Skip to content
This repository has been archived by the owner on Sep 29, 2021. It is now read-only.
/ nexus-cas-plugin Public archive

Sonatype Nexus 2 plugin for Jasig/Apereo CAS (using its REST API).

7 stars 8 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

fcrespel/nexus-cas-plugin

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

32 Commits

src/main

src/main

 
 

.gitignore

.gitignore

 
 

README.md

README.md

 
 

pom.xml

pom.xml

 
 

Repository files navigation

Nexus CAS Plugin

This is a Sonatype Nexus plugin providing authentication with Jasig CAS using its REST API.

IMPORTANT: the CAS REST API is not enabled by default, please make sure to enable it by following these instructions.

Building from source

  1. Checkout or download the source code from the latest tag on GitHub.
  2. Execute mvn clean verify from your local source code folder (install Maven if not already done).
  3. Find the nexus-cas-plugin-[version]-bundle.zip file in the target subfolder.

Installation

  1. Create a file named cas-plugin.xml in your sonatype-work/nexus/conf folder, containing at least the following:
<?xml version="1.0" encoding="UTF-8"?>
<casConfiguration>
    <casServerUrl>https://[cas-host]:[cas-port]/cas/</casServerUrl>
    <casRestTicketUrl>https://[cas-host]:[cas-port]/cas/v1/tickets/</casRestTicketUrl>
    <casService>http://[nexus-host]:[nexus-port]/nexus/</casService>
</casConfiguration>

  1. Unzip the nexus-cas-plugin bundle in your sonatype-work/nexus/plugin-repository folder.

  2. (Re)start Nexus and use the Administration -> Server panel to add the CAS Authentication Realm to the list of active realms.

  3. Watch the Nexus and CAS logs to check whether authentication is working as expected.

Configuration

The plugin configuration is stored in the sonatype-work/nexus/conf/cas-plugin.xml file. The root <casConfiguration> element may contain the following children:

  • casServerUrl (required): full URL of the CAS server to use for ticket validation (e.g. https://example.org/cas/)
  • casRestTicketUrl (required): full URL of the CAS REST API to use for authentication (e.g. https://example.org/cas/v1/tickets/)
  • casService (required): full URL of the service to present to the CAS server (e.g. http://example.org/nexus/)
  • validationProtocol (default "CAS"): CAS ticket validation protocol (CAS or SAML)
  • roleAttributeNames (default "groups,roles"): comma-separated list of role attribute names
  • connectTimeout (default "5000"): CAS REST client connect timeout (in milliseconds)
  • readTimeout (default "5000"): CAS REST client read timeout (in milliseconds)

Changelog

Version 1.0.0

  • Initial release.

Version 1.0.1

  • Fix for SAML 1.1 support.
  • Fix for IncorrectCredentialsException during authentication.
  • Support for attributes with multiple values.

Version 1.1.0

  • Support for external user/group role mappings.

Version 1.2.0

  • Compatibility with Nexus 2.7.x and higher.
  • Conversion of Plexus components to JSR-330.

Version 1.2.1

  • Compatibility with Nexus 2.8.x and higher.

About

Sonatype Nexus 2 plugin for Jasig/Apereo CAS (using its REST API).

Topics

nexus cas

Resources

Readme
Activity

Stars

7 stars

Watchers

4 watching

Forks

8 forks
Report repository

Releases

5 tags

Packages

No packages published

Languages