Kuali Rice Development
  1. Kuali Rice Development
  2. KULRICE-3041

embedded rice does not allow to specify service URL for CAS integration

    Details

    • Type: Bug Fix Bug Fix
    • Status: Closed Closed
    • Priority: Blocker Blocker
    • Resolution: Won't Fix
    • Affects Version/s: 0.9.4-kfs
    • Fix Version/s: Not version specific
    • Component/s: Configuration
    • Labels:
      None
    • Similar issues:
      KULRICE-9228Allow method to call to not be specified on URL
      KULRICE-6238Document CAS Configuration
      KULRICE-1530Allow for configuration of embedded workflow to call ImmediateEmailService on standalone server
      KULRICE-7169Rice object lookup quickfinders not working when related module is in EMBEDDED mode
      KULRICE-2983Update thin client integration model so that it provides for proper connection to KIM services
      KULRICE-2695Create a rice-sample-applications repository in SVN and update sample embedded and thin client examples from 0.9.2/0.9.3 and put them in there
      KULRICE-9286KualiInquirableTest fails in CI with An inquiry URL to AccountManager should be built
      KULRICE-3213Upgrade Rice to cas-client-core 3.1.6
      KULRICE-13113Remove CAS dependency from Rice
    • Rice Module:
      Rice Core
    • Application Requirement:
      KFS

      Description

      Working on the UofA implementation and trying to use a front-end SSL server that forwards regular HTTP requests to the server but it needs the system to make all links HTTPS.

      redirectToCas method in KualiCasFilter.java is using request URL as the service parameter value, which is fine as long as there is not front end processing of URLs. Our use of ACE for encryption breaks due to the fact that the request seen by the web server is a http request, while the original request is a https request.

      Need a parameter to pass in the service to redirectToCas method or some other way to let it know to redirect those URLs

        Activity

        Hide
        Jonathan Keller added a comment -

        KualiCasFilter will be going away as part of release 1.0 as far as I know. The work to switch to an external CAS instance has already been done on branches of KFS and rice 0.9.4. Those changes should resolve this issue.

        Show
        Jonathan Keller added a comment - KualiCasFilter will be going away as part of release 1.0 as far as I know. The work to switch to an external CAS instance has already been done on branches of KFS and rice 0.9.4. Those changes should resolve this issue.
        Hide
        Tony Potts (Inactive) added a comment -

        is this now in the 0.9.4-kfs branch? if so, do you know when that happened?

        Show
        Tony Potts (Inactive) added a comment - is this now in the 0.9.4-kfs branch? if so, do you know when that happened?
        Hide
        Eric Westfall added a comment -

        Here's the rice branch for this:

        https://test.kuali.org/svn/rice/branches/rice-release-0-9-4-cas-br/

        don't know off the top of my head what the kfs branch is

        Show
        Eric Westfall added a comment - Here's the rice branch for this: https://test.kuali.org/svn/rice/branches/rice-release-0-9-4-cas-br/ don't know off the top of my head what the kfs branch is
        Hide
        Eric Westfall added a comment -

        As per Jonathan's comment, new cas server coming in will effectively resolve this issue.

        Show
        Eric Westfall added a comment - As per Jonathan's comment, new cas server coming in will effectively resolve this issue.
        Hide
        Leo Przybylski (Inactive) added a comment -

        I deployed the kuali-cas-1.0.0.war file, but how do I configure the application to use it now that it's there? Looks like KFS is still using the KualiCasFilter

        Show
        Leo Przybylski (Inactive) added a comment - I deployed the kuali-cas-1.0.0.war file, but how do I configure the application to use it now that it's there? Looks like KFS is still using the KualiCasFilter
        Hide
        Leo Przybylski (Inactive) added a comment -

        As part of our implementation efforts, I documented steps for utilizing the new kuali-cas application part of the CAS Extraction

        Show
        Leo Przybylski (Inactive) added a comment - As part of our implementation efforts, I documented steps for utilizing the new kuali-cas application part of the CAS Extraction
        Hide
        Leo Przybylski (Inactive) added a comment -

        Is there a positive timeline on when the changes in the rice-release-0-9-4-cas-br will be available to KFS implementation? Right now, we're on kfs-200907-implementation-br. It doesn't have these changes. The only way to get them right now is to build a custom casclient-2.1.1.jar each week.

        Show
        Leo Przybylski (Inactive) added a comment - Is there a positive timeline on when the changes in the rice-release-0-9-4-cas-br will be available to KFS implementation? Right now, we're on kfs-200907-implementation-br. It doesn't have these changes. The only way to get them right now is to build a custom casclient-2.1.1.jar each week.
        Hide
        Eric Westfall added a comment - - edited

        These changes have now been integrated. We didn't end up using cas in our dev environment (still using a simple login screen) so as to ease the effort for implementors (i.e. not requiring deployment of a separate cas server) but the other related code is in there now. KualiCasFilter has been removed and you can use the cas filter provided for in cas itself. I've pasted our rice configurationl file that we are using in our tests environments below (this is for https://test.kuali.org/kr-cnv and https://test.kuali.org/kr-stg). You can also modify the web.xml if you like that better (see an example of this in the kfs web.xml).

        <param name="server.url">https://test.kuali.org</param>
        <param name="application.url">$

        {server.url}/kr-${environment}</param>
        ...
        <param name="filter.login.class">org.jasig.cas.client.authentication.AuthenticationFilter</param>
        <param name="filter.login.casServerLoginUrl">https://test.kuali.org/cas-cnv/login</param>
        <param name="filter.login.serverName">${server.url}

        </param>
        <param name="filtermapping.login.1">/*</param>

        <param name="filter.validation.class">org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter</param>
        <param name="filter.validation.casServerUrlPrefix">https://test.kuali.org/cas-cnv</param>
        <param name="filter.validation.serverName">$

        {server.url}

        </param>
        <param name="filtermapping.validation.2">/*</param>

        <param name="filter.caswrapper.class">org.jasig.cas.client.util.HttpServletRequestWrapperFilter</param>
        <param name="filtermapping.caswrapper.3">/*</param>

        Show
        Eric Westfall added a comment - - edited These changes have now been integrated. We didn't end up using cas in our dev environment (still using a simple login screen) so as to ease the effort for implementors (i.e. not requiring deployment of a separate cas server) but the other related code is in there now. KualiCasFilter has been removed and you can use the cas filter provided for in cas itself. I've pasted our rice configurationl file that we are using in our tests environments below (this is for https://test.kuali.org/kr-cnv and https://test.kuali.org/kr-stg ). You can also modify the web.xml if you like that better (see an example of this in the kfs web.xml). <param name="server.url"> https://test.kuali.org </param> <param name="application.url">$ {server.url}/kr-${environment}</param> ... <param name="filter.login.class">org.jasig.cas.client.authentication.AuthenticationFilter</param> <param name="filter.login.casServerLoginUrl"> https://test.kuali.org/cas-cnv/login </param> <param name="filter.login.serverName">${server.url} </param> <param name="filtermapping.login.1">/*</param> <param name="filter.validation.class">org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter</param> <param name="filter.validation.casServerUrlPrefix"> https://test.kuali.org/cas-cnv </param> <param name="filter.validation.serverName">$ {server.url} </param> <param name="filtermapping.validation.2">/*</param> <param name="filter.caswrapper.class">org.jasig.cas.client.util.HttpServletRequestWrapperFilter</param> <param name="filtermapping.caswrapper.3">/*</param>

          People

          • Assignee:
            Eric Westfall
            Reporter:
            Tony Potts (Inactive)
          • Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Structure Helper Panel