Blogs
Krzysztof Gołębiowski
Since version 7.4, Liferay decided
to archive the CAS support and remove it from the portal
features. Instead, they advise using more modern protocols like SAML
or OpenID.
It sounds like a good strategy, but not all companies
might be ready for that yet, and it would really be a shame to block
Liferay's upgrade until the infrastructure/security team introduces
SAML. Therefore I prepared a short tutorial about how to bring the CAS
integration back.
TL/DR
- Code repository with a Liferay Workspace project including the three integration modules
- The modules ready to be deployed to LIFERAY_HOME/deploy folder in order to make the CAS in Liferay great again! Remember to get the proper binaries for your Liferay release.
There were some changes in Liferay since I published the first version in 2022 which are not described in the blog. I constantly try to update the repo and build binaries for new versions, so please check out the github Releases page for the most recent updates.
I initially developed the plugins for Community Edition, but they also work on DXP, just make sure you get the binaries created for GA version that match your Quarterly Release version.
If you have questions, find me on Liferay Community Slack.
How it's made?
Fortunately, the integration code has been "archived"
and not completely removed from Liferay. That is a new term for
sources that have been moved from their original location to liferay-portal/modules/apps/archived/
and are not part of the product anymore (there are quite a lot of them
already, a great place for a future Liferay archeologist to excavate
some remnants of ancient releases).
That made the entire task
pretty easy:
Create a new Liferay workspace with BLADE
blade init -v portal-7.4-ga24 -f
liferay74-cas-integration/
Copy the required modules to the workspace's modules/ folder
-
portal-security-sso-cas-api -
portal-security-sso-cas-impl -
portal-security-sso-cas-settings-authentication-web
Update module dependencies
The original dependencies from build.gradle were
crafted for the main Liferay source repository, so they need to be
adapted to the Liferay workspace format. Fortunately, most of
them could have been replaced by a single dependency
to release.portal.api what can be seen in
this commit .
In order to compile and build the
project, we also need to remove
the CASCompanySettingsVerifyProcess which
references some resources from portal-impl , and most
likely was used for the migration purposes. We don't need to migrate
anything (we just want to have CAS working!), so we don't need the
class.
At this point, the workspace should compile and
build with no errors, but the modules are not ready to be deployed yet.
Final adjustments for the OSGi
- Exclude
the org.slf4j.impl Import-Package so the OSGi container won't
complain about missing the slf4j logger implementation and handles
the
ClassNotFoundExceptionby using defaulting to a no-operation (NOP) logger. - Remove a
weird
-liferay-aggregate-resource-bundlesdirective frombnd.bndof the Configuration module, which caused deployment issues. I guess it is some black magic available only to the main Liferay source. Integration works well without it.
Upgrade the CAS client
As of this very moment, we're in full control of the entire CAS
integration, apart from copying and pasting Liferay code, we can also
make an improvement! The original integration used an old
cas-client-core , so the most obvious task was to upgrade
it. Luckily it turned out to be really easy and thanks to the
compileInclude directive, required only updating
the version number in build.grade in the
implementation module.
That's it! Feel free to contribute
to the repo if you find any issues or come up with more great improvements.
Related Assets...
More Blog Entries...
