[Geoserver-users] Help integrating CAS extension

Jody Garnett

On Fri, Jun 13, 2014 at 6:19 PM, Vikas Mishra <vikasmishra95@anonymised.com> wrote:

Hello everyone I am trying to integrate CAS extension in geoserver but I cant find any documentation anywhere so can anyone please help me out.

Your time and help is much appreciated.
Thanks

–

Vikas Mishra
MSc(Hons) Economics
Birla Institute of Technology & Science, Pilani
KK Birla Goa Campus
8412898899|vikasmishra95@anonymised.com

---

HPCC Systems Open Source Big Data Platform from LexisNexis Risk Solutions
Find What Matters Most in Your Big Data with HPCC Systems
Open Source. Fast. Scalable. Simple. Ideal for Dirty Data.
Leverages Graph Analysis for Fast Processing & Easy Data Exploration
http://p.sf.net/sfu/hpccsystems

---

Geoserver-users mailing list
Geoserver-users@anonymised.comsts.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-users

On Fri, Jun 13, 2014 at 10:19 AM, Vikas Mishra <vikasmishra95@anonymised.com> wrote:

Hello everyone I am trying to integrate CAS extension in geoserver but I cant find any documentation anywhere so can anyone please help me out.

Your time and help is much appreciated.
Thanks

–

Vikas Mishra
MSc(Hons) Economics
Birla Institute of Technology & Science, Pilani
KK Birla Goa Campus
8412898899|vikasmishra95@anonymised.com

---

HPCC Systems Open Source Big Data Platform from LexisNexis Risk Solutions
Find What Matters Most in Your Big Data with HPCC Systems
Open Source. Fast. Scalable. Simple. Ideal for Dirty Data.
Leverages Graph Analysis for Fast Processing & Easy Data Exploration
http://p.sf.net/sfu/hpccsystems

---

Geoserver-users mailing list
Geoserver-users@anonymised.comsts.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-users

–

DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH

On Sat, Jun 21, 2014 at 11:29 AM, Vikas Mishra <vikasmishra95@anonymised.com> wrote:

Hi Christian,
What should I put on at fields ‘cas server url’ since am not using any cas server so how should I put a server url?
Or do I need a cas server and if yes then can you suggest some links?
And please explain other fields as well.
Hope to hear from you soon
Thanks!

–

DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH

On Tue, Jun 17, 2014 at 12:24 AM, Vikas Mishra <vikasmishra95@anonymised.com> wrote:

Christian,
Thanks for the heads up, I appreciate your response and
would contact you again if required regarding this matter.

Thank you!
Vikas Mishra,
BITS-Pilani Goa Campus, Goa
India

On 6/15/14, Christian Mueller <christian.mueller@anonymised.com> wrote:

Hi Vikas

Unfortunately, there is no CAS documentation at the moment. Download the
extension and drop the jar files into your WEB-INF/lib directory. Restart
GeoServer , add an authentication filter and you should see CAS as an
option. Create the CAS filter and configure it. Read the help texts
reachable from the admin GUI.

Christian

On Fri, Jun 13, 2014 at 10:19 AM, Vikas Mishra <vikasmishra95@anonymised.com>
wrote:

Hello everyone I am trying to integrate CAS extension in geoserver but I
cant find any documentation anywhere so can anyone please help me out.

Your time and help is much appreciated.
Thanks

–

Vikas Mishra
MSc(Hons) Economics
Birla Institute of Technology & Science, Pilani

KK Birla Goa Campus
8412898899|vikasmishra95@anonymised.com

---

HPCC Systems Open Source Big Data Platform from LexisNexis Risk Solutions
Find What Matters Most in Your Big Data with HPCC Systems
Open Source. Fast. Scalable. Simple. Ideal for Dirty Data.
Leverages Graph Analysis for Fast Processing & Easy Data Exploration
http://p.sf.net/sfu/hpccsystems

---

Geoserver-users mailing list
Geoserver-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-users

–
DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH

–

Vikas Mishra
MSc(Hons) Economics
Birla Institute of Technology & Science, Pilani

KK Birla Goa Campus
8412898899|vikasmishra95@anonymised.com

–

Vikas Mishra
MSc(Hons) Economics
Birla Institute of Technology & Science, Pilani

KK Birla Goa Campus
8412898899|vikasmishra95@anonymised.com

On Wed, Jun 25, 2014 at 7:50 PM, Vikas Mishra <vikasmishra95@anonymised.com> wrote:

Thanks for all your help Christian I have successfully created a SSO solution for GeoNode using this extension however I still haven’t found a way to create a Authentication Provider as CAS as when I go to add a new Authentication Provider I cant see CAS there but I can see it in FIlter chains so I have used a custom created Auth Provider and I guess that is causing problems with the Single Sign out as it still isn’t functioning properly so It would be great if you could give some work around to create a Authentication Provider and then I’m planning to write a detailed blog post on this topic.

Thanks and Cheers!

–

DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH

On Mon, Jun 23, 2014 at 3:56 PM, Christian Mueller <christian.mueller@anonymised.com> wrote:

Hi Vikas

Please stay on the mailing list.

You need a CAS server, download from here
http://www.jasig.org/cas

The documentation is here
http://jasig.github.io/cas/4.0.0/index.html

Be aware of the fact that you need a SSL setup.

Cheers

Christian

–

Vikas Mishra
MSc(Hons) Economics
Birla Institute of Technology & Science, Pilani
KK Birla Goa Campus
8412898899|vikasmishra95@anonymised.com

On Sat, Jun 21, 2014 at 11:29 AM, Vikas Mishra <vikasmishra95@anonymised.com> wrote:

Hi Christian,
What should I put on at fields ‘cas server url’ since am not using any cas server so how should I put a server url?
Or do I need a cas server and if yes then can you suggest some links?
And please explain other fields as well.
Hope to hear from you soon
Thanks!

–

DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH

On Tue, Jun 17, 2014 at 12:24 AM, Vikas Mishra <vikasmishra95@anonymised.com> wrote:

Christian,
Thanks for the heads up, I appreciate your response and
would contact you again if required regarding this matter.

Thank you!
Vikas Mishra,
BITS-Pilani Goa Campus, Goa
India

On 6/15/14, Christian Mueller <christian.mueller@anonymised.com> wrote:

Hi Vikas

Unfortunately, there is no CAS documentation at the moment. Download the
extension and drop the jar files into your WEB-INF/lib directory. Restart
GeoServer , add an authentication filter and you should see CAS as an
option. Create the CAS filter and configure it. Read the help texts
reachable from the admin GUI.

Christian

On Fri, Jun 13, 2014 at 10:19 AM, Vikas Mishra <vikasmishra95@anonymised.com>
wrote:

Hello everyone I am trying to integrate CAS extension in geoserver but I
cant find any documentation anywhere so can anyone please help me out.

Your time and help is much appreciated.
Thanks

–

Vikas Mishra
MSc(Hons) Economics
Birla Institute of Technology & Science, Pilani

KK Birla Goa Campus
8412898899|vikasmishra95@anonymised.com

---

HPCC Systems Open Source Big Data Platform from LexisNexis Risk Solutions
Find What Matters Most in Your Big Data with HPCC Systems
Open Source. Fast. Scalable. Simple. Ideal for Dirty Data.
Leverages Graph Analysis for Fast Processing & Easy Data Exploration
http://p.sf.net/sfu/hpccsystems

---

Geoserver-users mailing list
Geoserver-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-users

–
DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH

–

Vikas Mishra
MSc(Hons) Economics
Birla Institute of Technology & Science, Pilani

KK Birla Goa Campus
8412898899|vikasmishra95@anonymised.com

–

Vikas Mishra
MSc(Hons) Economics
Birla Institute of Technology & Science, Pilani

KK Birla Goa Campus
8412898899|vikasmishra95@anonymised.com

On Thu, Jun 26, 2014 at 9:32 AM, Vikas Mishra <vikasmishra95@anonymised.com> wrote:

–

DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH

Hi Christian,
Is it possible to have a filter chain without a authentication provider?
Here’s how my security/config.xml file looks like

default

customAuthProvider

default

pbePasswordEncoder

false

CasAuthenticationFilter

rememberme

form

anonymous

form

formLogout

CasAuthenticationFilter

basic

anonymous

CasAuthenticationFilter

basic

CasAuthenticationFilter

CasAuthenticationFilter

org.geoserver.security.rememberme.GeoServerTokenBasedRememberMeServices

geoserver

Now here if I remove the “customAuthProvider” I get a “Java Integrity error”, so I guess it does need it, any ideas?

On Thu, Jun 26, 2014 at 12:44 PM, Christian Mueller <christian.mueller@anonymised.com> wrote:

Hi Vikas

Please stay on the mailing list, this topic might be of interest for other people. Normally, developers do not answer personal mails.

CAS does not need an Authentication Provider, the filter should be enough. A good idea is to enable Session Creation for each filter chain containing the CAS filter.

Cheers

Christian

–

Vikas Mishra
MSc(Hons) Economics
Birla Institute of Technology & Science, Pilani
KK Birla Goa Campus
8412898899|vikasmishra95@anonymised.com

On Wed, Jun 25, 2014 at 7:50 PM, Vikas Mishra <vikasmishra95@anonymised.com> wrote:

Thanks for all your help Christian I have successfully created a SSO solution for GeoNode using this extension however I still haven’t found a way to create a Authentication Provider as CAS as when I go to add a new Authentication Provider I cant see CAS there but I can see it in FIlter chains so I have used a custom created Auth Provider and I guess that is causing problems with the Single Sign out as it still isn’t functioning properly so It would be great if you could give some work around to create a Authentication Provider and then I’m planning to write a detailed blog post on this topic.

Thanks and Cheers!

–

DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH

On Mon, Jun 23, 2014 at 3:56 PM, Christian Mueller <christian.mueller@anonymised.com> wrote:

Hi Vikas

Please stay on the mailing list.

You need a CAS server, download from here
http://www.jasig.org/cas

The documentation is here
http://jasig.github.io/cas/4.0.0/index.html

Be aware of the fact that you need a SSL setup.

Cheers

Christian

–

Vikas Mishra
MSc(Hons) Economics
Birla Institute of Technology & Science, Pilani
KK Birla Goa Campus
8412898899|vikasmishra95@anonymised.com

On Sat, Jun 21, 2014 at 11:29 AM, Vikas Mishra <vikasmishra95@anonymised.com> wrote:

Hi Christian,
What should I put on at fields ‘cas server url’ since am not using any cas server so how should I put a server url?
Or do I need a cas server and if yes then can you suggest some links?
And please explain other fields as well.
Hope to hear from you soon
Thanks!

–

DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH

On Tue, Jun 17, 2014 at 12:24 AM, Vikas Mishra <vikasmishra95@anonymised.com> wrote:

Christian,
Thanks for the heads up, I appreciate your response and
would contact you again if required regarding this matter.

Thank you!
Vikas Mishra,
BITS-Pilani Goa Campus, Goa
India

On 6/15/14, Christian Mueller <christian.mueller@anonymised.com> wrote:

Hi Vikas

Unfortunately, there is no CAS documentation at the moment. Download the
extension and drop the jar files into your WEB-INF/lib directory. Restart
GeoServer , add an authentication filter and you should see CAS as an
option. Create the CAS filter and configure it. Read the help texts
reachable from the admin GUI.

Christian

On Fri, Jun 13, 2014 at 10:19 AM, Vikas Mishra <vikasmishra95@anonymised.com>
wrote:

Hello everyone I am trying to integrate CAS extension in geoserver but I
cant find any documentation anywhere so can anyone please help me out.

Your time and help is much appreciated.
Thanks

–

Vikas Mishra
MSc(Hons) Economics
Birla Institute of Technology & Science, Pilani

KK Birla Goa Campus
8412898899|vikasmishra95@anonymised.com

---

HPCC Systems Open Source Big Data Platform from LexisNexis Risk Solutions
Find What Matters Most in Your Big Data with HPCC Systems
Open Source. Fast. Scalable. Simple. Ideal for Dirty Data.
Leverages Graph Analysis for Fast Processing & Easy Data Exploration
http://p.sf.net/sfu/hpccsystems

---

Geoserver-users mailing list
Geoserver-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-users

–
DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH

–

Vikas Mishra
MSc(Hons) Economics
Birla Institute of Technology & Science, Pilani

KK Birla Goa Campus
8412898899|vikasmishra95@anonymised.com

–

Vikas Mishra
MSc(Hons) Economics
Birla Institute of Technology & Science, Pilani

KK Birla Goa Campus
8412898899|vikasmishra95@anonymised.com

On Thu, Jun 26, 2014 at 3:55 PM, Christian Mueller <christian.mueller@anonymised.com> wrote:

No, no need for the customAuthProvider. Did you remove this provider using the admin GUI ? Editing the config xml files directly circumvents the validation code.

You should remvoe the remeberMe service, otherwise the logout cannot succeed.

Cheers

Christian

–

Vikas Mishra
MSc(Hons) Economics
Birla Institute of Technology & Science, Pilani
KK Birla Goa Campus
8412898899|vikasmishra95@anonymised.com

On Thu, Jun 26, 2014 at 9:32 AM, Vikas Mishra <vikasmishra95@anonymised.com> wrote:

–

DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH

Hi Christian,
Is it possible to have a filter chain without a authentication provider?
Here’s how my security/config.xml file looks like

default

customAuthProvider

default

pbePasswordEncoder

false

CasAuthenticationFilter

rememberme

form

anonymous

form

formLogout

CasAuthenticationFilter

basic

anonymous

CasAuthenticationFilter

basic

CasAuthenticationFilter

CasAuthenticationFilter

org.geoserver.security.rememberme.GeoServerTokenBasedRememberMeServices

geoserver

Now here if I remove the “customAuthProvider” I get a “Java Integrity error”, so I guess it does need it, any ideas?

On Thu, Jun 26, 2014 at 12:44 PM, Christian Mueller <christian.mueller@anonymised.com> wrote:

Hi Vikas

Please stay on the mailing list, this topic might be of interest for other people. Normally, developers do not answer personal mails.

CAS does not need an Authentication Provider, the filter should be enough. A good idea is to enable Session Creation for each filter chain containing the CAS filter.

Cheers

Christian

–

Vikas Mishra
MSc(Hons) Economics
Birla Institute of Technology & Science, Pilani
KK Birla Goa Campus
8412898899|vikasmishra95@anonymised.com

On Wed, Jun 25, 2014 at 7:50 PM, Vikas Mishra <vikasmishra95@anonymised.com> wrote:

Thanks for all your help Christian I have successfully created a SSO solution for GeoNode using this extension however I still haven’t found a way to create a Authentication Provider as CAS as when I go to add a new Authentication Provider I cant see CAS there but I can see it in FIlter chains so I have used a custom created Auth Provider and I guess that is causing problems with the Single Sign out as it still isn’t functioning properly so It would be great if you could give some work around to create a Authentication Provider and then I’m planning to write a detailed blog post on this topic.

Thanks and Cheers!

–

DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH

On Mon, Jun 23, 2014 at 3:56 PM, Christian Mueller <christian.mueller@anonymised.com> wrote:

Hi Vikas

Please stay on the mailing list.

You need a CAS server, download from here
http://www.jasig.org/cas

The documentation is here
http://jasig.github.io/cas/4.0.0/index.html

Be aware of the fact that you need a SSL setup.

Cheers

Christian

–

Vikas Mishra
MSc(Hons) Economics
Birla Institute of Technology & Science, Pilani
KK Birla Goa Campus
8412898899|vikasmishra95@anonymised.com

On Sat, Jun 21, 2014 at 11:29 AM, Vikas Mishra <vikasmishra95@anonymised.com> wrote:

Hi Christian,
What should I put on at fields ‘cas server url’ since am not using any cas server so how should I put a server url?
Or do I need a cas server and if yes then can you suggest some links?
And please explain other fields as well.
Hope to hear from you soon
Thanks!

–

DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH

On Tue, Jun 17, 2014 at 12:24 AM, Vikas Mishra <vikasmishra95@anonymised.com> wrote:

Christian,
Thanks for the heads up, I appreciate your response and
would contact you again if required regarding this matter.

Thank you!
Vikas Mishra,
BITS-Pilani Goa Campus, Goa
India

On 6/15/14, Christian Mueller <christian.mueller@anonymised.com> wrote:

Hi Vikas

Unfortunately, there is no CAS documentation at the moment. Download the
extension and drop the jar files into your WEB-INF/lib directory. Restart
GeoServer , add an authentication filter and you should see CAS as an
option. Create the CAS filter and configure it. Read the help texts
reachable from the admin GUI.

Christian

On Fri, Jun 13, 2014 at 10:19 AM, Vikas Mishra <vikasmishra95@anonymised.com>
wrote:

Hello everyone I am trying to integrate CAS extension in geoserver but I
cant find any documentation anywhere so can anyone please help me out.

Your time and help is much appreciated.
Thanks

–

Vikas Mishra
MSc(Hons) Economics
Birla Institute of Technology & Science, Pilani

KK Birla Goa Campus
8412898899|vikasmishra95@anonymised.com

---

HPCC Systems Open Source Big Data Platform from LexisNexis Risk Solutions
Find What Matters Most in Your Big Data with HPCC Systems
Open Source. Fast. Scalable. Simple. Ideal for Dirty Data.
Leverages Graph Analysis for Fast Processing & Easy Data Exploration
http://p.sf.net/sfu/hpccsystems

---

Geoserver-users mailing list
Geoserver-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-users

–
DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH

–

Vikas Mishra
MSc(Hons) Economics
Birla Institute of Technology & Science, Pilani

KK Birla Goa Campus
8412898899|vikasmishra95@anonymised.com

–

Vikas Mishra
MSc(Hons) Economics
Birla Institute of Technology & Science, Pilani

KK Birla Goa Campus
8412898899|vikasmishra95@anonymised.com

On Thu, Jun 26, 2014 at 12:57 PM, Vikas Mishra <vikasmishra95@anonymised.com> wrote:

You mean to say that I should remove the auth Provider from GUI and not directly from the config file?

–

DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH

On Thu, Jun 26, 2014 at 3:55 PM, Christian Mueller <christian.mueller@anonymised.com> wrote:

No, no need for the customAuthProvider. Did you remove this provider using the admin GUI ? Editing the config xml files directly circumvents the validation code.

You should remvoe the remeberMe service, otherwise the logout cannot succeed.

Cheers

Christian

–

Vikas Mishra
MSc(Hons) Economics
Birla Institute of Technology & Science, Pilani
KK Birla Goa Campus
8412898899|vikasmishra95@anonymised.com

On Thu, Jun 26, 2014 at 9:32 AM, Vikas Mishra <vikasmishra95@anonymised.com> wrote:

–

DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH

Hi Christian,
Is it possible to have a filter chain without a authentication provider?
Here’s how my security/config.xml file looks like

default

customAuthProvider

default

pbePasswordEncoder

false

CasAuthenticationFilter

rememberme

form

anonymous

form

formLogout

CasAuthenticationFilter

basic

anonymous

CasAuthenticationFilter

basic

CasAuthenticationFilter

CasAuthenticationFilter

org.geoserver.security.rememberme.GeoServerTokenBasedRememberMeServices

geoserver

Now here if I remove the “customAuthProvider” I get a “Java Integrity error”, so I guess it does need it, any ideas?

On Thu, Jun 26, 2014 at 12:44 PM, Christian Mueller <christian.mueller@anonymised.com> wrote:

Hi Vikas

Please stay on the mailing list, this topic might be of interest for other people. Normally, developers do not answer personal mails.

CAS does not need an Authentication Provider, the filter should be enough. A good idea is to enable Session Creation for each filter chain containing the CAS filter.

Cheers

Christian

–

Vikas Mishra
MSc(Hons) Economics
Birla Institute of Technology & Science, Pilani
KK Birla Goa Campus
8412898899|vikasmishra95@anonymised.com

On Wed, Jun 25, 2014 at 7:50 PM, Vikas Mishra <vikasmishra95@anonymised.com> wrote:

Thanks for all your help Christian I have successfully created a SSO solution for GeoNode using this extension however I still haven’t found a way to create a Authentication Provider as CAS as when I go to add a new Authentication Provider I cant see CAS there but I can see it in FIlter chains so I have used a custom created Auth Provider and I guess that is causing problems with the Single Sign out as it still isn’t functioning properly so It would be great if you could give some work around to create a Authentication Provider and then I’m planning to write a detailed blog post on this topic.

Thanks and Cheers!

–

DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH

On Mon, Jun 23, 2014 at 3:56 PM, Christian Mueller <christian.mueller@anonymised.com> wrote:

Hi Vikas

Please stay on the mailing list.

You need a CAS server, download from here
http://www.jasig.org/cas

The documentation is here
http://jasig.github.io/cas/4.0.0/index.html

Be aware of the fact that you need a SSL setup.

Cheers

Christian

–

Vikas Mishra
MSc(Hons) Economics
Birla Institute of Technology & Science, Pilani
KK Birla Goa Campus
8412898899|vikasmishra95@anonymised.com

On Sat, Jun 21, 2014 at 11:29 AM, Vikas Mishra <vikasmishra95@anonymised.com> wrote:

Hi Christian,
What should I put on at fields ‘cas server url’ since am not using any cas server so how should I put a server url?
Or do I need a cas server and if yes then can you suggest some links?
And please explain other fields as well.
Hope to hear from you soon
Thanks!

–

DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH

On Tue, Jun 17, 2014 at 12:24 AM, Vikas Mishra <vikasmishra95@anonymised.com> wrote:

Christian,
Thanks for the heads up, I appreciate your response and
would contact you again if required regarding this matter.

Thank you!
Vikas Mishra,
BITS-Pilani Goa Campus, Goa
India

On 6/15/14, Christian Mueller <christian.mueller@anonymised.com> wrote:

Hi Vikas

Unfortunately, there is no CAS documentation at the moment. Download the
extension and drop the jar files into your WEB-INF/lib directory. Restart
GeoServer , add an authentication filter and you should see CAS as an
option. Create the CAS filter and configure it. Read the help texts
reachable from the admin GUI.

Christian

On Fri, Jun 13, 2014 at 10:19 AM, Vikas Mishra <vikasmishra95@anonymised.com>
wrote:

Hello everyone I am trying to integrate CAS extension in geoserver but I
cant find any documentation anywhere so can anyone please help me out.

Your time and help is much appreciated.
Thanks

–

Vikas Mishra
MSc(Hons) Economics
Birla Institute of Technology & Science, Pilani

KK Birla Goa Campus
8412898899|vikasmishra95@anonymised.com

---

HPCC Systems Open Source Big Data Platform from LexisNexis Risk Solutions
Find What Matters Most in Your Big Data with HPCC Systems
Open Source. Fast. Scalable. Simple. Ideal for Dirty Data.
Leverages Graph Analysis for Fast Processing & Easy Data Exploration
http://p.sf.net/sfu/hpccsystems

---

Geoserver-users mailing list
Geoserver-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-users

–
DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH

–

Vikas Mishra
MSc(Hons) Economics
Birla Institute of Technology & Science, Pilani

KK Birla Goa Campus
8412898899|vikasmishra95@anonymised.com

–

Vikas Mishra
MSc(Hons) Economics
Birla Institute of Technology & Science, Pilani

KK Birla Goa Campus
8412898899|vikasmishra95@anonymised.com

On Thu, Jun 26, 2014 at 4:43 PM, Christian Mueller <christian.mueller@anonymised.com> wrote:

Exactly. Before storing, Geosever validates your configuration. This is not possible if you modify the XML file directly.

–

Vikas Mishra
MSc(Hons) Economics
Birla Institute of Technology & Science, Pilani
KK Birla Goa Campus
8412898899|vikasmishra95@anonymised.com

On Thu, Jun 26, 2014 at 12:57 PM, Vikas Mishra <vikasmishra95@anonymised.com.> wrote:

You mean to say that I should remove the auth Provider from GUI and not directly from the config file?

–

DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH

On Thu, Jun 26, 2014 at 3:55 PM, Christian Mueller <christian.mueller@anonymised.com…5445…> wrote:

No, no need for the customAuthProvider. Did you remove this provider using the admin GUI ? Editing the config xml files directly circumvents the validation code.

You should remvoe the remeberMe service, otherwise the logout cannot succeed.

Cheers

Christian

–

Vikas Mishra
MSc(Hons) Economics
Birla Institute of Technology & Science, Pilani
KK Birla Goa Campus
8412898899|vikasmishra95@anonymised.com

On Thu, Jun 26, 2014 at 9:32 AM, Vikas Mishra <vikasmishra95@anonymised.com> wrote:

–

DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH

Hi Christian,
Is it possible to have a filter chain without a authentication provider?
Here’s how my security/config.xml file looks like

default

customAuthProvider

default

pbePasswordEncoder

false

CasAuthenticationFilter

rememberme

form

anonymous

form

formLogout

CasAuthenticationFilter

basic

anonymous

CasAuthenticationFilter

basic

CasAuthenticationFilter

CasAuthenticationFilter

org.geoserver.security.rememberme.GeoServerTokenBasedRememberMeServices

geoserver

Now here if I remove the “customAuthProvider” I get a “Java Integrity error”, so I guess it does need it, any ideas?

On Thu, Jun 26, 2014 at 12:44 PM, Christian Mueller <christian.mueller@anonymised.com> wrote:

Hi Vikas

Please stay on the mailing list, this topic might be of interest for other people. Normally, developers do not answer personal mails.

CAS does not need an Authentication Provider, the filter should be enough. A good idea is to enable Session Creation for each filter chain containing the CAS filter.

Cheers

Christian

–

Vikas Mishra
MSc(Hons) Economics
Birla Institute of Technology & Science, Pilani
KK Birla Goa Campus
8412898899|vikasmishra95@anonymised.com

On Wed, Jun 25, 2014 at 7:50 PM, Vikas Mishra <vikasmishra95@anonymised.com> wrote:

Thanks for all your help Christian I have successfully created a SSO solution for GeoNode using this extension however I still haven’t found a way to create a Authentication Provider as CAS as when I go to add a new Authentication Provider I cant see CAS there but I can see it in FIlter chains so I have used a custom created Auth Provider and I guess that is causing problems with the Single Sign out as it still isn’t functioning properly so It would be great if you could give some work around to create a Authentication Provider and then I’m planning to write a detailed blog post on this topic.

Thanks and Cheers!

–

DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH

On Mon, Jun 23, 2014 at 3:56 PM, Christian Mueller <christian.mueller@anonymised.com> wrote:

Hi Vikas

Please stay on the mailing list.

You need a CAS server, download from here
http://www.jasig.org/cas

The documentation is here
http://jasig.github.io/cas/4.0.0/index.html

Be aware of the fact that you need a SSL setup.

Cheers

Christian

–

Vikas Mishra
MSc(Hons) Economics
Birla Institute of Technology & Science, Pilani
KK Birla Goa Campus
8412898899|vikasmishra95@anonymised.com

On Sat, Jun 21, 2014 at 11:29 AM, Vikas Mishra <vikasmishra95@anonymised.com> wrote:

Hi Christian,
What should I put on at fields ‘cas server url’ since am not using any cas server so how should I put a server url?
Or do I need a cas server and if yes then can you suggest some links?
And please explain other fields as well.
Hope to hear from you soon
Thanks!

–

DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH

On Tue, Jun 17, 2014 at 12:24 AM, Vikas Mishra <vikasmishra95@anonymised.com> wrote:

Christian,
Thanks for the heads up, I appreciate your response and
would contact you again if required regarding this matter.

Thank you!
Vikas Mishra,
BITS-Pilani Goa Campus, Goa
India

On 6/15/14, Christian Mueller <christian.mueller@anonymised.com> wrote:

Hi Vikas

Unfortunately, there is no CAS documentation at the moment. Download the
extension and drop the jar files into your WEB-INF/lib directory. Restart
GeoServer , add an authentication filter and you should see CAS as an
option. Create the CAS filter and configure it. Read the help texts
reachable from the admin GUI.

Christian

On Fri, Jun 13, 2014 at 10:19 AM, Vikas Mishra <vikasmishra95@anonymised.com>
wrote:

Hello everyone I am trying to integrate CAS extension in geoserver but I
cant find any documentation anywhere so can anyone please help me out.

Your time and help is much appreciated.
Thanks

–

Vikas Mishra
MSc(Hons) Economics
Birla Institute of Technology & Science, Pilani

KK Birla Goa Campus
8412898899|vikasmishra95@anonymised.com

---

HPCC Systems Open Source Big Data Platform from LexisNexis Risk Solutions
Find What Matters Most in Your Big Data with HPCC Systems
Open Source. Fast. Scalable. Simple. Ideal for Dirty Data.
Leverages Graph Analysis for Fast Processing & Easy Data Exploration
http://p.sf.net/sfu/hpccsystems

---

Geoserver-users mailing list
Geoserver-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-users

–
DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH

–

Vikas Mishra
MSc(Hons) Economics
Birla Institute of Technology & Science, Pilani

KK Birla Goa Campus
8412898899|vikasmishra95@anonymised.com

–

Vikas Mishra
MSc(Hons) Economics
Birla Institute of Technology & Science, Pilani

KK Birla Goa Campus
8412898899|vikasmishra95@anonymised.com

On Fri, Jun 27, 2014 at 2:03 PM, Cliff Ingham <inghamn@anonymised.com> wrote:

I do not believe the sign out process for CAS works like you expect.
While it is true that doing a logout from GeoServer may send you to
CAS to kill the CAS session; however, the opposite is not true.

Just because you go to your CAS server and logout does not, and should
not log you out of GeoServer. The intent is that you would have many
web application that all use CAS. Logging out of one web application
that uses CAS should not immediately log you out of all other web
applications (that use CAS) which you may have open in other browser
windows.

On 06/26/2014 09:46 AM, Vikas Mishra wrote:

Single sign out is still not working, If I understood it correctly, single
sign out works in a way that once we go to the logout url of the cas server
it should logout the geoserver, but If I go to https://my.cas.server/logout
it gives me a logout succesfull but it still doesn’t logout of geoserver
Here is my new config xml file

default

pbePasswordEncoder

false

<filters name=“web” class=“org.geoserver.security.HtmlLoginFilterChain”

interceptorName=“interceptor” exceptionTranslationName=“exception”
path=“/web/,/gwc/rest/web/,/” disabled=“false”
allowSessionCreation=“true” ssl=“false” matchHTTPMethod=“false”>

CasAuthenticationFilter

form

basic

anonymous

<filters name=“webLogin”

class=“org.geoserver.security.ConstantFilterChain”
path=“/j_spring_security_check,/j_spring_security_check/” disabled=“false”
allowSessionCreation=“false” ssl=“false” matchHTTPMethod=“false”>

form

<filters name=“webLogout”

class=“org.geoserver.security.LogoutFilterChain”
path=“/j_spring_security_logout,/j_spring_security_logout/”
disabled=“false” allowSessionCreation=“false” ssl=“false”
matchHTTPMethod=“false”>

formLogout

<filters name=“rest”

class=“org.geoserver.security.ServiceLoginFilterChain”
interceptorName=“restInterceptor” exceptionTranslationName=“exception”
path=“/rest/**” disabled=“false” allowSessionCreation=“true” ssl=“false”
matchHTTPMethod=“false”>

CasAuthenticationFilter

basic

anonymous

<filters name=“gwc”

class=“org.geoserver.security.ServiceLoginFilterChain”
interceptorName=“restInterceptor” exceptionTranslationName=“exception”
path=“/gwc/rest/**” disabled=“false” allowSessionCreation=“true”
ssl=“false” matchHTTPMethod=“false”>

CasAuthenticationFilter

basic

anonymous

<filters name=“test”

class=“org.geoserver.security.ServiceLoginFilterChain”
interceptorName=“interceptor” exceptionTranslationName=“exception”
path=“/test” disabled=“false” allowSessionCreation=“true” ssl=“false”
matchHTTPMethod=“false”>

CasAuthenticationFilter

<filters name=“default”

class=“org.geoserver.security.ServiceLoginFilterChain”
interceptorName=“interceptor” exceptionTranslationName=“exception”
path=“/**” disabled=“false” allowSessionCreation=“true” ssl=“false”
matchHTTPMethod=“false”>

basic

anonymous

org.geoserver.security.rememberme.GeoServerTokenBasedRememberMeServices

geoserver

And I removed remember me filter chain but I cant find a way in GUI to
remove the rememberMeService at the end of the config.xml if that’s what
you meant by 'remove remember me service"

On Thu, Jun 26, 2014 at 4:43 PM, Christian Mueller <
christian.mueller@anonymised.com445…> wrote:

Exactly. Before storing, Geosever validates your configuration. This is
not possible if you modify the XML file directly.

On Thu, Jun 26, 2014 at 12:57 PM, Vikas Mishra <vikasmishra95@anonymised.com>
wrote:

You mean to say that I should remove the auth Provider from GUI and not
directly from the config file?

On Thu, Jun 26, 2014 at 3:55 PM, Christian Mueller <
christian.mueller@anonymised.com> wrote:

No, no need for the customAuthProvider. Did you remove this provider
using the admin GUI ? Editing the config xml files directly circumvents the
validation code.

You should remvoe the remeberMe service, otherwise the logout cannot
succeed.

Cheers
Christian

On Thu, Jun 26, 2014 at 9:32 AM, Vikas Mishra <vikasmishra95@anonymised.com>
wrote:

Hi Christian,
Is it possible to have a filter chain without a
authentication provider?
Here’s how my security/config.xml file looks like

default

customAuthProvider

default

pbePasswordEncoder

false

<filters name=“web”

class=“org.geoserver.security.HtmlLoginFilterChain”
interceptorName=“interceptor” exceptionTranslationName=“exception”
path=“/web/,/gwc/rest/web/,/” disabled=“false”
allowSessionCreation=“true” ssl=“false” matchHTTPMethod=“false”>

CasAuthenticationFilter

rememberme

form

anonymous

<filters name=“webLogin”

class=“org.geoserver.security.ConstantFilterChain”
path=“/j_spring_security_check,/j_spring_security_check/” disabled=“false”
allowSessionCreation=“true” ssl=“false” matchHTTPMethod=“false”>

form

<filters name=“webLogout”

class=“org.geoserver.security.LogoutFilterChain”
path=“/j_spring_security_logout,/j_spring_security_logout/”
disabled=“false” allowSessionCreation=“True” ssl=“false”
matchHTTPMethod=“false”>

formLogout

<filters name=“rest”

class=“org.geoserver.security.ServiceLoginFilterChain”
interceptorName=“restInterceptor” exceptionTranslationName=“exception”
path=“/rest/**” disabled=“false” allowSessionCreation=“true” ssl=“false”
matchHTTPMethod=“false”>

CasAuthenticationFilter

basic

anonymous

<filters name=“gwc”

class=“org.geoserver.security.ServiceLoginFilterChain”
interceptorName=“restInterceptor” exceptionTranslationName=“exception”
path=“/gwc/rest/**” disabled=“false” allowSessionCreation=“True”
ssl=“false” matchHTTPMethod=“false”>

CasAuthenticationFilter

basic

CasAuthenticationFilter

CasAuthenticationFilter

>

org.geoserver.security.rememberme.GeoServerTokenBasedRememberMeServices

geoserver

Now here if I remove the “customAuthProvider” I get a “Java Integrity
error”, so I guess it does need it, any ideas?

On Thu, Jun 26, 2014 at 12:44 PM, Christian Mueller <
christian.mueller@anonymised.com> wrote:

Hi Vikas

Please stay on the mailing list, this topic might be of interest for
other people. Normally, developers do not answer personal mails.

CAS does not need an Authentication Provider, the filter should be
enough. A good idea is to enable Session Creation for each filter chain
containing the CAS filter.

Cheers
Christian

On Wed, Jun 25, 2014 at 7:50 PM, Vikas Mishra <vikasmishra95@anonymised.com

wrote:

Thanks for all your help Christian I have successfully created a SSO
solution for GeoNode using this extension however I still haven’t found a
way to create a Authentication Provider as CAS as when I go to add a new
Authentication Provider I cant see CAS there but I can see it in FIlter
chains so I have used a custom created Auth Provider and I guess that is
causing problems with the Single Sign out as it still isn’t functioning
properly so It would be great if you could give some work around to create
a Authentication Provider and then I’m planning to write a detailed blog
post on this topic.

Thanks and Cheers!

On Mon, Jun 23, 2014 at 3:56 PM, Christian Mueller <
christian.mueller@anonymised.com> wrote:

Hi Vikas

Please stay on the mailing list.

You need a CAS server, download from here
http://www.jasig.org/cas

The documentation is here
http://jasig.github.io/cas/4.0.0/index.html

Be aware of the fact that you need a SSL setup.

Cheers
Christian

On Sat, Jun 21, 2014 at 11:29 AM, Vikas Mishra <
vikasmishra95@anonymised.com> wrote:

Hi Christian,
What should I put on at fields ‘cas server url’
since am not using any cas server so how should I put a server url?
Or do I need a cas server and if yes then can you suggest some
links?
And please explain other fields as well.
Hope to hear from you soon
Thanks!

On Tue, Jun 17, 2014 at 12:24 AM, Vikas Mishra <
vikasmishra95@anonymised.com> wrote:

Christian,
Thanks for the heads up, I appreciate your response
and
would contact you again if required regarding this matter.

Thank you!
Vikas Mishra,
BITS-Pilani Goa Campus, Goa
India

On 6/15/14, Christian Mueller <christian.mueller@anonymised.com.>
wrote:

Hi Vikas

Unfortunately, there is no CAS documentation at the moment.
Download the
extension and drop the jar files into your WEB-INF/lib
directory. Restart
GeoServer , add an authentication filter and you should see CAS
as an
option. Create the CAS filter and configure it. Read the help
texts
reachable from the admin GUI.

Christian

On Fri, Jun 13, 2014 at 10:19 AM, Vikas Mishra <
vikasmishra95@anonymised.com>
wrote:

Hello everyone I am trying to integrate CAS extension in
geoserver but I
cant find any documentation anywhere so can anyone please help
me out.

Your time and help is much appreciated.
Thanks

–

Vikas Mishra
MSc(Hons) Economics
Birla Institute of Technology & Science, Pilani
KK Birla Goa Campus
8412898899|vikasmishra95@anonymised.com

---

HPCC Systems Open Source Big Data Platform from LexisNexis Risk
Solutions
Find What Matters Most in Your Big Data with HPCC Systems
Open Source. Fast. Scalable. Simple. Ideal for Dirty Data.
Leverages Graph Analysis for Fast Processing & Easy Data
Exploration
http://p.sf.net/sfu/hpccsystems

---

Geoserver-users mailing list
Geoserver-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-users

–
DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH

–

Vikas Mishra
MSc(Hons) Economics
Birla Institute of Technology & Science, Pilani
KK Birla Goa Campus
8412898899|vikasmishra95@anonymised.com

–

Vikas Mishra
MSc(Hons) Economics
Birla Institute of Technology & Science, Pilani
KK Birla Goa Campus
8412898899|vikasmishra95@anonymised.com

–
DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH

–

Vikas Mishra
MSc(Hons) Economics
Birla Institute of Technology & Science, Pilani
KK Birla Goa Campus
8412898899|vikasmishra95@anonymised.com

–
DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH

–

Vikas Mishra
MSc(Hons) Economics
Birla Institute of Technology & Science, Pilani
KK Birla Goa Campus
8412898899|vikasmishra95@anonymised.com

–
DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH

–

Vikas Mishra
MSc(Hons) Economics
Birla Institute of Technology & Science, Pilani
KK Birla Goa Campus
8412898899|vikasmishra95@anonymised.com

–
DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH

---

Open source business process management suite built on Java and Eclipse
Turn processes into business applications with Bonita BPM Community Edition
Quickly connect people, data, and systems into organized workflows
Winner of BOSSIE, CODIE, OW2 and Gartner awards
http://p.sf.net/sfu/Bonitasoft

---

Geoserver-users mailing list
Geoserver-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-users

---

Open source business process management suite built on Java and Eclipse
Turn processes into business applications with Bonita BPM Community Edition
Quickly connect people, data, and systems into organized workflows
Winner of BOSSIE, CODIE, OW2 and Gartner awards
http://p.sf.net/sfu/Bonitasoft

---

Geoserver-users mailing list
Geoserver-users@anonymised.comsts.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-users

–

DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH