New CAS documentation site
CAS documentation has moved over to apereo.github.io/cas, starting with CAS version 4.x. The wiki will no longer be maintained. For the most recent version of the documentation, please refer to the aforementioned link.
Legacy Authentication Handler
Please note that though we support adapting CAS2 PasswordHandlers to CAS3 Authentication Handlers we recommend you upgrade to an Authentication Handler (especially since we have many generic solutions).
Including the Handler
In the pom.xml file for your CAS Maven2 WAR Overlay, add the following dependency:
This class is an extension of the traditional CAS3 UsernamePasswordCredentials to include the HttpServletRequest, which all CAS2 password handler classes expect.
The legacy binder allows for additional binding beyond the normal Spring request parameter/property binding. In this case it sets the request property on the LegacyCasCredentials.
This class basically extracts the properties from the LegacyCasCredentials and passes them to the PasswordHandler.
In your cas-servlet.xml, look for the <literal>AuthenticationViaForm</literal> bean, generally defined as follows:
Modify it so that it looks like this:
This configuration tells the FormAction to use the LegacyCasCredentials and the LegacyCasCredentialsBinder.
Finally, in your deployerConfigContext.xml, you'll need to define your password handler. In most cases you'll want to replace the existing test handler definition with the following:
Note that edu.someschoool.its.cas.MySpecialPasswordHandler should be replaced with your PasswordHandler class name.