|  | 
 
	| 
		
	
								
			
		
				
			| How to CASify alfresco CMS? 
 Recently I got opportunity to configure alfresco CMS/WCM for our Intranet project. Our Intranet contains various applications so for single sign on solution we configured ja-sig cas server. Challenge was how to CASify alfresco? But believe me it's really easy once you done it. Following is the simplest possible solution to make alfresco work with CAS (Most of the part of the following entry is inherited by various sources; I am just rearranging contents according my experience.)
 TODO list before we start:-
 
 * Generate self signed security certificate using keytool, because CAS works on SSL.
 * Make Tomcat work with SSL.
 * Install CAS server.
 * Ensure you already setup alfresco. (It will make our work a lot easy
 J)
 * Build certificate trust relation between alfresco and CAS.
 * Check out alfresco source code (yes we will need this too).
 * Download Yale's implementation of the CAS java client.
 
 Development environment for our exercise
 (Make these references according your environment):-
 
 * Developer's machine's hostname à
 hostname
 * CAS server's URL à
 https://hostname/cas (secure port is 443 and HTTP port is 80 so no need to explicitly mentioned in URL)
 * Alfresco URL à
 http://hostname:8080/alfresco
 * Alfresco installation home directory à
 C:\alfresco (yes I am using windows)
 * Alfresco tomcat directory à
 C:\alfresco\tomcat
 * HTTP and HTTPS port of the alfresco tomcat is same as provided by alfresco community edition with bundled tomcatà
 8080 and 8443.
 
 Changes in web.xml
 
 Location à
 C:\alfresco\tomcat\webapps\alfresco\WEB-INF
 Add filter declarations
 
 
 
 Authentication Filter
 
 edu.yale.its.tp.cas.client.filter.CASFilter
 
 
 
 edu.yale.its.tp.cas.client.filter.loginUrl
 
 https://hostname/cas/login
 
 
 
 
 
 edu.yale.its.tp.cas.client.filter.validateUrl
 
 https://hostname/cas/serviceValidate
 
 
 
 
 
 edu.yale.its.tp.cas.client.filter.serverName
 
 hostname:8080
 
 
 
 
 
 
 
 CAS Authentication
 
 org.alfresco.web.app.servlet.CasAuthenticationFilter
 
 
 
 
 
 cas.user.label
 
 edu.yale.its.tp.cas.client.filter.user
 
 
 
 
 
 
 
 
 Now Add filter mapping in web.xml
 
 
 
 CAS Authentication
 
 /faces/*
 
 
 
 
 
 CAS Authentication
 
 /service/*
 
 
 
 
 
 CAS Authentication
 
 /navigate/*
 
 
 
 
 
 CAS Authentication
 
 /command/*
 
 
 
 
 
 CAS Authentication
 
 /template/*
 
 
 
 
 
 CAS Authentication
 
 /download/*
 
 
 
 Modify alfresco-web-client.jar's two classes
 
 Grab following two java files and compile these with the source you downloaded earlier:-
 
 http://wiki.alfresco.com/fr/index.php/Documentation:CAS:CasAuthenticationFilter.java
 http://wiki.alfresco.com/fr/index.php/Documentation:CAS:BaseServlet.java
 
 After compiling these files extract and repack following jar with these class files:-
 
 Modify alfresco-web-client.jar stored into C:\alfresco\tomcat\webapps\alfresco\WEB-INF\lib\
 
 
 
 Modification in authentication-services-context.xml
 
 Location à
 C:\alfresco\tomcat\webapps\alfresco\WEB-INF\classes\alfresco
 
 Line no 150 to 160 refers to original AuthenticationComponentImpl, change this to:-
 
 
 
 
 
 
 
 <  ref bean="authenticationDao" />
 
 
 
 
 
 <  ref bean="authenticationManager" />
 
 
 
 
 
 true
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 false
 
 
 
 
 
 
 
 Modification in relogin.jsp
 
 To logout from CAS server we need to add redirection after alfresco logout from itself
 
 Location à
 C:\alfresco\tomcat\webapps\alfresco\jsp\relogin.jsp
 
 Add following line to the jsp file:-
 
 response.sendRedirect("https://hostname/cas/logout");
 
 
 
 It's done!
 
 
 
 
 References:-
 
 http://wiki.alfresco.com/wiki/Central_Authentication_Service_Configuration
 
 http://wiki.alfresco.com/wiki/Central_Authentication_Service
 
 http://www.ja-sig.org/wiki/display/CASUM/Demo
 
 |  |  |