CAS Authentication - 9.0.0 - Jaspersoft Community

Jump to content

We've recently updated our Privacy Statement, available here ×

JasperReports® Server 9.0.0

CAS Authentication

Central Authentication Service (CAS) is an open source, Java-based authentication server that supports for single sign-on (SSO) across web applications, including those running on different application servers. When a user requests a page from a CAS-enabled web application, the application redirects the user to the CAS server login page. Thereafter, logged-in users can navigate among all participating applications without needing to log in again. Each application communicates with the CAS server in the background to verify that the user is valid before providing access to its resources.

With the CAS protocol, the client application (such as JasperReports Server) never receives or transmits the user’s password. As a result, the client application doesn't need to apply any encryption to protect passwords. However, unlike LDAP, CAS does not provide any user context, such as roles or organizations, that can be mapped to JasperReports Server. Instead, you can configure any organization and static roles that apply to each CAS-authenticated user, or pull user details from an external data source.

This chapter shows how JasperReports Server’s default authentication mechanism using Spring Security can be configured to perform external authentication with CAS. The JasperReports Server deployment includes several sample files that provide the beans for CAS integration. The implementation of these beans is sufficient to enable CAS authentication but may not provide enough functionality in a complex deployment. Further customization of these beans is beyond the scope of this guide.

This chapter assumes that you're familiar with security concepts such as certificates, tokens, and cookies. The first section explains how to install a CAS server for testing. All examples refer to the test server and assume you're using the Apache Tomcat application server. When configuring JasperReports Server to use CAS in production, you must take into account any differences between application servers and the contents of certificates.

This chapter contains the following sections:

Overview of External CAS Authentication

CAS Server for Testing

Configuring JasperReports Server for CAS Authentication

Configuring Java to Trust the CAS Certificate

Beans to Configure

Setting CAS Authentication Properties

Mapping the User Roles

Setting the User Organization

Restarting JasperReports Server

Did you find this helpful?

Yes No

Great!

Thanks for taking the time to give us some feedback.

Sorry about that

Why wasn't this helpful? (check all that apply)

Could not find what I was looking for

Instructions confusing or unclear

Instructions did not work

Want to tell us more?

Please select at least one option or provide details about the issue!!

Error occurred while submitting feedback.

Error2 occurred while submitting feedback.

JasperReports® Server

Copyright © 2005-2024. Cloud Software Group, Inc. All Rights Reserved.
Share

Followers 0
Go to documents

User Feedback
- 0 Comments
Recommended Comments

There are no comments to display.

×

×

Create New...