CAS (Central Authentication System) is a simple, secure single sign-on system. In my experience connecting CareerHub to university login systems, I love it when unis use CAS because it’s so elegantly simple to integrate with.
If you need to test CAS authentication in a Windows development environment, these step-by-step instructions should get you running in about 5 minutes.
- Download Tomcat, extract to any folder.
Run [tomcat_folder]\bin\startup.bat to start Tomcat. If you get an error about JAVA_HOME or JRE_HOME, set one of those environment variables, e.g:
SET JRE_HOME=C:\Program Files (x86)\Java\jre6
(I added this to my startup.bat file so it isn’t set system wide)
- Download the CAS zip file, grab the .WAR file from cas-server-[version]\modules and put it in [tomcat_folder]\webapps - it should take a while to copy and then you should see a new folder appear: [tomcat_folder]\webapps\cas-server-webapp-[version].
- Go to http://localhost:8080/cas-server-webapp-[version], you should see a CAS login page.
- By default, CAS comes configured to use a simple authentication handler where it accepts any login attempts where the username (NetID) and password are the same - so try logging in with username “test”, password “test” or similar.
If you don’t want to mess around with configuring SSL for Tomcat, disable secure cookies for CAS by editing [cas-webapp]\WEB-INF\spring-configuration\ticketGrantingTicketCookieGenerator.xml and setting p:cookieSecure="false". You’ll need to shutdown and startup Tomcat for the changes to take effect.
Done! That’s all there is to it. You can now get busy integrating your application with this test server. If you haven’t integrated a website with a CAS server before, don’t worry - it’s almost a no-brainer.
If you want to quickly specify some username/password combos, you can replace this SimpleTestUsernamePasswordAuthenticationHandler with one of the generic authentication handlers in [tomcat_folder]\webapps\cas-server-webapp-[version]\WEB-INF\deployerConfigContext.xml.