[Geoserver-users] implementing CAS in Geoserver

Hello all,

I am trying to implement CAS authentication in GeoServer and would appreciate if anyone having expertise in it could guide me. Following are the steps I already tried, but with no success. FYI I am still relatively a beginner for spring security and geoserver.

I have tried inserting CAS authentication, but was unsuccessful. I might be wrong in my approach, but I was trying to implement a CAS authentication wrapper around geoserver. I also tried modifying aplicationSecurityContext to insert CAS, but that also failed due to conflicts with current authentication (usernamepassword) mechanism. It seems that other services (catalog, wms etc.) are tightly coupled with previous authentication mechanism and my insertion of CAS relevant code breaks the previous authentication, thereby failing to get these other services up.

Let me know if you have any thoughts about the possible path of implementation. I highly appreciate your help. FYI, I am using a slightly different implementation of geoserver from http://3dwebgis.di.uminho.pt/sources/. Additionally I have also seen similar efforts in progress from Christian Mueller, but since it is yet to finish, I am giving it a shot myself.

Thanks
Sachin

Hi Sachin

I am the developer of the CAS module. First the bad news. The CAS module never should have been on the download page, this was an "accident". You can stop your efforts here, it will not work.

First I have to apply the patch for
http://geoserver.org/display/GEOS/GSIP+82+-+Reworking+security+filter+chains

The new CAS module is based on this patch. Unfortunately, this patch requires migration code and it is not possible to apply it to 2.2.x series. CAS will work starting with Geoserver 2.3.0. The release schedule is here

http://geoserver.org/display/GEOS/GeoTools+and+GeoServer+release+schedule

The good news: I hope to get finished soon and you can try CAS using a nightly build. I will send an information mail on the user list.

Sorry for your inconvenience

Christian

Zitat von Sachin Hirve <shirve.csu@anonymised.com>:

Hello all,

I am trying to implement CAS authentication in GeoServer and would
appreciate if anyone having expertise in it could guide me. Following are
the steps I already tried, but with no success. FYI I am still relatively a
beginner for spring security and geoserver.

I have tried inserting CAS authentication, but was unsuccessful. I might be
wrong in my approach, but I was trying to implement a CAS authentication
wrapper around geoserver. I also tried modifying aplicationSecurityContext
to insert CAS, but that also failed due to conflicts with current
authentication (usernamepassword) mechanism. It seems that other services
(catalog, wms etc.) are tightly coupled with previous authentication
mechanism and my insertion of CAS relevant code breaks the previous
authentication, thereby failing to get these other services up.

Let me know if you have any thoughts about the possible path of
implementation. I highly appreciate your help. FYI, I am using a slightly
different implementation of geoserver from
http://3dwebgis.di.uminho.pt/sources/. Additionally I have also seen
similar efforts in progress from Christian Mueller, but since it is yet to
finish, I am giving it a shot myself.

Thanks
Sachin

----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.

Hi Christian,

Thank you for sharing this information. I am not using the CAS related code of geoserver which was on geoserver. Rather I was planning to start from the beginning, but it seems to involve a huge effort. Therefore I am looking forward to your CAS extension implementation.

If you can let me know the estimated time of sharing the nightly build (CAS extension), that would be a big help. I am looking to include your CAS implementation in my work as soon as possible due to an upcoming demo deadline.

Thank you for your help.

regards
Sachin

Hi Sachin

What is your deadline. Please let me know ?

Christian

Zitat von Sachin Hirve <shirve.csu@anonymised.com>:

Hi Christian,

Thank you for sharing this information. I am not using the CAS related code
of geoserver which was on geoserver. Rather I was planning to start from
the beginning, but it seems to involve a huge effort. Therefore I am
looking forward to your CAS extension implementation.

If you can let me know the estimated time of sharing the nightly build (CAS
extension), that would be a big help. I am looking to include your CAS
implementation in my work as soon as possible due to an upcoming demo
deadline.

Thank you for your help.

regards
Sachin

On Fri, Dec 7, 2012 at 4:12 AM, <christian.mueller@anonymised.com> wrote:

Hi Sachin

I am the developer of the CAS module. First the bad news. The CAS module
never should have been on the download page, this was an "accident". You
can stop your efforts here, it will not work.

First I have to apply the patch for
http://geoserver.org/display/**GEOS/GSIP+82+-+Reworking+**
security+filter+chains<http://geoserver.org/display/GEOS/GSIP+82+-+Reworking+security+filter+chains&gt;

The new CAS module is based on this patch. Unfortunately, this patch
requires migration code and it is not possible to apply it to 2.2.x series.
CAS will work starting with Geoserver 2.3.0. The release schedule is here

http://geoserver.org/display/**GEOS/GeoTools+and+GeoServer+**
release+schedule<http://geoserver.org/display/GEOS/GeoTools+and+GeoServer+release+schedule&gt;

The good news: I hope to get finished soon and you can try CAS using a
nightly build. I will send an information mail on the user list.

Sorry for your inconvenience

Christian

Zitat von Sachin Hirve <shirve.csu@anonymised.com>:

Hello all,

I am trying to implement CAS authentication in GeoServer and would
appreciate if anyone having expertise in it could guide me. Following are
the steps I already tried, but with no success. FYI I am still relatively
a
beginner for spring security and geoserver.

I have tried inserting CAS authentication, but was unsuccessful. I might
be
wrong in my approach, but I was trying to implement a CAS authentication
wrapper around geoserver. I also tried modifying aplicationSecurityContext
to insert CAS, but that also failed due to conflicts with current
authentication (usernamepassword) mechanism. It seems that other services
(catalog, wms etc.) are tightly coupled with previous authentication
mechanism and my insertion of CAS relevant code breaks the previous
authentication, thereby failing to get these other services up.

Let me know if you have any thoughts about the possible path of
implementation. I highly appreciate your help. FYI, I am using a slightly
different implementation of geoserver from
http://3dwebgis.di.uminho.pt/**sources/&lt;http://3dwebgis.di.uminho.pt/sources/&gt;\.
Additionally I have also seen
similar efforts in progress from Christian Mueller, but since it is yet to
finish, I am giving it a shot myself.

Thanks
Sachin

------------------------------**------------------------------**----
This message was sent using IMP, the Internet Messaging Program.

----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.

Hi,
I'm also interested in using CAS in geoserver. But I don't have any specific deadline.

best regards,
Premysl

On St 12. prosinec 2012, 14:37:15 CET, christian.mueller@anonymised.com wrote:

Hi Sachin

What is your deadline. Please let me know ?

Christian

Zitat von Sachin Hirve <shirve.csu@anonymised.com>:

Hi Christian,

Thank you for sharing this information. I am not using the CAS related code
of geoserver which was on geoserver. Rather I was planning to start from
the beginning, but it seems to involve a huge effort. Therefore I am
looking forward to your CAS extension implementation.

If you can let me know the estimated time of sharing the nightly build (CAS
extension), that would be a big help. I am looking to include your CAS
implementation in my work as soon as possible due to an upcoming demo
deadline.

Thank you for your help.

regards
Sachin

On Fri, Dec 7, 2012 at 4:12 AM, <christian.mueller@anonymised.com> wrote:

Hi Sachin

I am the developer of the CAS module. First the bad news. The CAS module
never should have been on the download page, this was an "accident". You
can stop your efforts here, it will not work.

First I have to apply the patch for
http://geoserver.org/display/**GEOS/GSIP+82+-+Reworking+**
security+filter+chains<http://geoserver.org/display/GEOS/GSIP+82+-+Reworking+security+filter+chains&gt;

The new CAS module is based on this patch. Unfortunately, this patch
requires migration code and it is not possible to apply it to 2.2.x series.
CAS will work starting with Geoserver 2.3.0. The release schedule is here

http://geoserver.org/display/**GEOS/GeoTools+and+GeoServer+**
release+schedule<http://geoserver.org/display/GEOS/GeoTools+and+GeoServer+release+schedule&gt;

The good news: I hope to get finished soon and you can try CAS using a
nightly build. I will send an information mail on the user list.

Sorry for your inconvenience

Christian

Zitat von Sachin Hirve <shirve.csu@anonymised.com>:

  Hello all,

I am trying to implement CAS authentication in GeoServer and would
appreciate if anyone having expertise in it could guide me. Following are
the steps I already tried, but with no success. FYI I am still relatively
a
beginner for spring security and geoserver.

I have tried inserting CAS authentication, but was unsuccessful. I might
be
wrong in my approach, but I was trying to implement a CAS authentication
wrapper around geoserver. I also tried modifying aplicationSecurityContext
to insert CAS, but that also failed due to conflicts with current
authentication (usernamepassword) mechanism. It seems that other services
(catalog, wms etc.) are tightly coupled with previous authentication
mechanism and my insertion of CAS relevant code breaks the previous
authentication, thereby failing to get these other services up.

Let me know if you have any thoughts about the possible path of
implementation. I highly appreciate your help. FYI, I am using a slightly
different implementation of geoserver from
http://3dwebgis.di.uminho.pt/**sources/&lt;http://3dwebgis.di.uminho.pt/sources/&gt;\.
Additionally I have also seen
similar efforts in progress from Christian Mueller, but since it is yet to
finish, I am giving it a shot myself.

Thanks
Sachin

------------------------------**------------------------------**----
This message was sent using IMP, the Internet Messaging Program.

----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.

------------------------------------------------------------------------------
LogMeIn Rescue: Anywhere, Anytime Remote support for IT. Free Trial
Remotely access PCs and mobile devices and provide instant support
Improve your efficiency, and focus on delivering more value-add services
Discover what IT Professionals Know. Rescue delivers
http://p.sf.net/sfu/logmein_12329d2d
_______________________________________________
Geoserver-users mailing list
Geoserver-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-users

Hi Christian,

I had a deadline of December 25, 2012 to show CAS working with few more features dependent on CAS which looks difficult now. I will also need time to integrate your code into my working branch. Code integration will include migration code and CAS extension, since I am using another geoserver version (based on 2.2.x) for some specific services (which are not part of current geoserver development). So in all whenever earliest possible I could get the nightly build with instructions to merge the code, that would be a big help.

Thank you for your help. I highly appreciate it.

regards,
Sachin

Hi Sachin

My plan is to have one commit for GSIP-82 and one for CAS.

The CAS merge is simple because CAS is an extension. The merge of GSIP-82 is more tricky, but you can see all changes online on github.

I will try to hurry up.

Zitat von Sachin Hirve <shirve.csu@anonymised.com>:

Hi Christian,

I had a deadline of December 25, 2012 to show CAS working with few more
features dependent on CAS which looks difficult now. I will also need time
to integrate your code into my working branch. Code integration will
include migration code and CAS extension, since I am using another
geoserver version (based on 2.2.x) for some specific services (which are
not part of current geoserver development). So in all whenever earliest
possible I could get the nightly build with instructions to merge the code,
that would be a big help.

Thank you for your help. I highly appreciate it.

regards,
Sachin

On Wed, Dec 12, 2012 at 8:37 AM, <christian.mueller@anonymised.com> wrote:

Hi Sachin

What is your deadline. Please let me know ?

Christian

Zitat von Sachin Hirve <shirve.csu@anonymised.com>:

Hi Christian,

Thank you for sharing this information. I am not using the CAS related
code
of geoserver which was on geoserver. Rather I was planning to start from
the beginning, but it seems to involve a huge effort. Therefore I am
looking forward to your CAS extension implementation.

If you can let me know the estimated time of sharing the nightly build
(CAS
extension), that would be a big help. I am looking to include your CAS
implementation in my work as soon as possible due to an upcoming demo
deadline.

Thank you for your help.

regards
Sachin

On Fri, Dec 7, 2012 at 4:12 AM, <christian.mueller@anonymised.com> wrote:

Hi Sachin

I am the developer of the CAS module. First the bad news. The CAS module
never should have been on the download page, this was an "accident". You
can stop your efforts here, it will not work.

First I have to apply the patch for
http://geoserver.org/display/****GEOS/GSIP+82+-+Reworking+**&lt;http://geoserver.org/display/**GEOS/GSIP+82+-+Reworking+**&gt;
security+filter+chains<http://**geoserver.org/display/GEOS/**
GSIP+82+-+Reworking+security+**filter+chains<http://geoserver.org/display/GEOS/GSIP+82+-+Reworking+security+filter+chains&gt;
>

The new CAS module is based on this patch. Unfortunately, this patch
requires migration code and it is not possible to apply it to 2.2.x
series.
CAS will work starting with Geoserver 2.3.0. The release schedule is here

http://geoserver.org/display/****GEOS/GeoTools+and+GeoServer+****&lt;http://geoserver.org/display/**GEOS/GeoTools+and+GeoServer+**&gt;
release+schedule<http://**geoserver.org/display/GEOS/**
GeoTools+and+GeoServer+**release+schedule<http://geoserver.org/display/GEOS/GeoTools+and+GeoServer+release+schedule&gt;
>

The good news: I hope to get finished soon and you can try CAS using a
nightly build. I will send an information mail on the user list.

Sorry for your inconvenience

Christian

Zitat von Sachin Hirve <shirve.csu@anonymised.com>:

Hello all,

I am trying to implement CAS authentication in GeoServer and would
appreciate if anyone having expertise in it could guide me. Following
are
the steps I already tried, but with no success. FYI I am still
relatively
a
beginner for spring security and geoserver.

I have tried inserting CAS authentication, but was unsuccessful. I might
be
wrong in my approach, but I was trying to implement a CAS authentication
wrapper around geoserver. I also tried modifying
aplicationSecurityContext
to insert CAS, but that also failed due to conflicts with current
authentication (usernamepassword) mechanism. It seems that other
services
(catalog, wms etc.) are tightly coupled with previous authentication
mechanism and my insertion of CAS relevant code breaks the previous
authentication, thereby failing to get these other services up.

Let me know if you have any thoughts about the possible path of
implementation. I highly appreciate your help. FYI, I am using a
slightly
different implementation of geoserver from
http://3dwebgis.di.uminho.pt/****sources/&lt;http://3dwebgis.di.uminho.pt/**sources/&gt;
<http://3dwebgis.di.**uminho.pt/sources/<http://3dwebgis.di.uminho.pt/sources/>
>.

Additionally I have also seen
similar efforts in progress from Christian Mueller, but since it is yet
to
finish, I am giving it a shot myself.

Thanks
Sachin

------------------------------****----------------------------**--**----

This message was sent using IMP, the Internet Messaging Program.

------------------------------**------------------------------**----
This message was sent using IMP, the Internet Messaging Program.

----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.