Skip to end of metadata
Go to start of metadata
Table of Contents

The Spring Framework is a popular, layered Java/J2EE application framework, with features including powerful JavaBeans-based configuration management; generic abstraction for transaction management; JDBC abstraction layer; integration with Hibernate, JDO and iBATIS SQL Maps; rich AOP functionality; and a flexible web MVC framework. Spring provides packages that assist in building complex web applications, web services endpoints, and Swing-based rich clients.

The Spring Security provides a wide range of security services for Spring-based applications, including method interception, web request interception and redirection, and rich client (Swing) integration. Spring Security maintains packages which provide full integration with CAS. The packages also allow (but do not require) Spring Security's AuthenticationProviders - which include JDBC, in-memory and JAAS wrapper providers - to be used as CAS PasswordHandlers, easing migration from stand-alone Spring Security applications to a CAS-managed environment.

Got examples?
Do you have a concrete example of using Spring with CAS? Do you have stories to share of hard work, elegance, or virtuous laziness resulting in a successful project (or even one that wasn't so successful?) Please comment on this page, we'd love to add your experiences.

This information originally contributed by by: Ben Alex.

  • No labels

5 Comments

  1. I'm trying to replace the SimpleTestUsernamePasswordAuthenticationHandler in the sample deployerConfigContext.xml provided with CAS.  I want to use the AuthenticationManager I'm using in the contacts example provided with Acegi.  It uses a org.acegisecurity.providers.dao.DaoAuthenticationProvider.  All the various pieces seem to work independently, but I can't seem to sew them together properly.
    tomcat complains when I start it: "...Failed to convert property value of type [java.util.ArrayList] to required type [org.jasig.cas.authentication.handler.AuthenticationHandler[]] for property 'authenticationHandlers';..."

    Does anyone see what I'm doing wrong?

    <bean id="authenticationManager" class="org.jasig.cas.authentication.AuthenticationManagerImpl">
    <property name="credentialsToPrincipalResolvers">

    <list>

    <bean

    class="org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver" />

    <bean

    class="org.jasig.cas.authentication.principal.HttpBasedServiceCredentialsToPrincipalResolver" />

    </list>

    </property>

    <property name="authenticationHandlers">

    <list>

    <bean

    class="org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler" />

    <bean class="org.acegisecurity.adapters.cas.CasPasswordHandler">

    <property name="authenticationManager" ref="myAuthenticationManager"/>

     

    </bean>

     

    </list>

    </property>

    </bean>

    Thanks in advance,
    Shari

    1. Shari,

      It might be best to post to the mailing list rather than as comments to this wiki. Nonetheless:

      Acegi's CasPasswordHandler does not implement CAS's AuthenticationHandler API, and so cannot be used as an AuthenticationHandler here.

      http://www.acegisecurity.org/multiproject/acegi-security-cas/apidocs/org/acegisecurity/adapters/cas/CasPasswordHandler.html

      In CAS3, you instead need to use CasAuthenticationHandler. http://www.acegisecurity.org/multiproject/acegi-security-cas/apidocs/org/acegisecurity/adapters/cas3/CasAuthenticationHandler.html

      Andrew

  2. Note that the CasAuthenticationHandler is scheduled for release in Acegi 1.0 Final. Its been added since 1.0RC2

  3. Can I use this  forc/s client?

  4. This is a powerpoint of a working test using Acegi with CAS. Note: This was done in 2006.

    Link:

    http://www.mallsop.com/downloads/Using_CAS_with_Acegi.ppt