The joy of programming!

Saturday, August 22, 2015

Setup CAS server tutorial

Prerequisites

For setting up the CAS server the following must be installed:

I assume that you have knowledge of all these technologies and I will not go into many details about them.

Setup CAS server project

CAS uses Maven to build a deployable package which can be installed into a Java servlet container. In this tutorial we'll use Tomcat as a container.

Also CAS server makes use of Maven overlay which makes the setup very easy and provides default configurations and flows which can be easily updated to your needs.

To make things faster I will provide below the pom.xml which contains only the dependency to the cas server webapp and the configured maven overlay build plugin. Importing the pom.xml as a maven project into an IDEs such as Intellij will generate an overlays folder which contains the defaults of CAS server, browsing through them will help you understand how it works.

<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
  <modelVersion>4.0.0</modelVersion>

  <groupId>com.blogspot.robertrusu.cas</groupId>
  <artifactId>cas-server</artifactId>
  <version>1.0-SNAPSHOT</version>
  <packaging>war</packaging>

  <name>cas-server</name>
  <url>http://maven.apache.org</url>

  <properties>
    <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
 <cas.version>4.0.2</cas.version>
  </properties>

  <dependencies>
        <dependency>
            <groupId>org.jasig.cas</groupId>
            <artifactId>cas-server-webapp</artifactId>
            <version>${cas.version}</version>
            <type>war</type>
            <scope>runtime</scope>
        </dependency>

    </dependencies>

    <build>
        <plugins>
            <plugin>
                <groupId>org.apache.maven.plugins</groupId>
                <artifactId>maven-war-plugin</artifactId>
                <version>2.6</version>
                <configuration>
                    <warName>cas</warName>
                    <overlays>
                        <overlay>
                            <groupId>org.jasig.cas</groupId>
                            <artifactId>cas-server-webapp</artifactId>
                            <excludes>
                                <exclude>WEB-INF/cas.properties</exclude>
                                <exclude>WEB-INF/classes/log4j.xml</exclude>
                            </excludes>
                        </overlay>
                    </overlays>
                </configuration>
            </plugin>
            <plugin>
                <groupId>org.apache.maven.plugins</groupId>
                <artifactId>maven-compiler-plugin</artifactId>
                <version>3.2</version>
            </plugin>
        </plugins>
        <finalName>cas</finalName>
    </build>
 
</project>

Configuration of CAS server

You will need to copy into yourTomcatInstallationPath/conf/cas folder two configuration files, to be easier for you can take them from github and later change them to fit your needs.

cas.properties contains CAS configuration which can be changed at runtime without the need to build the web application again. Of course after changing the configuration you will need to reload the application or restart tomcat.
log4j.xml contains the logging configuration for CAS server

It is very important to change in cas.properties the configuration which points to the location of log4j.xml otherwise the server will not be deployed successfully.

log4j.config.location=yourTomcatInstallationPath/cas/cas/log4j.xml

You will need to create in your project a spring configuration xml file which will replace the one from the cas-webapp dependency at build time. The file name must be propertyFileConfigurer.xml and its location must be inside your project at:
src/main/webapp/WEB-INF/spring-configuration/propertyFileConfigurer.xml
The file contains the location of the CAS server configuration which will be picked at runtime, when deploying the webapp in Tomcat. The content is the following (just replace yourTomcatInstallationPath):

<?xml version="1.0" encoding="UTF-8"?>

<beans xmlns="http://www.springframework.org/schema/beans"

       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

       xmlns:context="http://www.springframework.org/schema/context"

       xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.1.xsd

       http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd">

    <context:property-placeholder location="file:yourTomcatInstallationPath/conf/cas/cas.properties"/>

</beans>

Build it and run it

Build the webapp using: mvn clean install
Copy the obtained cas.war file into yourTomcatInstallationPath/webapps
Start tomcat (startup.bat)
Visit http://localhost:8080/cas

You will see the default look of the CAS server together with a login form. To test it you can use the dummy username "casuser" and its password "Mellon".
These are configured in next xml file overlays/org.jasig.cas.cas-server-webapp-4.0.2/WEB-INF/deployerConfigContext.xml in the primaryAuthenticationHandler bean.

If you are not able to access the CAS server web application after you deployed the war file into tomcat checking the container logs or the CAS logs will probably help you to fix the issue.

The end!

As you've seen I did not get into to much details and kept it short. I will try to make some posts on how to further configure the server to use some various authentication handlers or how to register cas clients. If you have any suggestions please leave a comment below.

To better understand CAS I suggest that you also read the following article CAS - Central Authentication Service which contains an introduction into CAS and also a lot of useful resources to get you started.

Robert Rusu

Update: Even if at the time when I wrote this tutorial the CAS Server had version 4.0.2, the same steps can be applied, maybe small adjustments might be needed like using the latest configuration samples.

Wednesday, March 11, 2015

CAS - Central Authentication Service

Introduction

This post will give you a brief overview of what is CAS - Central authentication service as a protocol and CAS solution which is an solution for web services implemented by JASIG - Java in Administration Special Interest Group.

Before you dive in, there are some things you need to know like:

What is multi-sign-on? We have multi-sign-on when we have multiple web applications, each having their own login form. Most probably for each of them you need to use different usernames and passwords
What is single-sign-on? We can describe this as being able to login only once in order to access multiple web applications. From my point of view the most obvious example is Google, one needs to login only once to access all Google services like Gmail, Google Drive, Google+ or Google analytics.

CAS - the protocol

CAS is a single-sign-on protocol which allows users to access multiple web services by providing only once their authentication credentials, usually their username and password.

The involved entities in such a protocol would be the CAS server, the registered to CAS web service and the client web browser. Obviously the CAS server would hold an CAS application instance. A registered service is a service which will become accessible by the user after he successfully logs in, a user would use a web browser to access the service.

One of the best way to get you started with understanding CAS protocol is to follow the sequence diagram which is available on JASIG's website at http://jasig.github.io/cas/4.0.x/protocol/CAS-Protocol.html.

CAS - the application

CAS, the application, developed by JASIG is an open source software that implements CAS protocol.

The application consists of a server component which is written in Java. CAS developers also used Spring Webflow and Spring MVC framework which in my opinion is a very good thing as it allows other developers to improve or customize CAS according to their needs easier by just being able to understand these common used frameworks.

CAS has libraries for different authentication methods like authenticating user against LDAP or database. Also its very easy to configure your own authentication handler, for example an authentication handler which calls an external service.

As the registered services must also implement the CAS protocol there are client implementations in different programming languages like Java, C#, PHP or Perl.

When is CAS useful and when its not useful?

CAS is useful when you want to allow users to access multiple web applications by requiring them to authenticate only once instead of multiple times. Obviously you cant have multiple users with same username, this means that you might want to have only one place in which you store usernames and passwords.

One of the most problematic issue which I've found in CAS is that it does not allow you to group registered services which are accessible by a user after authenticating in CAS. For example if I have four registered services, after an user with a certain role logs in he should be able to access only first two of the four services and a second user with other privileges should be able to access only the last two of the services. From the short research which I've done there is no support for this. A way to solve this is to have two CAS instances running or another would be to customize CAS to work with something similar to ACL - Access Control List.

Useful resources

The end!

Even if I am not an expert in developing applications which implement CAS protocol or use CAS application as a solution for single-sign-on I wanted to share what I know and I hope that this will help other developers to get them started with CAS. I will also try to create a blogpost in which to describe a step by step and from scratch CAS installation and configuration.

You're feedback and comments are more than welcome!

Good luck!

Robert Rusu

Saturday, February 28, 2015

Book review: Thinking in Java - Fourth edition

To become a better programmer you should always look into reading new programming books, watch online tutorials or attend to related workshop. For Java programmers this book is one of the best and it provides detailed explanations and examples about the most important Java features.

I read this book once and later came back several times when I wanted to refresh my knowledge about a certain Java topic. As it has been such a useful learning resource for me I want to share it with you. To do so I composed a short and straight to the point book review.

Introduction

Thinking in Java was written by Bruce Eckel who also wrote other popular books like: Thinking in C# and Thinking in C++. The book was revised and improved multiple times, as a result of this multiple editions were published. The last one, fourth edition, was published in 2006.

In my opinion you at least must have little to medium programming background and prior hands-on experience Java/C#/C++. Besides this even if you are an experienced Java developer, if you did not read this book yet I highly recommend to do so as you will find a lot of information which will certainly improve your skills.

Good things

The book is designed in such a manner that it helps you to learn fast starting with simple Java topics like Operators, Objects and Access Control to more advanced Java features like Annotations, Concurrency and Graphical User Interfaces.
This book contains a lot of examples and exercises.
Interesting and relevant references are given when approaching a new topic.
Explanations are easy to understand.
Author mentions deprecated methods and why those should not be used anymore.
Covers common pitfalls.

Bad things

Code is not formatted and hard to read.
After reading Clean Code: A Handbook of Agile Software Craftsmanship my standards about the quality of the code became higher than what this book has to offer.

Final note

Reading a technical book is not enough, to get most value of your time you should run all code samples, modify them to crash or even think how to improve them. Besides this you should also solve all exercises from the book in order to clearly understand the approached topics. So what are you still waiting? Open the book, start your favorite IDE and start learning!

Feel free to add your opinion in a comment about this blog post or about this great book.

Robert Rusu

Thursday, June 12, 2014

Install APCu on Windows

Assumptions

-I assume that you know what is APC - Alternative PHP cache

-You want to install APCu because APC is not compatible anymore with PHP 5.5.x

-You want to install APCu for wamp, xampp. Mostly windows web development platforms for PHP

Instructions

Pre: All directory locations might be different for you depending on your wamp installation folder and your PHP/apache versions.

1. Go to http://pecl.php.net/package/APCu, there is a table with available releases

2.Choose whatever release suits you better(I chose 4.0.5 DLL)

3. Choose package from DLL list, depending on what Windows you are using(32 bits/64 bits) and PHP version. In my case I chose 5.5 Thread Safe (TS) x86

4. Unzip the archive, copy php_apcu.dll in C:\wamp\bin\php\php5.5.12\ext.

5. Go to C:\wamp\bin\apache\apache2.4.9\bin open php.ini and add the following lines(I just added them at the end of the file):

[apcu]

extension="C:\wamp\bin\php\php5.5.12\ext\php_apcu.dll"

apc.enabled=1

apc.shm_size=32M

apc.ttl=7200

apc.enable_cli=1

apc.serializer=php

This are recommended configurations located in INSTALL file from the php_apcu archive, excepting the location of the DLL file.

6. Restart wamp

7. Go to http://localhost/phpinfo.php and check if apcu configuration table appears and apcu is enabled

8. If you also want to use apcu for PHP CLI then you only need to add in C:\wamp\bin\php\php5.5.12\bin\php.ini the config lines you added at step 5 in apache's php.ini.

The end!

Now you should be ready to start developing faster applications! I hope this helped everyone out there who did not find a tutorial on how to install APCu for windows. I also encourage you to leave me some feedback!

Robert Rusu

Tuesday, April 29, 2014

Things that you should do in order to become a better programmer

All of us try to become better at what we do, as a programmer I will try to give you a small list of things that will help you to become a better programmer.

#1 Always try to help others

Its always a good thing to help others when they are in trouble, when they need to learn new things or they just need an advice!

First of all helping others will help you understand better a concept or that something that they need explained. Your knowledge regarding that technology or whatever you help them with will get better just by trying to explain it. Being able to explain it in simple ways and giving others simple examples denotes the fact that you can master it.

For example helping others understand a design pattern, explaining them when and how to use it might very well refresh your memory regarding what you know about it. This would be another reason to help others. Helping others will make you feel better however its also important to not neglect your work!

#2 "Learning from the big fish"

This is a term that I often use when I am trying to say that you should always try to learn new things from more experienced programmers. For example I always try to see how more experience programmers act in different situations, how they solve different problems and what practices they use.

Its very important to also understand why more experienced programmers use a tool instead of another or why they are applying a design a pattern instead of another. Just copying what the "big fish" do is not enough!

"Learning from the big fish" can be accomplished in many other ways than meeting them face to face, I suggest reading books, watching videos or tutorials, watching(or even better going) to conferences hold by other programmers, reading articles or by just asking more experienced friends how to solve a particular problem or what would be a common solution to a general problem.

#3 Training

In my opinion its very important to train your programming skills. Even if you work 8 h a day I suggest that you should spend some time improving your skills. Programming is a skill and every skill is lost if you are not continuously training.

This might be consisted of just working on a personal project in which you use another programming language than the one you use at work. Yes, learning a new programming language will improve your way you are programming in your favorite language just by understanding new concepts, existing problems solved in another manner than you were used to or just getting a fresh perspective.

It might be just you trying to understand concepts that you did not quite understand during work. It might be something new that you will encounter at work and you are trying to get a perspective about it. Or it can just be you write some small program to sharpen your coding speed or improve your analytic thinking.

Good luck!

Robert Rusu

Monday, April 14, 2014

Compile error Easy Mock

Easy Mock is a mocking library for Java which can help you to test your code isolated from some other components.

If you ever get the next compile error:
"expected (java.lang.void) in easymock cannot be applied to (void)"
It may be a result of you trying to call EasyMock.expect(mock.methodWhichReturnsVoid()), instead of doing that you should use expectLastCall method, you can use it like:
mock.methodWhichReturnsVoid();
EasyMock.expectLastCall();

I posted this tip because it took me several minutes to figure out what I was doing wrong, by the way, I was really tired!

Robert Rusu

Saturday, April 5, 2014

Symfony2.3 form, grandchildren forms are not validated

Recently I had some issues with Symfony2.3 grandchildren forms not being validated even if I used as default option 'cascade_validation' => true. After doing some research I found other people having same issue and I found out that the solution is that besides putting 'cascade_validation' to true as default option to the form I also had to 'cascade_validation' => true in the collection of children and grandchildren forms I added.

Check the code sample below
Father form

class FatherType extends AbstractType
{
    public function buildForm(FormBuilderInterface $builder, array $options)
    {
        $builder->add(
            'children',
            'collection',
            array(
                'type' => new ChildFormType(),
                'allow_add' => true,
                'allow_delete' => true,
                'by_reference' => false,
                'required' => false,
                'cascade_validation' => true //important to be added
            )
        );
    }

    public function setDefaultOptions(OptionsResolverInterface $resolver)
    {
        $resolver->setDefaults(
            array(
                'data_class' => 'Company/SomeBundle/Form/Entity/FatherFormEntity',
                'cascade_validation' => true, //important to be added
            )
        );
    }

    public function getName()
    {
        return 'father';
    }
}

Child form

class ChildType extends AbstractType
{
    public function buildForm(FormBuilderInterface $builder, array $options)
    {
        $builder->add(
            'grandchildren',
            'collection',
            array(
                'type' => new GrandchildFormType(),
                'allow_add' => true,
                'allow_delete' => true,
                'by_reference' => false,
                'required' => false,
                'cascade_validation' => true //important to be added
            )
        );
    }

    public function setDefaultOptions(OptionsResolverInterface $resolver)
    {
        $resolver->setDefaults(
            array(
                'data_class' => 'Company/SomeBundle/Form/Entity/ChildFormEntity',
                'cascade_validation' => true, //important to be added
            )
        );
    }

    public function getName()
    {
        return 'child';
    }
}

Grandchild form

class GrandchildType extends AbstractType
{
    public function buildForm(FormBuilderInterface $builder, array $options)
    {
        $builder->add(
            'attribute',
            'text'
        );
    }

    public function setDefaultOptions(OptionsResolverInterface $resolver)
    {
        $resolver->setDefaults(
            array(
                'data_class' => 'Company/SomeBundle/Form/Entity/GrandchildFormEntity',
                'cascade_validation' => true, 
            )
        );
    }

    public function getName()
    {
        return 'grandchild';
    }
}

References: https://github.com/symfony/symfony/issues/5204

I hope it helped you!
Robert Rusu