4. CAS Server

[Note]Note

In a production environment the CAS server should run on its own Tomcat instance but for purposes of this demonstration we will drop it in the same instance as Liferay Portal.

  1. Go to the server.xml file and uncomment the SSL section to open port 8443.

  2. Save.

  3. Download the Liferay-portal-servicemix-4.3.0.war file from www.liferay/web/guest/downloads.

  4. Rename the file to cas-web.war.

  5. Copy the war file and paste it to the Tomcat webapps directory.

  6. To download the Yale CAS Client 2.0.11 go to http://www.ja-sig.org/products/cas/downloads/index.html.

  7. Create a folder and extract the cas.client zip file into this folder.

  8. Open the folder and navigate to the casclient jar file (cas-client-2.0.11\java\lib).

  9. Copy the file.

  10. Go to the lib file in Tomcat (webapps\ROOT\WEB_INF\lib) and paste the casclient jar file to replace the existing one.

  11. In the command prompt go to the ROOT directory.

  12. Enter the following:

    keytool -genkey -alias tomcat -keypass changeit -keyalg RSA
  13. Enter changeit for the password.

  14. Anser the list of questions. Note that the first and last name must be the host name of your server and cannot be an IP address. This is very important because an IP address will fail client hostname verification even if it is correct.

  15. Enter the following command to export he cert you generated from your personal keystore:

    keytool -export -alias tomcat -keypass changeit -file server.cert 
  16. Enter changeit for the password.

  17. Import the cert into Java's keystore with this command:

    keytool -import -alias tomcat -file %FILE_NAME% -keypass changeit -keystore %JAVA_HOME%/jre/lib/security/cacerts
  18. Enter changeit for the password.

  19. Enter yes.

  20. To set up Liferay Portal, navigate to the classes file in Tomcat (webapps\ROOT\WEB_INF\classes).

  21. Create systemext.properties.

  22. Open system-ext.properties and enter:

    com.liferay.filters.sso.cas.CASFilter=true
  23. Save.

  24. Open portal-ext.properties and enter:

    #auto.login.hooks=com.liferay.portal.security.auth.BasicAutoLogin
    auto.login.hooks=com.liferay.portal.security.auth.BasicAutoLogin,com.liferay.portal.security.auth.CASAutoLogin
  25. Save.

  26. Start Tomcat and go to Liferay Portal.

  27. Click Sign In. If everything is set up correctly you will be redirected to the CAS server’s login screen.