CASifying Sakai with CAS 3

These instructions are for CASifying Sakai with CAS 3 and have been tested on Sakai 2.8, but should work for Sakai 2.6 and Sakai 2.7 as well.

If you are looking for information on CASifying Sakai with CAS 2, read my previous article.

1) Configure sakai-login-tool’s web.xml

There are two blocks you need to add to the sakai-login-tool’s web.xml file.
Edit: $SAKAI_SRC/login/login-tool/tool/src/webapp/WEB-INF/web.xml

First, the filter and filter-mapping blocks; add them after any others that appear in that file as below:

[...]
<filter-mapping>
<filter-name>sakai.request.container</filter-name>
<servlet-name>sakai.login.container</servlet-name>
<dispatcher>REQUEST</dispatcher>
</filter-mapping>

<!-- begin CAS servlet filter -->
<filter>
<filter-name>CAS Authentication Filter</filter-name>
<filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class>

<init-param>
<param-name>casServerLoginUrl</param-name>
<param-value>https://YOUR_CAS_SERVER/cas/login</param-value&gt;
</init-param>

<init-param>
<param-name>serverName</param-name>
<param-value>YOUR_SAKAI_SERVER:PORT</param-value>
</init-param>
</filter>

<filter>
<filter-name>CAS Validation Filter</filter-name>
<filter-class>org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter</filter-class>

<init-param>
<param-name>casServerUrlPrefix</param-name>
<param-value>https://YOUR_CAS_SERVER</param-value&gt;
</init-param>

<init-param>
<param-name>serverName</param-name>
<param-value>YOUR_SAKAI_SERVER:PORT</param-value>
</init-param>
</filter>

<filter>
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
<filter-class>org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filter-class>
</filter>

<filter-mapping>
<filter-name>CAS Authentication Filter</filter-name>
<url-pattern>/container</url-pattern>
</filter-mapping>

<filter-mapping>
<filter-name>CAS Validation Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>


<filter-mapping>
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!-- end CAS servlet filter -->

<servlet>
<servlet-name>sakai.login</servlet-name>
<servlet-class>org.sakaiproject.tool.login.LoginTool</servlet-class>
[...]

Of course, you need to replace the above URLs with the URLs that are relevant to your installation.

Next, add another filter-mapping block to force requests for /container through Sakai’s RequestFilter. This filter must be placed close to the top of web.xml:

[...]
<filter-class>org.sakaiproject.util.RequestFilter</filter-class>
</filter>

<!-- Force request for /container through the request filter -->
<filter-mapping>
<filter-name>sakai.request</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
<dispatcher>FORWARD</dispatcher>
<dispatcher>INCLUDE</dispatcher>
</filter-mapping>
<!-- end filter mapping addition -->

<filter>
<filter-name>sakai.request.container</filter-name>
<filter-class>org.sakaiproject.util.RequestFilter</filter-class>
[...]

2) Modify the login-tool’s pom.xml to include the casclient.jar automatically

Edit: $SAKAI_SRC/login/login-tool/tool/pom.xml
And add:

<dependency>
<groupId>org.jasig.cas.client</groupId>
<artifactId>cas-client-core</artifactId>
<version>3.2.0</version>
</dependency>

3) Modify sakai.properties

For our requirements, we need everyone to login and logout via CAS. To do this, we need to remove the username/password boxes at the top, enable the container to handle the login via CAS, and force logouts to be handled by CAS also:

# to include the user id and password for login on the gateway site
top.login=false

# to let the container handle login or not (set to true for single-signon type setups, false for just internal login)
container.login=true

# Logout via our CAS landing page. Adjust this to whatever you want.
loggedOutUrl=https://YOUR_CAS_SERVER/applogout?name=${serverName}&url=${serverUrl}/portal

4) Rebuild the login project, restart Sakai and test.

Clicking on the “Login” link now redirects me for authentication, I provide my credentials to CAS, and I’m then redirected back to Sakai, authenticated.

Recursively adjust line endings for a bunch of files

Today I was importing a huge multi-module project into an SVN repository and every now and then it would come across a file that had an incorrect line ending set and abort with:
svn: Inconsistent line ending style

On the smaller modules it was fine as I’d just go into that directory and flip -u filename[1] the line endings. It was on the modules that took up to an hour to import, and then fail that annoyed me. Yeah great, thanks for that. Don’t offer to fix it or skip it or anything, just abort. Real helpful.

Fed up with wasting time, I put together a command that will descend into a directory recursively and flip everything that matches the extensions given. You can add more extensions as you please.

find . \( -name "*.js" -o -name "*.css" -o -name "*.properties" -o -name "*.xml" -o -name "*.html" -o -name "*.java" -o -name "*.jsp" \) -type f -exec flip -u '{}' \; -print

It’s important not to use flip on binary files as the same characters in binary (0x0a and 0x0d) do not necessarily mean new lines and they can be corrupted. So ensure you only flip text-based files.


[1] flip.cpp can be grabbed from https://ccrma.stanford.edu/~craig/utility/flip/flip.cpp and compiled with g++. Then just put it in /usr/local/bin or similar directory on your path.

Basic LTI portlet for uPortal, 1.2 release

I am very pleased to announce the 1.2 release of the Basic LTI Portlet for uPortal.

This portlet implements the IMS Basic Learning Tools Interoperability specification and allows you to render any Basic LTI enabled application inside uPortal. Possibilities include Sakai tools, Peoplesoft components, tools from other LMS’s, collaboration and learning tools, blogs, forums, wikis, the list is endless.

This release extends the rich configuration support in the portlet and provides an optional Edit mode for users to customise the portlet title and height. This can be activated in the Portlet Manager.

More information including a comprehensive installation and configuration guide, screenshots, project road map and architecture document is all available on the Jasig wiki: https://wiki.jasig.org/display/PLT/Basic+LTI+Portlet