-
Notifications
You must be signed in to change notification settings - Fork 7
Running casa on a Jans installation
Jose edited this page Dec 8, 2021
·
10 revisions
Notes:
- Instructions here apply to an LDAP-based installation using Jetty 9
- Hostname used here was
jans.kt.co
Register an OIDC client (change hostname accordingly):
- Redirect URI:
https://jans.kt.co/casa - Redirect logout URI:
https://jans.kt.co/casa/bye.zul - Front channel logout URI:
https://jans.kt.co/casa/autologout - Scopes: openid, profile, user_name, clientinfo
- Response type: code
- Grant types: refresh_token, client_credentials, authorization_code
Import the following to the database taking into account the client registration details:
dn: ou=casa,ou=configuration,o=jans
objectClass: jansAppConf
objectClass: top
ou: casa
jansConfApp: {
"enable_pass_reset": true,
"oidc_config": {
"authz_redirect_uri": "...",
"post_logout_uri": "...",
"frontchannel_logout_uri": "...",
"scopes": ["openid", ... etc ],
"op_host": "jans.kt.co",
"client": {
"clientId": "...",
"clientSecret": "...",
"clientName": "..."
}
}
}
Adjust to suit your needs:
export JETTY_HOME=/opt/jetty
cd /opt/jans/jetty
mkdir casa && cd casa
mkdir plugins
mkdir static
java -jar $JETTY_HOME/start.jar --create-startd
java -jar $JETTY_HOME/start.jar --add-to-start=jsp,servlet,http,deploy,console-capture,cdi-decorate
cd webapps/
wget https://github.com/GluuFederation/casa/raw/gluu_cloud/extras/casa_web_resources.xml
wget https://maven.gluu.org/maven/org/gluu/casa/5.0.0-SNAPSHOT/casa-5.0.0-SNAPSHOT.war
mv casa-5.0.0-SNAPSHOT.war casa.war
Both static and plugins directories must be writable by operating system user running Casa.
- Add twilio jar and edit jans-auth-server XML descriptor. Use this as a guide
- Add this jar as well. Separate paths with comma
Restart jans-auth-server
- Copy files
casa-external*.py(in https://github.com/GluuFederation/casa/tree/gluu_cloud/extras) to/opt/gluu/python/libs/. Linux user running casa must have read&write permissions tolibsfolder - Create a new script entry in the database using the contents of this file; use
casaasdisplayNameandjansLevel1. Createsupergluu_app_idandu2f_app_idproperties as in this guide
Example:
<Location /casa>
ProxyPass http://localhost:8080/casa retry=5 connectiontimeout=60 timeout=60
Order deny,allow
Allow from all
</Location>
Restart Apache
Casa startup test:
cd ..
java -jar -Dserver.base=/opt/jans/jetty/casa -Djans.base=/etc/jans -Dlog.base=/opt/jans/jetty/casa $JETTY_HOME/start.jar
curl -k -i https://jans.kt.co/casa/health-check
WIP