Sabtu, 24 Maret 2012

SSO with CAS, OpenDS integration with Zimbra and Joomla part 2


Setelah selasai install tomcat 6 langkah berikutnya kita install CAS, bisa anda download di http://www.jasig.org/cas/download, saya menggunakan versi 3.4.10
kemudian simpan di /usr/share/tomcat6/webapps,  setelah itu di extract, setelah selesai di extract copykan file /usr/share/tomcat6/webapps/cas-server-3.4.10/modules/cas-server-webapp-3.4.10.war ke /usr/share/tomcat6/webapps, maka otomatis akan mucul folder /usr/share/tomcat6/webapps//cas-server-webapp-3.4.10,
maka silahkan di buka tomcatnya di https://(your domain/ip address):8443/cas-server-webapp-3.4.10.
ok setelah selai install CAS nya tinggal konfigurasi CAS biar mendukung LDAP..
Supaya CAS bisa mendukung ldap ada beberapa hal yang harus di lakukan :
1. edit pom xml di di rectory CAS server nya, tambahkan baris :
<dependency>
            <groupId>org.jasig.cas</groupId>
            <artifactId>cas-server-support-ldap</artifactId>
            <version>${project.version}</version>
            <scope>runtime</scope>
        </dependency>
2. copy kan file cas-server-support-ldap-3.4.10.jar serta spring-ldap * ke dalam directory lib di CAS server nya.
3 edit deployerConfigContext.xml,
contoh deployerConfigContext.xml , saya copy pastekan karena di inet hanya clue nya saja 


<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
       xmlns:p="http://www.springframework.org/schema/p"
       xmlns:sec="http://www.springframework.org/schema/security"
       xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
       http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.xsd">
        <bean id="contextSource" class="org.springframework.ldap.core.support.LdapContextSource">
  <property name="pooled" value="false"/>

  <property name="url" value="ldap://IP LDAP:PORT" />

  <property name="userDn" value="cn=[Nama MANAGER]"/>
  <property name="password" value="[PASSWDNYA]"/>

  <property name="baseEnvironmentProperties">
    <map>
      <entry key="java.naming.security.authentication" value="simple" />
    </map>
  </property>
</bean>

        <bean id="authenticationManager"
                class="org.jasig.cas.authentication.AuthenticationManagerImpl">
                <property name="credentialsToPrincipalResolvers">
                        <list>
                                <bean
                                        class="org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver" />
                                <bean
                                        class="org.jasig.cas.authentication.principal.HttpBasedServiceCredentialsToPrincipalResolver" />
                        </list>
                </property>

                <property name="authenticationHandlers">
                        <list>
                                <bean class="org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler"
                                        p:httpClient-ref="httpClient" />
                                  <bean class="org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler"
      p:filter="uid=%u"
      p:searchBase="ou=People,dc=DOMAINnya,dc=com"
      p:contextSource-ref="contextSource" />




</list>


 </property>

        </bean>

    <sec:user-service id="userDetailsService">
        <sec:user name="@@THIS SHOULD BE REPLACED@@" password="notused" authorities="ROLE_ADMIN" />
    </sec:user-service>

        <bean id="attributeRepository"
                class="org.jasig.services.persondir.support.StubPersonAttributeDao">
                <property name="backingMap">
                        <map>
                                <entry key="uid" value="uid" />
                                <entry key="eduPersonAffiliation" value="eduPersonAffiliation" />
                                <entry key="groupMembership" value="groupMembership" />
                        </map>
                </property>
        </bean>

        <!--
        Sample, in-memory data store for the ServiceRegistry. A real implementation
        would probably want to replace this with the JPA-backed ServiceRegistry DAO
        The name of this bean should remain "serviceRegistryDao".
         -->
        <bean
                id="serviceRegistryDao"
        class="org.jasig.cas.services.InMemoryServiceRegistryDaoImpl">
        </bean>

    <bean id="auditTrailManager" class="com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager" />
</beans>

4. kita restart tomcatnya :


/etc/init.d/tomcat6 restart


bersambung...


Diposting oleh di
Label:

5 komentar:

  1. Unknown25 April 2013 pukul 02.24

    Komentar ini telah dihapus oleh pengarang.

    BalasHapus
  2. Unknown25 April 2013 pukul 02.40

    Komentar ini telah dihapus oleh pengarang.

    BalasHapus
  3. Unknown25 April 2013 pukul 02.41

    Selamat Sore Pak


    Saya mau tanya,
    kenapa setiap saya mengakses
    class="org.jasig.cas.adaptors.ldap.FastBindLdapAuthenticationHandler"


    selalu saja error
    HTTP Status 404 - /cas/login

    type Status report

    message /cas/login

    description The requested resource is not available.

    Apache Tomcat/7.0.30


    Apa yg salah ya Pak? mohon sekali bantuannya

    BalasHapus
  4. Gernoble_9525 April 2013 pukul 21.19

    kalau di lihat dari error nya sepertinya module ldap nya belum jalan, copy paste saja script di atas terus ganti saja search base + passwd ldap nya..

    BalasHapus
  5. Unknown27 Maret 2014 pukul 06.51

    sore pak adakah tutorial untuk integrasi dengan web client php

    BalasHapus

Langganan: Posting Komentar (Atom)