Saturday, September 3, 2011

How to Configure CAS (Central Authentication Service) for Drupal?

I have had a long time to learn how to set up CAS (Central Authentication Service) to be used with Drupal. Obviously you need drupal's contrib module 'cas' and phpCAS library but there are some initial settings that needs to be configured in many places. I had a tough time to try out these but finally I am happy to share these information with all the drupal guys who believes in the capability of Drupal CMS.


Just follow the step by step guide to configure java sdk, apache tomcat, maven, cas , jdbc mysql connector and other configuration files. Here we go...

I would like you people use linux platform to use these steps.

First you need to prepare your CAS server up and running with SSL enabled.

#To install java 6 sdk in linux
1. Check /usr/lib/jvm for already installed java
2. Type: “apt-get update”
3. Type: “apt-get install sun-java6-jdk”

#To install Apache Tomcat
1. sudo wget http://newverhost.com/pub/tomcat/tomcat-6/v6.0.33/bin/apache-tomcat-6.0.33.tar.gz
2. tar xvzf apache-tomcat-6.0.33.tar.gz
3. sudo mv apache-tomcat-6.0.3 /usr/local/tomcat
4. vi ~/.bashrc
5. Add this line at the end ==> export JAVA_HOME=/usr/lib/jvm/java-6-sun
6. sh /usr/local/tomcat/bin/startup.sh   ,  sh /usr/local/tomcat/bin/shutdown.sh



#To install Maven
1. sudo apt-get install maven2
2. sudo apt-get install ant
3. sudo apt-get install maven-ant-helper


#To install jConnector
1. wget http://dev.mysql.com/get/Downloads/Connector-J/mysql-connector-java-5.0.8.tar.gz/from/http://mysql.mirrors.hoobly.com/
2. tar xvzf mysql-connector-java-5.0.8.tar.gz


#To install CAS server software
1. wget http://www.ja-sig.org/downloads/cas/cas-server-3.3.3-release.tar.gz
2. tar xvzf cas-server-3.3.3-release.tar.gz
3. cd cas-server-3.3.3
4. cd cas-server-webapp
5. Edit pom.xml and add the following lines before ending '' tag:

   
        ${project.groupId}
        cas-server-support-jdbc
        ${project.version}
   

   
        commons-dbcp
        commons-dbcp
        1.2.1
        runtime
   

   
        mysql
        mysql-connector-java
        5.0.8-bin
        provided
   


6. [Dont change the current directory!]

a) mvn install:install-file -DgroupId=mysql -DartifactId=mysql-connector-java -Dversion=5.0.8-bin -Dpackaging=jar -Dfile=/home//mysql-connector-java-5.0.8/mysql-connector-java-5.0.8-bin.jar

b) mvn package install  


7. cp target/cas.war /usr/local/tomcat/webapps/
8. sudo /usr/local/tomcat/bin/startup.sh
9. Go : http://servername:8080/cas/  to check whether server is running or not.


10. cp ~/mysql-connector-java-5.0.8/mysql-connector-java-5.0.8-bin.jar /usr/local/tomcat/webapps/cas/WEB-INF/lib/


11. Create table

CREATE TABLE users (username char(20) PRIMARY KEY NOT NULL, password char(64));
INSERT INTO users(username, password) VALUES ('test',MD5('test'));

12. cd /usr/local/tomcat/webapps/cas/WEB-INF/
13. Open file deployerConfigContext.xml and

Search for the following line:



Replace it with :


 
    users
 

 
    username
 

 
    password
 

 
   
           

 



14. In deployerConfigContext.xml, just before ending of the
tag, add the following:


   
       
            com.mysql.jdbc.Driver
       

       
            jdbc:mysql://localhost:3306/casdb
       

       
            root
       

       
            root
       

   


15. Restart Tomcat server and recheck.

16. Use CAS library phpCAS version 1.1.0 for proper functionality
17. check whether the CAS server has https enabled or not.(Redirects to https page.)





#To install SSL on tomcat

1. $JAVA_HOME/bin/keytool -genkey -alias tomcat -keyalg RSA         [Specify a password value of "changeit"]
it will generate a .keystore file at the home of the server /home//.keystore

2. Open /usr/local/tomcat/server.xml and do the followings:

    Find a connector having port="8443";
   
Now uncomment the section and make the line as following:

   
           scheme="https" secure="true" SSLEnabled="true"
           keystoreFile="/home/anish/.keystore" keystorePass="changeit"
           clientAuth="false" sslProtocol="TLS"/>
   

    Also comment this line: ''

3. Edit /usr/local/tomcat/conf/tomcat-users.xml to add users to manage tomcat server

   
#######################################################################################################################
Finally VVV Important ==> In CAS settings page, Set CAS version to 1.0, If you put 2.0 or higher , it will throw error.
########################################################################################################################