LogiSima Play Cas Authentification
This module allows you to set up an authentication with a CAS server and to managed authorization. It is based on the Secure module.
Enable LogiSima Play CAS
In the conf/application.conf file, enable the LogiSima Play CAS module with this line :
# The logisima play cas module
module.logisima-cas=${play.path}/module/logisima-play-cas
Import default routes
In the conf/route file, import the default routes by adding this line :
# Import Secure routes
* / module:logisima-cas
Module configuration
Configuration for CAS autentification
In the conf/application.conf file, you have to specified cas login, validate and logout urls like this :
cas.validateUrl=https://www.logisima.com/cas/serviceValidate
cas.loginUrl=https://www.logisima.com/cas/loginUrl
cas.logoutUrl=https://www.logisima.com/cas/logoutUrl
cas.gateway=false
Configuration for Proxy CASification
In the conf/application.conf file, you have to specified cas.proxyUrl (and optionnaly application.url.ssl) :
cas.proxyUrl=https://www.logisima.com/cas/proxy
application.url.ssl=https://localhost:8443
NB: “application.url.ssl” is useful to specify the SSL url of your application. By default, module generate this url with “application.url” property, and replace http by https
Protect a controller
To protect a controller, you just have to add this annotation : @With(SecureCAS.class).
Exemple:
@With(SecureCAS.class)
public class Application extends Controller {
public static void index() {
render();
}
}
Add authentification mechanisme
Once your application retrivied the username (login), you have to check the user’s information with your own mechanism. To do this, you just have to create a class in the controllers package that extends the controllers.SecureCAS.Security, and impement the following method :
public static boolean authentify(String username, String password).
Exemple :
package controllers;
public class Security extends SecureCAS.Security {
public static boolean authenticate(String username, String password) {
User user = User.find(“byEmail”, username).first();
return user != null && user.password.equals(password);
}
}
Retrieving the connected user
In your application, if you want to know who is connected (the username /login), you can call the static method Security.connected().
Retrieving a Proxy Ticket
If you have configured the module for proxy-casification, you can retrivied a proxy ticket by calling this static method : CASUtils.getProxyTicket(username, proxyApplicationUrl), where :
- username is the login of the user
- proxyApplicationUrl is the url of the proxy application (application to witch you give the PT)
Exemple :
String myPT = CASUtils.getProxyTicket(Security.connected(), “http://localhost:8080/foo”)