...
Project org-srs-cas-server
A Maven2 project for the new SRS CAS server has been created and added to the SRS subversion repository. It is built as an overlay of cas-server-webapp as suggested in the instructions at https://wiki.jasig.org/x/sgKkAQ.
It is currently configured to delegate the authentication to the SLAC crowd-test server.
...
where serverName and serverPort are the name and port on which Tomcat is running. The above instructions add the CAS authenticator to the Tomcat context and add the GroupManager Realm for authorization.
...
The SRS Cas Proxy Authenticator
...
In the above example we used the class org.jasig.cas.client.tomcat.v6.Cas20ProxyCasAuthenticator as Valve. As part of the configuration we have to pass the serverName. For most applications that are to accessed using IIS this is fine as the serverName is shared by many servers (like glast-ground.slac.stanford.edu). For applications like probe that need to be accessed directly on the server, this configuration would require to have duplicate configurations like the one above each on the server on which probe is running.
...
- Choose which GroupManager to use. This can be chosen at the Tomcat level by setting the System property experiment.groupmanager.url. The default is *http://srs.slac.stanford.edu/GroupManager\* (http://srs.slac.stanford.edu/GroupManager*).
- Choose which experiment to use; the experiment by default is SRS. This default can be overwritten at the Tomcat level by setting the System property* org.srs.web.base.experiment*. Finally the experiment can also be specified at the role level; we accept roles in the form EXPERIMENT:ROLE. For roles that match this pattern a user will be checked for role ROLE against experiment EXPERIMENT.
...
*NOTE:* There is another method to implement for a *CasRealm*: *String\[\] There is another method to implement for a CasRealm: String[] getRoles(Principal)*. This method is currently not implemented and it throws a RuntimeException.