The Java EE security extension is compatible with the Pac4J CAS extension module. You need to include it explicitly in your build scripts (pac4j-cas).
runtime group:'org.pac4j',name:'pac4j-cas',version:'3.9.0'
The configuration takes the following form:
wagonSecurity: callbackUrl: https://domain.com/application/callback corsAuthorizer: allowedOrigins: "*" allowedMethods: GET,POST,HEAD,OPTIONS,PUT,DELETE # allowedHeaders: Content-Type,X-Requested-With,accept,Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Authorization # preflightMaxage: 1800 authorizationGenerator: className: com.hardis.adelia.jee.security.RoleGenerator rolesClaim: role userNameClaim: mail clientsProperties: cas.loginUrl: http://identity-provider.com/cas/login cas.protocol: CAS30
The default role generator (com.hardis.adelia.jee.security.RoleGenerator) is compatible with the CAS profiles. userNameClaim and rolesClaim parameters are supported.
The example file above defines a minimal configuration of the security extension for SAMLV2 authentication.
- cas.loginUrl is the login URL supplied by the identity provider.
- cas.protocol indicates the CAS protocol version (possible values: CAS10, CAS20, CAS30).
See "PropertiesConfigFactory" parameters online documentation http://www.pac4j.org/3.9.x/docs/config.html for the other accepted parameters.