Can 6.x configure CAS same as 5.x?

1
0
-1

I had configured 5.x with CAS (http://www.bonitasoft.org/forum/viewtopic.php?id=2250)
Does it same with 6.x?

Comments

Submitted by perota on Mon, 01/13/2014 - 14:05
Submitted by lenap on Mon, 05/26/2014 - 16:21

Any information about this point ??

Submitted by ttoine on Mon, 05/26/2014 - 17:31
Submitted by francois.chevresson on Thu, 08/07/2014 - 16:09

CAS SSO is now supported OOTB in 6.3 SP: http://documentation.bonitasoft.com/single-sign-cas

Submitted by eduardo.gonzalez_1 on Fri, 08/08/2014 - 12:27

Thanks, but my question is related to implement it in community with the tools we have.

2 answers

1
+1
-1

Hello

In version 6.0, 6.1 and 6.2, this was not possible. In version 6.3, this is now possible natively with our Subscription Pack. Everything is explained here: http://documentation.bonitasoft.com/single-sign-cas

With Community version, it is possible through the modification of the authentication service code.

Comments

Submitted by lenap on Mon, 05/26/2014 - 18:07

Thx Anne-Laure, in 6.3 may we use the filter (in web.xml) and a WebAuthentication class, or is it possible to create a CASRemoteLoginManagerImpl class like in the teamwork version, and not use the filter ? Cause modify the authentication service class isn't so clean (update ...) Thx

Submitted by julien.reboul on Fri, 05/30/2014 - 12:02

The filter is mainly here to check if the session already exists and if the requested URL is protected or not. Then it calls the appropriate LoginManager.

Thus, on one hand, you could get rid of the filter but that may cause some security breach.

On the other hand, the filter is strongly bound to the LoginManager. So your WebAuthentication class should implement the LoginManager Itf and manage the authentication on the engine side...

Submitted by kaykay on Thu, 05/14/2015 - 20:36

@Anne can you please explain in more detail how the code can be modified for community version to get CAS working ? thanks.

1
-1
-1

Hi,

I am trying to implement this in Bonita 6.3 community but I am not able to do that.

I am not sure what I have to do, Anne-Laure speaks about the modification of the authentication service code (i think, a new implementation of the GenericAuthenticationService / IdentityService), and lenap and julien about a WebAuthentication class that should implement the LoginManager ( ??? I don't understand... I see in the documentation that should be a file called loginManager-config.properties to tell bonita which implementation should use, but I don't have it)

As far as I know, if I implement the GenericAuthenticationService I need to get the token generated by the third party application, the problem is how can I get it? In bonita community, is possible to get the ticket via REST using bonita_server_url/loginservice?ticket={ST} ?

I am a little bit lost here...

Thanks

Notifications