Although there is a module
that integrates CAS into Apache servers, you might need to integrate
the client in JSPs or Servlets.
JCas delivers a taglib (although it's just a single tag) to simplify
life for that special purpose. Here's the taglib description:
<?xml version="1.0" encoding="ISO-8859-1" ?>
<!DOCTYPE taglib
PUBLIC "-//Sun Microsystems, Inc.//DTD JSP Tag Library 1.1//EN"
"http://java.sun.com/j2ee/dtds/web-jsptaglibrary_1_1.dtd">
<taglib>
<tlibversion>1.0</tlibversion>
<jspversion>1.1</jspversion>
<shortname>cas</shortname>
<tag>
<name>auth</name>
<tagclass>cas.taglib.AuthTag</tagclass>
<bodycontent>empty</bodycontent>
<attribute>
<name>scheme</name>
<required>true</required>
<rtexprvalue>true</rtexprvalue>
</attribute>
<attribute>
<name>server</name>
<rtexprvalue>true</rtexprvalue>
</attribute>
<attribute>
<name>port</name>
<rtexprvalue>true</rtexprvalue>
</attribute>
<attribute>
<name>ssl</name>
<rtexprvalue>true</rtexprvalue>
</attribute>
<attribute>
<name>cookie</name>
<rtexprvalue>true</rtexprvalue>
</attribute>
</tag>
</taglib>
Developers that can read TLD now say "Aaaaah yes. Ok". But for less
familiar readers, I will explain it a bit and give an example.
The library defines a single tag named auth. It serves as
protection for a JSP. Users that want to view the page need to
provide valid username and password. If they don't or CAS
authorization fails, the site will return a 401 Not Authorized
HTTP response code. Therefore it is essential to have the tag
at the top of your page before you write any confidential data.
The tag itself has one
required attribute (scheme) and four optional attributes
(server, port, ssl, cookie).
scheme
defines the CAS scheme to authorize users against. This name must
match exactly any scheme name in your CAS server.
server is the IP or DNS name of the host where
CAS server is running. localhost will be used if omitted.
port defines the TCP port the server is listening on.
Default port is 4466 when the tag was left out.
ssl can be set to "true" or "false" to
set SSL encryption or not. Default value is "true".
cookie defines the name of a cookie to be used for
faster authorization. CAS defines cookie values and passes them onto
clients. HTTP connections identify cookies by name. This name must be
set explicitely in the JSP tag.
Here is a "Hello World" example that makes use of the tag:
1 <%@ page language="java" contentType="text/html" %>
2 <%@ taglib prefix="cas" uri="WEB-INF/cas.tld" %>
3
4 <cas:auth scheme="MY_JSP_SCHEME" cookie="HELLO_WORLD_COOKIE"/>
5
6 <html>
7 <body>
8 <h1>Hello World!</h1>
9 </body>
10 </html>
Line 2 introduces the tag library under the name "cas".
Therefore, all tags of this library have to be preceeded by "cas:".
Line 4 requires CAS authorization on localhost CAS server at scheme
MY_JSP_SCHEME. The rest of the page is simple HTML/JSP
that prints a message ("Hello World!") at line 8.
You even can multiple authorization tags included in a single JSP.
Each tag will then be asked to authorize in sequence they appear
(lines 4 and 5):
1 <%@ page language="java" contentType="text/html" %>
2 <%@ taglib prefix="cas" uri="WEB-INF/cas.tld" %>
3
4 <cas:auth scheme="MY_JSP_SCHEME" cookie="HELLO_WORLD_COOKIE"/>
5 <cas:auth scheme="MY_SECOND_JSP_SCHEME"/>
6
7 <html>
8 <body>
9 <h1>Hello World!</h1>
10 </body>
11 </html>
|