Skip to content

Commit 0cc9a00

Browse files
DoccrazyDoccrazy
committed
Update README / .gitignore
1 parent 2e3b4de commit 0cc9a00

File tree

2 files changed

+84
-9
lines changed

2 files changed

+84
-9
lines changed

.gitignore

+47-8
Original file line numberDiff line numberDiff line change
@@ -1,12 +1,51 @@
1-
*.class
1+
# Intellij
2+
###################
3+
.idea
4+
*.iml
5+
6+
# Eclipse #
7+
###########
8+
.project
9+
.settings
10+
.classpath
11+
12+
# NetBeans #
13+
############
14+
nbactions.xml
15+
nb-configuration.xml
16+
catalog.xml
17+
nbproject
218

3-
# Mobile Tools for Java (J2ME)
4-
.mtj.tmp/
19+
# Compiled source #
20+
###################
21+
*.com
22+
*.class
23+
*.dll
24+
*.exe
25+
*.o
26+
*.so
527

6-
# Package Files #
28+
# Packages #
29+
############
30+
# it's better to unpack these files and commit the raw source
31+
# git has its own built in compression methods
32+
*.7z
33+
*.dmg
34+
*.gz
35+
*.iso
736
*.jar
8-
*.war
9-
*.ear
37+
*.rar
38+
*.tar
39+
*.zip
40+
41+
# Logs and databases #
42+
######################
43+
*.log
44+
45+
# Maven #
46+
#########
47+
target
1048

11-
# virtual machine crash logs, see http://www.java.com/en/download/help/error_hotspot.xml
12-
hs_err_pid*
49+
# Maven shade
50+
#############
51+
*dependency-reduced-pom.xml

README.md

+37-1
Original file line numberDiff line numberDiff line change
@@ -1 +1,37 @@
1-
# keycloak-protocol-cas
1+
# keycloak-protocol-cas
2+
This plugin for Keycloak Identity and Access Management (http://www.keycloak.org) adds the CAS 3.0 SSO protocol as an available client protocol to the Keycloak system. It implements the required Service Provider Interfaces (SPIs) for a Login Protocol and will be picked up and made available by Keycloak automatically once installed.
3+
4+
# Features
5+
The following CAS features are currently implemented:
6+
* CAS 1.0/2.0/3.0 compliant Login/Logout and Service Ticket Validation
7+
* Filtering of provided `service` against configured redirect URIs
8+
* JSON and XML response types
9+
* Mapping of custom user attributes to CAS assertion attributes
10+
11+
The following features are **curently missing**:
12+
* Proxy ticket service and proxy ticket validation [CAS 2.0]
13+
* Long-Term Tickets - Remember-Me [CAS 3.0 - optional]
14+
* SAML request/response [CAS 3.0 - optional]
15+
16+
# Installation
17+
1. Clone or download this repository (pre-compiled releases will follow!)
18+
2. Run `mvn package` to build the plugin JAR
19+
3. Copy the JAR file generated in the `target` folder into the `providers` directory in your Keycloak server's root
20+
4. Restart Keycloak
21+
22+
# Configuration
23+
To use the new protocol, you have to create a client within Keycloak as usual.
24+
**Important: Due to [KEYCLOAK-4270](https://issues.jboss.org/browse/KEYCLOAK-4270), you have to select the `openid-connect` protocol when creating the client and change it after saving.**
25+
As the CAS protocol does not transmit a client ID, the client will be identified by the redirect URIs (mapped to CAS service). No further configuration is necessary.
26+
27+
Enter `https://your.keycloak.host/auth/realms/master/protocol/cas` as the CAS URL into your SP.
28+
29+
# Disclaimer
30+
This plugin was implemented from scratch to comply to the official CAS protocol specification, and is based heavily on the OpenID Connect implementation in Keycloak.
31+
It is licensed under the Apache License 2.0.
32+
33+
# References
34+
[1] http://www.keycloak.org
35+
[2] https://issues.jboss.org/browse/KEYCLOAK-1047 (Support CAS 2.0 SSO protocol)
36+
[3] https://apereo.github.io/cas/4.2.x/protocol/CAS-Protocol-Specification.html
37+
[4] https://keycloak.gitbooks.io/server-developer-guide/content/topics/providers.html

0 commit comments

Comments
 (0)