Can 6.x configure CAS same as 5.x?

I had configured 5.x with CAS (http://www.bonitasoft.org/forum/viewtopic.php?id=2250)

Does it same with 6.x?

Hello

In version 6.0, 6.1 and 6.2, this was not possible.
In version 6.3, this is now possible natively with our Subscription Pack. Everything is explained here:
http://documentation.bonitasoft.com/single-sign-cas
With Community version, it is possible through the modification of the authentication service code.

Hi,

I am trying to implement this in Bonita 6.3 community but I am not able to do that.

I am not sure what I have to do, Anne-Laure speaks about the modification of the authentication service code (i think, a new implementation of the GenericAuthenticationService / IdentityService), and lenap and julien about a WebAuthentication class that should implement the LoginManager ( ??? I don’t understand… I see in the documentation that should be a file called loginManager-config.properties to tell bonita which implementation should use, but I don’t have it)

As far as I know, if I implement the GenericAuthenticationService I need to get the token generated by the third party application, the problem is how can I get it? In bonita community, is possible to get the ticket via REST using bonita_server_url/loginservice?ticket={ST} ?

I am a little bit lost here…

Thanks

Any information about this point ??

New link to the legacy topic: http://community.bonitasoft.com/node/2019

CAS SSO is now supported OOTB in 6.3 SP:
http://documentation.bonitasoft.com/single-sign-cas

Thanks, but my question is related to implement it in community with the tools we have.

Thx Anne-Laure, in 6.3 may we use the filter (in web.xml) and a WebAuthentication class, or is it possible to create a CASRemoteLoginManagerImpl class like in the teamwork version, and not use the filter ? Cause modify the authentication service class isn’t so clean (update …)
Thx

The filter is mainly here to check if the session already exists and if the requested URL is protected or not.
Then it calls the appropriate LoginManager.

Thus, on one hand, you could get rid of the filter but that may cause some security breach.

On the other hand, the filter is strongly bound to the LoginManager. So your WebAuthentication class should implement the LoginManager Itf and manage the authentication on the engine side…

@Anne can you please explain in more detail how the code can be modified for community version to get CAS working ? thanks.