json b/CAS/CAS-MANAGEMENT/src/main/webapp/WEB-INF/classes/services/ServicesManagementWebApplication-52497044623301.json
new file mode 100644
index 0000000..3857efb
--- /dev/null
+++ b/CAS/CAS-MANAGEMENT/src/main/webapp/WEB-INF/classes/services/ServicesManagementWebApplication-52497044623301.json
@@ -0,0 +1,28 @@
+{
+  "@class" : "org.jasig.cas.services.RegexRegisteredService",
+  "serviceId" : "https://192.168.1.11:8443/cas-management/login/cas",
+  "name" : "Services Management Web Application",
+  "id" : 52497044623301,
+  "description" : "Services Management Web Application",
+  "proxyPolicy" : {
+    "@class" : "org.jasig.cas.services.RefuseRegisteredServiceProxyPolicy"
+  },
+  "evaluationOrder" : 2,
+  "usernameAttributeProvider" : {
+    "@class" : "org.jasig.cas.services.DefaultRegisteredServiceUsernameProvider"
+  },
+  "logoutType" : "BACK_CHANNEL",
+  "attributeReleasePolicy" : {
+    "@class" : "org.jasig.cas.services.ReturnAllowedAttributeReleasePolicy",
+    "principalAttributesRepository" : {
+      "@class" : "org.jasig.cas.authentication.principal.DefaultPrincipalAttributesRepository"
+    },
+    "authorizedToReleaseCredentialPassword" : false,
+    "authorizedToReleaseProxyGrantingTicket" : false
+  },
+  "accessStrategy" : {
+    "@class" : "org.jasig.cas.services.DefaultRegisteredServiceAccessStrategy",
+    "enabled" : true,
+    "ssoEnabled" : true
+  }
+}
diff --git a/CAS/CAS-MANAGEMENT/src/main/webapp/WEB-INF/classes/user-details.properties b/CAS/CAS-MANAGEMENT/src/main/webapp/WEB-INF/classes/user-details.properties
new file mode 100644
index 0000000..c362499
--- /dev/null
+++ b/CAS/CAS-MANAGEMENT/src/main/webapp/WEB-INF/classes/user-details.properties
@@ -0,0 +1,30 @@
+ #
+# Licensed to Apereo under one or more contributor license
+# agreements. See the NOTICE file distributed with this work
+# for additional information regarding copyright ownership.
+# Apereo licenses this file to you under the Apache License,
+# Version 2.0 (the "License"); you may not use this file
+# except in compliance with the License.  You may obtain a
+# copy of the License at the following location:
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+
+# This file lists the set of users that are allowed access to the management app.
+# See this link for more info: 
+# http://docs.spring.io/spring-security/site/docs/3.0.x/reference/ns-config.html
+#
+# The syntax of each entry should be in the form of:
+# 
+# username=password,grantedAuthority[,grantedAuthority][,enabled|disabled]
+gustavo=gustavo,ROLE_ADMIN
+
+# Example:
+# casuser=notused,ROLE_ADMIN
diff --git a/CAS/CAS/README b/CAS/CAS/README
new file mode 100644
index 0000000..a7d9734
--- /dev/null
+++ b/CAS/CAS/README
@@ -0,0 +1 @@
+mvn clean package -DskipTests=true
diff --git a/CAS/CAS/pom.xml b/CAS/CAS/pom.xml
new file mode 100644
index 0000000..28e4714
--- /dev/null
+++ b/CAS/CAS/pom.xml
@@ -0,0 +1,72 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+    xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+  <modelVersion>4.0.0</modelVersion>
+  <groupId>de.example.cas</groupId>
+  <artifactId>gumartinm-cas</artifactId>
+  <packaging>war</packaging>
+  <version>1.0-SNAPSHOT</version>
+  <build>
+    <plugins>
+      <plugin>
+        <artifactId>maven-war-plugin</artifactId>
+          <configuration>
+             <warName>cas</warName>
+          </configuration>
+      </plugin>
+    </plugins>
+  </build>
+  <dependencies>
+    <dependency>
+      <groupId>org.jasig.cas</groupId>
+      <artifactId>cas-server-webapp</artifactId>
+      <version>${cas.version}</version>
+      <type>war</type>
+      <scope>runtime</scope>
+    </dependency>
+    <dependency>
+      <groupId>org.jasig.cas</groupId>
+      <artifactId>cas-server-support-ldap</artifactId>
+      <version>${cas.version}</version>
+    </dependency>
+    <dependency>
+      <groupId>commons-dbcp</groupId>
+      <artifactId>commons-dbcp</artifactId>
+      <version>1.4</version>
+      <scope>runtime</scope>
+    </dependency>
+    <dependency>
+      <groupId>mysql</groupId>
+      <artifactId>mysql-connector-java</artifactId>
+      <version>5.1.36</version>
+      <scope>runtime</scope>
+    </dependency>
+    <dependency>
+      <groupId>org.hibernate</groupId>
+      <artifactId>hibernate-entitymanager</artifactId>
+      <version>5.0.1.Final</version>
+      <scope>runtime</scope>
+      <type>jar</type>
+    </dependency>
+    <dependency>
+      <groupId>concurrent</groupId>
+      <artifactId>concurrent</artifactId>
+      <version>1.3.4</version>
+      <scope>runtime</scope>
+    </dependency>
+  </dependencies>
+  <properties>
+    <cas.version>4.1.0</cas.version>
+  </properties>
+  <repositories>
+    <repository>
+      <id>ja-sig</id>
+      <url>http://oss.sonatype.org/content/repositories/releases/</url>
+    </repository>
+    <repository>
+      <id>jboss</id>
+      <url>http://repository.jboss.org/nexus/content/groups/public-jboss/</url>
+    </repository>
+  </repositories>
+</project>
diff --git a/CAS/CAS/src/main/webapp/WEB-INF/cas.properties b/CAS/CAS/src/main/webapp/WEB-INF/cas.properties
new file mode 100644
index 0000000..4647335
--- /dev/null
+++ b/CAS/CAS/src/main/webapp/WEB-INF/cas.properties
@@ -0,0 +1,216 @@
+#
+# Licensed to Apereo under one or more contributor license
+# agreements. See the NOTICE file distributed with this work
+# for additional information regarding copyright ownership.
+# Apereo licenses this file to you under the Apache License,
+# Version 2.0 (the "License"); you may not use this file
+# except in compliance with the License.  You may obtain a
+# copy of the License at the following location:
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+
+server.name=https://192.168.1.11:8443
+server.prefix=${server.name}/cas
+
+# Spring Security's EL-based access rules for the /status URI of CAS that exposes health check information
+cas.securityContext.status.access=permitAll
+
+# Spring Security's EL-based access rules for the /statistics URI of CAS that exposes stats about the CAS server
+cas.securityContext.statistics.access=hasIpAddress('127.0.0.1')
+
+cas.themeResolver.defaultThemeName=cas-theme-default
+
+# Path prefix for where views are to be found
+# cas.viewResolver.defaultViewsPathPrefix=/WEB-INF/view/jsp/default/ui/
+
+# Location of the Spring xml config file where views may be collected
+# cas.viewResolver.xmlFile=/META-INF/spring/views.xml
+
+##
+# Unique CAS node name
+# host.name is used to generate unique Service Ticket IDs and SAMLArtifacts.  This is usually set to the specific
+# hostname of the machine running the CAS node, but it could be any label so long as it is unique in the cluster.
+# host.name=cas01.example.org
+host.name=192.168.1.11
+
+##
+# Database flavors for Hibernate
+#
+# One of these is needed if you are storing Services or Tickets in an RDBMS via JPA.
+#
+# database.hibernate.dialect=org.hibernate.dialect.OracleDialect
+database.hibernate.dialect=org.hibernate.dialect.MySQLInnoDBDialect
+# database.hibernate.dialect=org.hibernate.dialect.HSQLDialect
+# database.hibernate.batchSize=10
+
+##
+# CAS SSO Cookie Generation & Security
+# See https://github.com/mitreid-connect/json-web-key-generator
+#
+# Do note that the following settings MUST be generated per deployment.
+#
+# Defaults at spring-configuration/ticketGrantingTicketCookieGenerator.xml
+# The encryption secret key. By default, must be a octet string of size 256.
+tgc.encryption.key=1PbwSbnHeinpkZOSZjuSJ8yYpUrInm5aaV18J2Ar4rM
+
+# The signing secret key. By default, must be a octet string of size 512.
+tgc.signing.key=szxK-5_eJjs-aUj-64MpUZ-GPPzGLhYPLGl0wrYjYNVAGva2P0lLe6UGKGM7k8dWxsOVGutZWgvmY3l5oVPO3w
+
+##
+# CAS Logout Behavior
+# WEB-INF/cas-servlet.xml
+#
+# Specify whether CAS should redirect to the specified service parameter on /logout requests
+# cas.logout.followServiceRedirects=false
+
+##
+# CAS Cached Attributes Timeouts
+# Controls the cached attribute expiration policy
+#
+# Notes the duration in which attributes will be kept alive
+# cas.attrs.timeToExpireInHours=2
+
+##
+# Single Sign-On Session
+#
+# Indicates whether an SSO session should be created for renewed authentication requests.
+# create.sso.renewed.authn=true
+#
+# Indicates whether an SSO session can be created if no service is present.
+# create.sso.missing.service=true
+
+##
+# Spring Webflow Web Application Session
+# Define the settings that are required to encrypt and persist the CAS web application session.
+# See the cas-servlet.xml file to understand how these properties are used.
+#
+# cas.webflow.cipher.alg=AES
+# cas.webflow.cipher.mode=CBC
+# cas.webflow.cipher.padding=PKCS7
+# cas.webflow.keystore=classpath:/etc/keystore.jceks
+# cas.webflow.keystore.type=JCEKS
+# cas.webflow.keystore.password=changeit
+# cas.webflow.keyalias=aes128
+# cas.webflow.keypassword=changeit
+##
+# Single Sign-On Session Timeouts
+# Defaults sourced from WEB-INF/spring-configuration/ticketExpirationPolices.xml
+#
+# Maximum session timeout - TGT will expire in maxTimeToLiveInSeconds regardless of usage
+# tgt.maxTimeToLiveInSeconds=28800
+#
+# Idle session timeout -  TGT will expire sooner than maxTimeToLiveInSeconds if no further requests
+# for STs occur within timeToKillInSeconds
+# tgt.timeToKillInSeconds=7200
+
+##
+# Service Ticket Timeout
+# Default sourced from WEB-INF/spring-configuration/ticketExpirationPolices.xml
+#
+# Service Ticket timeout - typically kept short as a control against replay attacks, default is 10s.  You'll want to
+# increase this timeout if you are manually testing service ticket creation/validation via tamperdata or similar tools
+# st.timeToKillInSeconds=10
+
+## 
+# Http Client Settings
+#
+# The http client read timeout in milliseconds
+# http.client.read.timeout=5000
+
+# The http client connection timeout in milliseconds
+# http.client.connection.timeout=5000
+#
+# The http client truststore file, in addition to the default's
+# http.client.truststore.file=classpath:truststore.jks
+#
+# The http client truststore's password
+# http.client.truststore.psw=changeit
+          
+##
+# Single Logout Out Callbacks
+# Default sourced from WEB-INF/spring-configuration/argumentExtractorsConfiguration.xml
+#
+# To turn off all back channel SLO requests set this to true
+# slo.callbacks.disabled=false
+#
+# To send callbacks to endpoints synchronously, set this to false
+# slo.callbacks.asynchronous=true
+
+##
+# CAS Protocol Security Filter
+#
+# Are multi-valued parameters accepted?
+# cas.http.allow.multivalue.params=false
+
+# Define the list of request parameters to examine for sanity
+# cas.http.check.params=ticket,service,renew,gateway,warn,target,SAMLart,pgtUrl,pgt,pgtId,pgtIou,targetService
+
+# Define the list of request parameters only allowed via POST
+# cas.http.allow.post.params=username,password
+
+##
+# JSON Service Registry
+#
+# Directory location where JSON service files may be found.
+# service.registry.config.location=classpath:services
+
+##
+# Service Registry Periodic Reloading Scheduler
+# Default sourced from WEB-INF/spring-configuration/applicationContext.xml
+#
+# Force a startup delay of 2 minutes.
+# service.registry.quartz.reloader.startDelay=120000
+# 
+# Reload services every 2 minutes
+# service.registry.quartz.reloader.repeatInterval=120000
+
+##
+# Log4j
+# Default sourced from WEB-INF/spring-configuration/log4jConfiguration.xml:
+#
+# It is often time helpful to externalize log4j.xml to a system path to preserve settings between upgrades.
+# log4j.config.location=file:///etc/cas/log4j2.xml
+# log4j.config.location=classpath:log4j2.xml
+
+##
+# Metrics
+# Default sourced from WEB-INF/spring-configuration/metricsConfiguration.xml:
+#
+# Define how often should metric data be reported. Default is 30 seconds.
+# metrics.refresh.internal=30s
+
+##
+# Encoding
+#
+# Set the encoding to use for requests. Default is UTF-8
+# httprequest.web.encoding=UTF-8
+
+# Default is true. Switch this to "false" to not enforce the specified encoding in any case,
+# applying it as default response encoding as well.
+# httprequest.web.encoding.force=true
+
+##
+# Reports
+#
+# Setting to whether include the ticket granting ticket id in the report
+# sso.sessions.include.tgt=false
+
+##
+# Password Policy
+#
+# Warn all users of expiration date regardless of warningDays value.
+# password.policy.warnAll=false
+
+# Threshold number of days to begin displaying password expiration warnings.
+# password.policy.warningDays=30
+
+# URL to which the user will be redirected to change the password.
+# password.policy.url=https://password.example.edu/change
diff --git a/CAS/CAS/src/main/webapp/WEB-INF/classes/log4j2.xml b/CAS/CAS/src/main/webapp/WEB-INF/classes/log4j2.xml
new file mode 100644
index 0000000..8d33ba4
--- /dev/null
+++ b/CAS/CAS/src/main/webapp/WEB-INF/classes/log4j2.xml
@@ -0,0 +1,83 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+
+<!--
+    AVISO: ES MUCHO MEJOR PONER ESTE ARCHIVO EN /etc/cas DEL SERVIDOR
+    DONDE SE EJECUTA EL Tomcat QUE CORRE ESTA APLICACION.
+
+    DE ESTE MODO, ES EL ADMINISTRADOR DEL SERVIDOR EL QUE PUEDE CONTROLAR A SU GUSTO
+    DONDE Y COMO SE VAN A GENERAR LOS LOGS.
+
+    VER: cas.properties PARA SABER COMO PONER ESTE ARCHIVO EN POR EJEMPLO /etc/cas
+-->
+
+<!--
+
+    Licensed to Apereo under one or more contributor license
+    agreements. See the NOTICE file distributed with this work
+    for additional information regarding copyright ownership.
+    Apereo licenses this file to you under the Apache License,
+    Version 2.0 (the "License"); you may not use this file
+    except in compliance with the License.  You may obtain a
+    copy of the License at the following location:
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+    Unless required by applicable law or agreed to in writing,
+    software distributed under the License is distributed on an
+    "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+    KIND, either express or implied.  See the License for the
+    specific language governing permissions and limitations
+    under the License.
+
+-->
+
+<!-- Specify the refresh internal in seconds. -->
+<Configuration monitorInterval="60">
+    <Appenders>
+        <Console name="console" target="SYSTEM_OUT">
+            <PatternLayout pattern="%d %p [%c] - &lt;%m&gt;%n"/>
+        </Console>
+        <RollingFile name="file" fileName="/opt/tomcat/apache-tomcat-8.0.26/logs/cas.log" append="true"
+                     filePattern="cas-%d{yyyy-MM-dd-HH}-%i.log">
+            <PatternLayout pattern="%d %p [%c] - %m%n"/>
+            <Policies>
+                <OnStartupTriggeringPolicy />
+                <SizeBasedTriggeringPolicy size="10 MB"/>
+                <TimeBasedTriggeringPolicy />
+            </Policies>
+        </RollingFile>
+        <RollingFile name="perfFileAppender" fileName="/opt/tomcat/apache-tomcat-8.0.26/logs/perfStats.log" append="true"
+                     filePattern="perfStats-%d{yyyy-MM-dd-HH}-%i.log">
+            <PatternLayout pattern="%m%n"/>
+            <Policies>
+                <OnStartupTriggeringPolicy />
+                <SizeBasedTriggeringPolicy size="10 MB"/>
+                <TimeBasedTriggeringPolicy />
+            </Policies>
+        </RollingFile>
+    </Appenders>
+    <Loggers>
+        <Logger name="org.jasig" level="info" additivity="false">
+            <AppenderRef ref="console"/>
+            <AppenderRef ref="file"/>
+        </Logger>
+        <Logger name="org.springframework" level="warn" />
+        <Logger name="org.springframework.webflow" level="warn" />
+        <Logger name="org.springframework.web" level="warn" />
+        <Logger name="org.springframework.security" level="warn" />
+
+        <Logger name="perfStatsLogger" level="info" additivity="false">
+            <AppenderRef ref="perfFileAppender"/>
+        </Logger>
+
+        <Logger name="org.jasig.cas.web.flow" level="info" additivity="true">
+            <AppenderRef ref="file"/>
+        </Logger>
+        <Logger name="org.jasig.inspektr.audit.support.Slf4jLoggingAuditTrailManager" level="info">
+            <AppenderRef ref="file"/>
+        </Logger>
+        <Root level="error">
+            <AppenderRef ref="console"/>
+        </Root>
+    </Loggers>
+</Configuration>
diff --git a/CAS/CAS/src/main/webapp/WEB-INF/classes/services/mod-cas.json b/CAS/CAS/src/main/webapp/WEB-INF/classes/services/mod-cas.json
new file mode 100644
index 0000000..08c16ef
--- /dev/null
+++ b/CAS/CAS/src/main/webapp/WEB-INF/classes/services/mod-cas.json
@@ -0,0 +1,11 @@
+{
+  "@class" : "org.jasig.cas.services.RegexRegisteredService",
+  "serviceId" : "^http://192.168.1.6/.*",
+  "name" : "apache-mod-cas",
+  "id" : 6969697,
+  "description" : "apache-mod-cas",
+  "usernameAttributeProvider" : {
+    "@class" : "org.jasig.cas.services.PrincipalAttributeRegisteredServiceUsernameProvider",
+    "usernameAttribute" : "cn"
+  }
+}
diff --git a/CAS/CAS/src/main/webapp/WEB-INF/deployerConfigContext.xml b/CAS/CAS/src/main/webapp/WEB-INF/deployerConfigContext.xml
new file mode 100644
index 0000000..f6f3e65
--- /dev/null
+++ b/CAS/CAS/src/main/webapp/WEB-INF/deployerConfigContext.xml
@@ -0,0 +1,180 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<!--
+  EN ESTE ARCHIVO TENGO PUESTO EN EL bean primaryAuthenticationHandler EL USUARIO gustavo CON PASSWORD gustavo.
+
+  gustavo ES EL USUARIO QUE UTILIZARE PARA HACER LOGIN EN EL CAS. ES UNA AUTENTICACION SUPER SIMPLE SOLO PARA PRUEBAS.
+
+  ASI CON gustavo PUEDO ACCEDER A CUALQUIER COSA PROTEGIDA POR mod_auth_cas.
+-->
+
+<!--
+
+    Licensed to Apereo under one or more contributor license
+    agreements. See the NOTICE file distributed with this work
+    for additional information regarding copyright ownership.
+    Apereo licenses this file to you under the Apache License,
+    Version 2.0 (the "License"); you may not use this file
+    except in compliance with the License.  You may obtain a
+    copy of the License at the following location:
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+    Unless required by applicable law or agreed to in writing,
+    software distributed under the License is distributed on an
+    "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+    KIND, either express or implied.  See the License for the
+    specific language governing permissions and limitations
+    under the License.
+
+-->
+<!--
+| deployerConfigContext.xml centralizes into one file some of the declarative configuration that
+| all CAS deployers will need to modify.
+|
+| This file declares some of the Spring-managed JavaBeans that make up a CAS deployment.
+| The beans declared in this file are instantiated at context initialization time by the Spring
+| ContextLoaderListener declared in web.xml.  It finds this file because this
+| file is among those declared in the context parameter "contextConfigLocation".
+|
+| By far the most common change you will need to make in this file is to change the last bean
+| declaration to replace the default authentication handler with
+| one implementing your approach for authenticating usernames and passwords.
++-->
+
+<beans xmlns="http://www.springframework.org/schema/beans"
+       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+       xmlns:p="http://www.springframework.org/schema/p"
+       xmlns:c="http://www.springframework.org/schema/c"
+       xmlns:tx="http://www.springframework.org/schema/tx"
+       xmlns:util="http://www.springframework.org/schema/util"
+       xmlns:sec="http://www.springframework.org/schema/security"
+       xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+       http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx.xsd
+       http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd
+       http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd">
+
+    <!--
+       | The authentication manager defines security policy for authentication by specifying at a minimum
+       | the authentication handlers that will be used to authenticate credential. While the AuthenticationManager
+       | interface supports plugging in another implementation, the default PolicyBasedAuthenticationManager should
+       | be sufficient in most cases.
+       +-->
+    <bean id="authenticationManager" class="org.jasig.cas.authentication.PolicyBasedAuthenticationManager">
+        <constructor-arg>
+            <map>
+                <!--
+                   | IMPORTANT
+                   | Every handler requires a unique name.
+                   | If more than one instance of the same handler class is configured, you must explicitly
+                   | set its name to something other than its default name (typically the simple class name).
+                   -->
+                <entry key-ref="proxyAuthenticationHandler" value-ref="proxyPrincipalResolver" />
+                <entry key-ref="primaryAuthenticationHandler" value-ref="primaryPrincipalResolver" />
+            </map>
+        </constructor-arg>
+
+        <!-- Uncomment the metadata populator to capture the password.
+        <property name="authenticationMetaDataPopulators">
+           <util:list>
+               <bean class="org.jasig.cas.authentication.CacheCredentialsMetaDataPopulator"/>
+           </util:list>
+        </property>
+        -->
+
+        <!--
+           | Defines the security policy around authentication. Some alternative policies that ship with CAS:
+           |
+           | * NotPreventedAuthenticationPolicy - all credential must either pass or fail authentication
+           | * AllAuthenticationPolicy - all presented credential must be authenticated successfully
+           | * RequiredHandlerAuthenticationPolicy - specifies a handler that must authenticate its credential to pass
+           -->
+        <property name="authenticationPolicy">
+            <bean class="org.jasig.cas.authentication.AnyAuthenticationPolicy" />
+        </property>
+    </bean>
+
+    <!-- Required for proxy ticket mechanism. -->
+    <bean id="proxyAuthenticationHandler"
+          class="org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler"
+          p:httpClient-ref="supportsTrustStoreSslSocketFactoryHttpClient" />
+
+    <!--
+       | TODO: Replace this component with one suitable for your enviroment.
+       |
+       | This component provides authentication for the kind of credential used in your environment. In most cases
+       | credential is a username/password pair that lives in a system of record like an LDAP directory.
+       | The most common authentication handler beans:
+       |
+       | * org.jasig.cas.authentication.LdapAuthenticationHandler
+       | * org.jasig.cas.adaptors.jdbc.QueryDatabaseAuthenticationHandler
+       | * org.jasig.cas.adaptors.x509.authentication.handler.support.X509CredentialsAuthenticationHandler
+       | * org.jasig.cas.support.spnego.authentication.handler.support.JCIFSSpnegoAuthenticationHandler
+       -->
+    <bean id="primaryAuthenticationHandler"
+          class="org.jasig.cas.authentication.AcceptUsersAuthenticationHandler">
+        <property name="users">
+            <map>
+                <entry key="casuser" value="Mellon"/>
+                <entry key="test" value="test"/>
+                <entry key="gustavo" value="gustavo"/>
+            </map>
+        </property>
+    </bean>
+
+    <!-- Required for proxy ticket mechanism -->
+    <bean id="proxyPrincipalResolver"
+          class="org.jasig.cas.authentication.principal.BasicPrincipalResolver" />
+
+    <!--
+       | Resolves a principal from a credential using an attribute repository that is configured to resolve
+       | against a deployer-specific store (e.g. LDAP).
+       -->
+    <bean id="primaryPrincipalResolver"
+          class="org.jasig.cas.authentication.principal.PersonDirectoryPrincipalResolver"
+          p:principalFactory-ref="principalFactory"
+          p:attributeRepository-ref="attributeRepository" />
+
+    <!--
+    Bean that defines the attributes that a service may return.  This example uses the Stub/Mock version.  A real implementation
+    may go against a database or LDAP server.  The id should remain "attributeRepository" though.
+    +-->
+    <bean id="attributeRepository" class="org.jasig.services.persondir.support.NamedStubPersonAttributeDao"
+          p:backingMap-ref="attrRepoBackingMap" />
+
+    <util:map id="attrRepoBackingMap">
+        <entry key="uid" value="uid" />
+        <entry key="eduPersonAffiliation" value="eduPersonAffiliation" />
+        <entry key="groupMembership" value="groupMembership" />
+        <entry>
+            <key><value>memberOf</value></key>
+            <list>
+                <value>faculty</value>
+                <value>staff</value>
+                <value>org</value>
+            </list>
+        </entry>
+    </util:map>
+
+    <bean id="serviceRegistryDao" class="org.jasig.cas.services.JsonServiceRegistryDao"
+          c:configDirectory="${service.registry.config.location:classpath:services}" />
+
+    <bean id="auditTrailManager" class="org.jasig.inspektr.audit.support.Slf4jLoggingAuditTrailManager" />
+
+    <bean id="healthCheckMonitor" class="org.jasig.cas.monitor.HealthCheckMonitor" p:monitors-ref="monitorsList" />
+
+    <util:list id="monitorsList">
+        <bean class="org.jasig.cas.monitor.MemoryMonitor" p:freeMemoryWarnThreshold="10" />
+        <!--
+          NOTE
+          The following ticket registries support SessionMonitor:
+            * DefaultTicketRegistry
+            * JpaTicketRegistry
+          Remove this monitor if you use an unsupported registry.
+        -->
+        <bean class="org.jasig.cas.monitor.SessionMonitor"
+              p:ticketRegistry-ref="ticketRegistry"
+              p:serviceTicketCountWarnThreshold="5000"
+              p:sessionCountWarnThreshold="100000" />
+    </util:list>
+</beans>
-- 
2.1.4