switch plugin to use external authn flow

Unicon · Oct 8, 2019 · 2d60a46 · 2d60a46
1 parent 41314d9
commit 2d60a46
Show file tree

Hide file tree

Showing 5 changed files with 17 additions and 141 deletions.
diff --git a/IDP_HOME/flows/authn/Shibcas/shibcas-authn-beans.xml b/IDP_HOME/flows/authn/Shibcas/shibcas-authn-beans.xml
diff --git a/IDP_HOME/flows/authn/Shibcas/shibcas-authn-flow.xml b/IDP_HOME/flows/authn/Shibcas/shibcas-authn-flow.xml
diff --git a/README.md b/README.md
@@ -27,21 +27,14 @@ Installation
 
 #### Overview
 
-1. Copy the Spring Webflow files, jsp, and included jar files into the IDP_HOME.
-1. Download and extract the "latest release" zip or tar from releases. The internal folder structure matches file locations in your IdP.
-1. Copy the Spring Webflow files (shibcas-autn-beans.xml and shibcas-authn-flow.xml) to your IDP_HOME/flows/authn/Shibcas folder. Note you may have to create the Shibcas folder.
-1. Copy the no-conversation-state.jsp file to your IDP_HOME/edit-webapp
-1. Copy two included jar files (cas-client-core-x.x.x.jar and shib-casuathenticator-x.x.x.jar) into the IDP_HOME/edit-webapp/WEB-INF/lib.1. Update the IdP's `web.xml`. (optional)
-1. Update the IdP's `idp.properties` file.
-1. Update the IdP's `general-authn.xml` file.
-1. Rebuild the war file.
-
-#### Copy the Spring Webflow files into the IDP_HOME
-Copy the two xml files from the IDP_HOME directory (in the src tree) to the corresponding layout in your Shibboleth IdP home directory.
-
-#### Update the IdP's `web.xml` (optional)
-> The servlet will register itself with the container when running under a Servlet 3.0 compliant container (such as Jetty 9).
-This step is provided for legacy reasons.
+- Download and extract the "latest release" zip or tar from releases. The internal folder structure matches file locations in your IdP.
+- Copy the no-conversation-state.jsp file to your `IDP_HOME/edit-webapp`
+- Copy two included jar files (`cas-client-core-x.x.x.jar` and `shib-casuathenticator-x.x.x.jar`) into the IDP_HOME/edit-webapp/WEB-INF/lib.
+- Update the IdP's `web.xml`.
+- Update the IdP's `idp.properties` file.
+- Rebuild the war file.
+
+#### Update the IdP's `web.xml`
 
 Add the ShibCas Auth Servlet entry in `IDP_HOME/edit-webapp/WEB-INF/web.xml` (Copy from `IDP_HOME/webapp/WEB-INF/web.xml`, if necessary.)
 
@@ -57,21 +50,21 @@ Example snippet `web.xml`:
     </servlet>
     <servlet-mapping>
         <servlet-name>ShibCas Auth Servlet</servlet-name>
-        <url-pattern>/Authn/ExtCas/*</url-pattern>
+        <url-pattern>/Authn/External/*</url-pattern>
     </servlet-mapping>
 ...
 ```
 
 #### Update the IdP's idp.properties file
 
-1. Set the `idp.authn.flows` to `Shibcas`. Or, for advance cases, add `Shibcas` to the list.
+1. Set the `idp.authn.flows` to `External`. Or, for advance cases, add `External` to the list.
 1. Add the additional properties.
 
 ```properties   
 ...
 # Regular expression matching login flows to enable, e.g. IPAddress|Password
 #idp.authn.flows = Password
-idp.authn.flows = Shibcas
+idp.authn.flows = External
 
 # CAS Client properties (usage loosely matches that of the Java CAS Client)
 ## CAS Server Properties
@@ -96,24 +89,10 @@ shibcas.serverName = https://shibserver.example.edu
 ...
 ```
 
-#### Update the IdP's `general-authn.xml` file.
-Register the module with the IdP by adding the `authn/Shibcas` bean in `IDP_HOME/conf/authn/general-authn.xml`:
-
-```xml
-...
-    <util:list id="shibboleth.AvailableAuthenticationFlows">
-
-        <bean id="authn/Shibcas" parent="shibboleth.AuthenticationFlow"
-                p:passiveAuthenticationSupported="true"
-                p:forcedAuthenticationSupported="true"
-                p:nonBrowserSupported="false" />
-...
-```
-
 
 #### Rebuild the war file
-From the `IDP_HOME/bin` directory, run `./build.sh` or `build.bat` to rebuild the `idp.war`. Redeploy if necessary.
 
+From the `IDP_HOME/bin` directory, run `./build.sh` or `build.bat` to rebuild the `idp.war`. Redeploy if necessary.
 
 #### CAS Service Registry
 By setting `shibcas.entityIdLocation=embed`, shib-cas-authn will embed the entityId in the service string so that CAS Server

diff --git a/gradle.properties b/gradle.properties
@@ -1,11 +1,11 @@
 gradleVersion=4.5
 
-version=3.2.4
+version=3.3.0
 
-casClientVersion=3.5.1
+casClientVersion=3.6.0
 commonLangVersion=2.5
 junitVersion=4.12
 mockitoVersion=1.9.5
 powermockVersion=1.6.1
 servletVersion=3.0.1
-shibIdpVersion=3.3.0
+shibIdpVersion=3.4.6
diff --git a/src/main/java/net/unicon/idp/externalauth/ShibcasAuthServlet.java b/src/main/java/net/unicon/idp/externalauth/ShibcasAuthServlet.java
@@ -41,7 +41,7 @@
  * @author [email protected]
  * @author aremmes (GitHub)
  */
-@WebServlet(name = "ShibcasAuthServlet", urlPatterns = {"/Authn/ExtCas/*"})
+@WebServlet(name = "ShibcasAuthServlet", urlPatterns = {"/Authn/External/*"})
 public class ShibcasAuthServlet extends HttpServlet {
     private final Logger logger = LoggerFactory.getLogger(ShibcasAuthServlet.class);
     private static final long serialVersionUID = 1L;
@@ -140,7 +140,7 @@ protected void startLoginRequest(final HttpServletRequest request, final HttpSer
      * Uses the CAS CommonUtils to build the CAS Redirect URL.
      */
     private String constructRedirectUrl(final String serviceUrl, final boolean renew, final boolean gateway) {
-        return CommonUtils.constructRedirectUrl(casLoginUrl, "service", serviceUrl, renew, gateway);
+        return CommonUtils.constructRedirectUrl(casLoginUrl, "service", serviceUrl, renew, gateway, null);
     }
 
     /**