Jboss AS7 + CAS - in all applications

Question

I have Jboss AS7 and CAS deployed and working.

Also I have a test application deployed "Hello World" and I need to integrate this with CAS. I mean I want to request a login through CAS to acces this app.

So, after this I need to configure this to work something like: I'll have more applications and I want to be able to login in one of my application through CAS and then, even if I change applications, it will remember me.

Can someone tell me how can I do this?

This is my web.xml:

    <web-app id="simple" version="2.4">
    <welcome-file-list>
        <welcome-file>hello.html</welcome-file>
    </welcome-file-list>
</web-app>

<security-constraint>
        <web-resource-collection>
            <web-resource-name>All resources</web-resource-name>
            <description>Protects all resources</description>
            <url-pattern>/*</url-pattern>
        </web-resource-collection>
        <auth-constraint>
            <role-name>*</role-name>
        </auth-constraint>
    </security-constraint>

    <listener>
        <listener-class>org.jasig.cas.client.session.SingleSignOutHttpSessionListener</listener-class>
    </listener>

    <filter>
        <filter-name>CAS Single Sign Out Filter</filter-name>
        <filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class>
  </filter>

  <filter>
        <filter-name>CAS Authentication Filter</filter-name>
        <filter-class>
              org.jasig.cas.client.authentication.Saml11AuthenticationFilter</filter-class>
        <init-param>
              <param-name>casServerLoginUrl</param-name>
              <param-value>https://127.0.0.1:8443/cas/login</param-value>
        </init-param>
        <init-param>
        <param-name>serverName</param-name>
        <param-value>http://127.0.0.1</param-value>
    </init-param>
  </filter>

  <filter>
        <filter-name>CAS Validation Filter</filter-name>
        <filter-class>org.jasig.cas.client.validation.Saml11TicketValidationFilter</filter-class>
        <init-param>
              <param-name>casServerUrlPrefix</param-name>
              <param-value>https://127.0.0.1:8443/cas</param-value>
        </init-param>
        <init-param>
              <param-name>serverName</param-name>
              <param-value>https://127.0.0.1:8443/cas</param-value>
        </init-param>
        <init-param>
              <param-name>redirectAfterValidation</param-name>
              <param-value>true</param-value>
        </init-param>
        <init-param>
              <param-name>tolerance</param-name>
              <param-value>1000</param-value>
        </init-param>
  </filter>

  <filter>
        <filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
        <filter-class>org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filter-class>
  </filter>

  <filter>
        <filter-name>CAS Assertion Thread Local Filter</filter-name>
        <filter-class>org.jasig.cas.client.util.AssertionThreadLocalFilter</filter-class>
  </filter>

  <filter-mapping>
        <filter-name>CAS Single Sign Out Filter</filter-name>
        <url-pattern>/*</url-pattern>
  </filter-mapping>

  <filter-mapping>
        <filter-name>CAS Authentication Filter</filter-name>
        <url-pattern>/*</url-pattern>
  </filter-mapping>

  <filter-mapping>
        <filter-name>CAS Validation Filter</filter-name>
        <url-pattern>/*</url-pattern>
  </filter-mapping>

  <filter-mapping>
        <filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
        <url-pattern>/*</url-pattern>
  </filter-mapping>

  <filter-mapping>
    <filter-name>CAS Assertion Thread Local Filter</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>

UPDATE: After doing your instructions, i get this error when I try to deploy:

12:17:21,765 ERROR [org.jboss.msc.service.fail] (MSC service thread 1-7) MSC00001: Failed to start service jboss.deployment.unit."test.war".INSTALL: org.jboss.msc.service.StartException in service jboss.deployment.unit."test.war".INSTALL: Failed to process phase INSTALL of deployment "test.war"
        at org.jboss.as.server.deployment.DeploymentUnitPhaseService.start(DeploymentUnitPhaseService.java:119) [jboss-as-server-7.1.1.Final.jar:7.1.1.Final]
        at org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1811) [jboss-msc-1.0.2.GA.jar:1.0.2.GA]
        at org.jboss.msc.service.ServiceControllerImpl$StartTask.run(ServiceControllerImpl.java:1746) [jboss-msc-1.0.2.GA.jar:1.0.2.GA]
        at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) [rt.jar:1.7.0_65]
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) [rt.jar:1.7.0_65]
        at java.lang.Thread.run(Thread.java:745) [rt.jar:1.7.0_65]
Caused by: org.jboss.as.server.deployment.DeploymentUnitProcessingException: JBAS018096: Error instantiating container component: authenticator.CasAuthenticator
        at org.jboss.as.web.deployment.WarDeploymentProcessor.getInstance(WarDeploymentProcessor.java:386)
        at org.jboss.as.web.deployment.WarDeploymentProcessor.processDeployment(WarDeploymentProcessor.java:210)
        at org.jboss.as.web.deployment.WarDeploymentProcessor.deploy(WarDeploymentProcessor.java:114)
        at org.jboss.as.server.deployment.DeploymentUnitPhaseService.start(DeploymentUnitPhaseService.java:113) [jboss-as-server-7.1.1.Final.jar:7.1.1.Final]
        ... 5 more
Caused by: java.lang.ClassNotFoundException: authenticator.CasAuthenticator from [Module "deployment.test.war:main" from Service Module Loader]
        at org.jboss.modules.ModuleClassLoader.findClass(ModuleClassLoader.java:190) [jboss-modules.jar:1.1.1.GA]
        at org.jboss.modules.ConcurrentClassLoader.performLoadClassUnchecked(ConcurrentClassLoader.java:468) [jboss-modules.jar:1.1.1.GA]
        at org.jboss.modules.ConcurrentClassLoader.performLoadClassChecked(ConcurrentClassLoader.java:456) [jboss-modules.jar:1.1.1.GA]
        at org.jboss.modules.ConcurrentClassLoader.performLoadClass(ConcurrentClassLoader.java:398) [jboss-modules.jar:1.1.1.GA]
        at org.jboss.modules.ConcurrentClassLoader.loadClass(ConcurrentClassLoader.java:120) [jboss-modules.jar:1.1.1.GA]
        at org.jboss.as.web.deployment.WarDeploymentProcessor.getInstance(WarDeploymentProcessor.java:378)
        ... 8 more

12:17:21,770 INFO  [org.jboss.as.server] (HttpManagementService-threads - 16) JBAS015870: Deploy of deployment "test.war" was rolled back with failure message {"JBAS014671: Failed services" => {"jboss.deployment.unit.\"test.war\".INSTALL" => "org.jboss.msc.service.StartException in service jboss.deployment.unit.\"test.war\".INSTALL: Failed to process phase INSTALL of deployment \"test.war\""}}
12:17:21,771 INFO  [org.jboss.as.controller] (HttpManagementService-threads - 16) JBAS014774: Service status report
JBAS014777:   Services which failed to start:      service jboss.deployment.unit."test.war".INSTALL: org.jboss.msc.service.StartException in service jboss.deployment.unit."test.war".INSTALL: Failed to process phase INSTALL of deployment "test.war"

12:17:21,775 INFO  [org.jboss.as.server.deployment] (MSC service thread 1-9) JBAS015877: Stopped deployment test.war in 3ms

Answer 1

try this one https://github.com/serac/java-cas-client-test & check the differences if its only for hello world proposes...

Answer 2

Define your login-module in the standalone.xml:

<subsystem xmlns="urn:jboss:domain:security:1.2">
        <security-domain name="cas" cache-type="default">
            <authentication>
                <login-module code="authenticator.CasLoginModule" flag="required" module="jasig">
                    <module-option name="ticketValidatorClass" value="org.jasig.cas.client.validation.Saml11TicketValidator"/>
                    <module-option name="casServerUrlPrefix" value="https://localhost:8443/cas"/>
                    <module-option name="roleGroupName" value="Roles"/>
                    <module-option name="defaultRoles" value="FOOBAR"/>
                    <module-option name="roleAttributeNames" value="Roles"/>
                </login-module>
            </authentication>
        </security-domain>

You have already defined your CAS security filters in the web.xml, thats enough and should work.

Are you using CAS protocol between apps and server or CAS? Is your Jasig configured to use SAML 1.1. By default, jasig will use CAS.

If your configuration already works, you should be able to SSO. Did you create a second helloworld to test it?

For reauthentication in other applications, you are redirecting to your CAS server, which already knows that the user is authenticated. So finally, he will redirect him to the application again and provide a CAS ticket.