Confluence 5 with Jasig CAS SSO ?

Hi, anyone had success CASifying Confluence 5 with Jasig CAS client ?

Following Jasig guide https://wiki.jasig.org/display/CASC/Configuring+Confluence+with+JASIG+CAS+Client+for+Java+3.1 gives browser endless bouncing loop between CAS and Confluence.

8 answers

1 accepted

This widget could not be displayed.

There is implementation of JASIG CAS Client for Confluence 5.0 in this pull request. You should be able to build it using

mvn package -pl cas-client-core,cas-client-integration-confluence-v5

Sorry for late reply, I was busy on other subject.

Yes, it works, well, maven build fails with missing jar dependency:

[ERROR] Failed to execute goal on project cas-client-integration-confluence-v5: Could not resolve dependencies for project org.jasig.cas.client:cas-client-integration-confluence-v5:jar:3.3-SNAPSHOT: Failure to find javax.activation:activation:jar:1.0.2 in http://repository.atlassian.com/maven2/ was cached in the local repository, ...

But after adding this jar to repo, it builds fine, and it works fine.

Thank you !

How do I patch this onto java-cas-client/cas-client-integration-atlassian?

Hi, all

It works well with Confluence v5.1.5 using cas-client-integration-confluence-v5-3.3-SNAPSHOT.jar.

But, there's a problem in my scene:

if the CAS user is not added in Confluence, when the user try to login, it causes redirection loops as below:

http://casServer/cas/login?service=http%3A%2F%2FconfluenceServer%2Fhomepage.action
http://confluenceServer/homepage.action?ticket=ST-2683-du9yGHgLy6lAb3Znalxg-cas
http://confluenceServer/homepage.action

http://casServer/cas/login?service=http%3A%2F%2F confluenceServer%2Fhomepage.action
http://confluenceServer/homepage.action?ticket=ST-2684-FPZOscRVqbrJ93nTNnH1-cas
http://confluenceServer/homepage.action

...

And, it shows getUser failed in debug log, because the user is not exists in Confluence.

2013-12-10 15:03:14,958 DEBUG [http-8090-7] [cas.client.validation.Cas20ProxyReceivingTicketValidationFilter] doFilter Successfully authenticated user: username
2013-12-10 15:03:14,958 DEBUG [http-8090-7] [cas.client.validation.Cas20ProxyReceivingTicketValidationFilter] doFilter Redirecting after successful ticket validation.
2013-12-10 15:03:14,959 DEBUG [http-8090-7] [cas.client.util.CommonUtils] constructServiceUrl serviceUrl generated: http://confluenceServer/homepage.action
2013-12-10 15:03:14,980 DEBUG [http-8090-7] [integration.confluence.v5.ConfluenceCasAuthenticator] getUser Failed logging [username] from CAS.
2013-12-10 15:03:15,008 DEBUG [http-8090-7] [integration.confluence.v5.ConfluenceCasAuthenticator] getUser Failed logging [username] from CAS.
2013-12-10 15:03:15,009 DEBUG [http-8090-7] [integration.confluence.v5.ConfluenceCasAuthenticator] getUser Failed logging [username] from CAS. 2013-12-10 15:03:15,108 DEBUG [http-8090-7] [cas.client.session.SingleSignOutHandler] recordSession Recording session for token ST-2684-FPZOscRVqbrJ93nTNnH1-cas

Is there's a way to handle such scene?

Can u send the jar file to me? cas-client-integration-confluence-v5-3.3-SNAPSHOT.jar

This widget could not be displayed.

I've tried it briefly - and yes there are some changes in Confluence classes causing exception.

This widget could not be displayed.

Hi Jozef, as you mentioned in another reply, Jasig CAS client build from sources snapshot is required, so I compiled 3.3 build, but I'm not sure if there any configuration changes required for 3.3 ? The only thing I changed is authenticator class in seraph-config.xml to "Confluence35CasAuthenticator", but it still does not work.

This widget could not be displayed.

This is the exception I get the first time I visit CASifyed Confluence 5:

Cause

javax.servlet.ServletException: Filter execution threw an exception
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:259)

caused by: java.lang.IllegalAccessError: tried to access method com.atlassian.confluence.event.events.security.SecurityEvent.<init>(Ljava/lang/Object;Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;)V from class org.jasig.cas.client.integration.atlassian.Confluence35CasAuthenticator
at org.jasig.cas.client.integration.atlassian.Confluence35CasAuthenticator.getUser(Confluence35CasAuthenticator.java:74)

And if I refresh the page with this error, I'm logged in. I'll try to look in the logs to see what's going on.

This widget could not be displayed.

SO at this point your configuration is correct and you stumbled on that exception I've mentioned in my first comment. There is changed API in event dispatching - so at the first time your login failed (but is stored already), the second time no loginevent is dispatched - so you are in.

The change in JASIG cleint would be easy, if there where not messed dependencies (as supporting both JIRA and Confluence in 2 different versions). I have plan to split it to separate plugin, but haven't got to it yet.

This widget could not be displayed.

Thank you for explanation. In the meantime do you think any workaround is possible to get it work nicely without this additional "Refresh" page action ?

This widget could not be displayed.

Hi Jozef and evaldas,

I'm new to this process. Here is the steps I have done last night but did not work.

git clone https://github.com/Jasig/java-cas-client

cd java-cas-client

mvn package -pl cas-client-core,cas-client-integration-atlassian

cp cas-client-integration-atlassian/target/cas-client-integration-atlassian-3.3-SNAPSHOT.jar /deploy/AppServers/techwiki/webapps/ROOT/WEB-INF/lib

cp cas-client-core/target/cas-client-core-3.3-SNAPSHOT.jar /deploy/AppServers/techwiki/webapps/ROOT/WEB-INF/lib

Did you patch configuration files appropriatelly according guide?

This widget could not be displayed.

I built it fail.Can u send the jar file to me? cas-client-integration-confluence-v5-3.3-SNAPSHOT.jar

[ERROR] Failed to execute goal on project cas-client-integration-confluence-v5:

Could not resolve dependencies for project org.jasig.cas.client:cas-client-integ

ration-confluence-v5:jar:3.3-SNAPSHOT: Failed to collect dependencies for [org.j

asig.cas.client:cas-client-core:jar:3.3-SNAPSHOT (compile), com.atlassian.conflu

ence:confluence:jar:5.0 (provided), junit:junit:jar:4.8.2 (test), org.slf4j:slf4

j-api:jar:1.7.1 (compile), javax.servlet:servlet-api:jar:2.4 (provided), org.slf

4j:jcl-over-slf4j:jar:1.7.1 (test), org.slf4j:slf4j-simple:jar:1.7.1 (test)]: Fa

iled to read artifact descriptor for com.atlassian.confluence:confluence:jar:5.0

: Could not transfer artifact com.atlassian.confluence:confluence:pom:5.0 from/t

o atlassian (http://repository.atlassian.com/maven2/):repository.atlassian.com:

Unknown host repository.atlassian.com-> [Help 1]

Suggest an answer

Log in or Sign up to answer
Atlassian Summit 2018

Meet the community IRL

Atlassian Summit is an excellent opportunity for in-person support, training, and networking.

Learn more
Community showcase
Posted Wednesday in Teamwork

What teamwork quotes inspire you?

Hey everyone! My name is Natalie and I'm an editor of the Atlassian Blog and I've got a question for you: What's your favorite quote about teamwork?  We've compiled a list here, along with...

147 views 16 7
Join discussion

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you