Skip to content

Instantly share code, notes, and snippets.

@kashyapp

kashyapp/Notes.md

Last active December 19, 2017 06:09
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save kashyapp/5018460 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save kashyapp/5018460 to your computer and use it in GitHub Desktop.
Download ZIP
Shiro + CAS + Dropwizard
Raw
README.md

Shiro + CAS + Dropwizard - Getting started

limitation being that shiro doesn't yet understand proxy tickets. So this only works when the user is directly interacting with your http service/application.

(This is not a complete example, only the parts needed to be added to an existing dropwizard service to enable CAS)

See http://shiro.apache.org/cas.html

Raw
Notes.md
Raw
pom.xml
<!-- Add to your maven pom -->
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-cas</artifactId>
<version>1.2.1</version>
</dependency>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-core</artifactId>
<version>1.2.1</version>
</dependency>
Raw
Service.java
import com.yammer.metrics.reporting.PingServlet;
import org.apache.shiro.web.env.EnvironmentLoaderListener;
import org.apache.shiro.web.servlet.ShiroFilter;
import org.jasig.cas.client.ssl.AnyHostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
public class ConfigManagementService extends Service<ConfigManagementConfiguration> {
@Override
public void run(ConfigManagementConfiguration configuration, Environment environment) throws Exception {
/* Needed if cas server ssl certificate is funny */
HttpsURLConnection.setDefaultHostnameVerifier(new AnyHostnameVerifier());
/* equivalent to the web.xml changes in the shiro docs */
environment.addFilter(ShiroFilter.class, "/*");
environment.addServletListeners(new EnvironmentLoaderListener());
/* register any servlet on /cas service path, else jetty is not applying filter [see shiro.ini] */
environment.addServlet(PingServlet.class, "/cas");
}
}
Raw
shiro.ini
## This is practically identical to the shiro cas docs ##
[main]
roles.loginUrl = https://cas-server.domain.com/login?service=http://localhost:28320/cas
casRealm = org.apache.shiro.cas.CasRealm
casRealm.defaultRoles = ROLE_USER
casRealm.casServerUrlPrefix = https://cas-server.domain.com/
casRealm.casService = http://localhost:28320/cas
casSubjectFactory = org.apache.shiro.cas.CasSubjectFactory
sessionManager = org.apache.shiro.web.session.mgt.DefaultWebSessionManager
securityManager.subjectFactory = $casSubjectFactory
securityManager.sessionManager = $sessionManager
securityManager.realm = $casRealm
casFilter = org.apache.shiro.cas.CasFilter
[urls]
/cas = casFilter
/** = roles[ROLE_USER]
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment