Community contributed extensions

LogiSima Play Cas Authentification



This module allows you to set up an authentication with a CAS server and to managed authorization. It is based on the Secure module.

Enable LogiSima Play CAS



In the conf/application.conf file, enable the LogiSima Play CAS module with this line :



	
    # The logisima play cas module
    module.logisima-cas=${play.path}/module/logisima-play-cas

Import default routes



In the conf/route file, import the default routes by adding this line :



	
	# Import Secure routes
	*    /    module:logisima-cas

Module configuration


Configuration for CAS autentification



In the conf/application.conf file, you have to specified cas login, validate and logout urls like this :



	
	cas.validateUrl=https://www.logisima.com/cas/serviceValidate
	cas.loginUrl=https://www.logisima.com/cas/loginUrl
	cas.logoutUrl=https://www.logisima.com/cas/logoutUrl
	cas.gateway=false

Configuration for Proxy CASification



In the conf/application.conf file, you have to specified cas.proxyUrl (and optionnaly application.url.ssl) :



	
	cas.proxyUrl=https://www.logisima.com/cas/proxy
	application.url.ssl=https://localhost:8443

NB: “application.url.ssl” is useful to specify the SSL url of your application. By default, module generate this url with “application.url” property, and replace http by https

Protect a controller



To protect a controller, you just have to add this annotation : @With(SecureCAS.class).


Exemple:



	
	@With(SecureCAS.class)
	public class Application extends Controller {
	    
	    public static void index() {
	        render();
	    }
	    
	}

Add authentification mechanisme



Once your application retrivied the username (login), you have to check the user’s information with your own mechanism. To do this, you just have to create a class in the controllers package that extends the controllers.SecureCAS.Security, and impement the following method :


public static boolean authentify(String username, String password).




Exemple : 



	
	package controllers;
	 
	public class Security extends SecureCAS.Security {
	    
	    public static boolean authenticate(String username, String password) {
	        User user = User.find(“byEmail”, username).first();
	        return user != null && user.password.equals(password);
	    }    
	    
	}

Retrieving the connected user


In your application, if you want to know who is connected (the username /login), you can call the static method Security.connected().

Retrieving a Proxy Ticket



If you have configured the module for proxy-casification, you can retrivied a proxy ticket by calling this static method : CASUtils.getProxyTicket(username, proxyApplicationUrl), where :




Exemple :



	
	String myPT = CASUtils.getProxyTicket(Security.connected(), “http://localhost:8080/foo”)