Skip to end of metadata
Go to start of metadata
Table of Contents

Hopefully these notes will evolve into a more formal tutorial.

This example assumes user roles are stored in a database like so:

Currently works with SAML 1.1 from jasig or by utilizing

            server add-on   ( server version 3.5.1 and above )

            and client add-on ( client version 3.2.1 )


(for CAS 2.0 see

  • Client Mods
    • dependencies

    • org.jasig.cas.client.authentication.Saml11AuthenticationFilter
    • org.jasig.cas.client.validation.Saml11TicketValidationFilter
    • org.jasig.cas.client.util.HttpServletRequestWrapperFilter
    • Add init-param to HttpServletRequestWrapperFilter :

  • Server Mods

    On deployerConfigContext.xml add :

  • Runtime changes
    • in Services Management i.e. /cas/services/ Edit service to 'Ignore Attribute Management via this Tool'


    If you are using InMemoryServiceRegistryDaoImpl as serviceRegistryDao (default config), a way to avoid to edit services at each restart of cas-server is to add a property to the corresponding service in deployerConfigContext.xml :



  • No labels