Enterprise Single Sign-On for All

View on GitHub

Trusted Authentication

The trusted authentication handler provides support for trusting authentication performed by some other component in the HTTP request handling chain. Proxies (including Apache in a reverse proxy scenario) are the most common components that perform authentication in front of CAS.

Trusted authentication handler support is enabled by including the following dependency in the Maven WAR overlay:

1
2
3
4
5

<dependency>
  <groupId>org.jasig.cas</groupId>
  <artifactId>cas-server-support-trusted-webflow</artifactId>
  <version>${cas.version}</version>
</dependency>

Configure Trusted Authentication Handler

Update deployerConfigContext.xml according to the following template:

1
2
3
4
5
6
7

...
<entry key-ref="principalBearingCredentialsAuthenticationHandler"
       value-ref="trustedPrincipalResolver" />
<util:list id="authenticationMetadataPopulators">
  <ref bean="successfulHandlerMetaDataPopulator" />
</util:list>
...