SlideShare a Scribd company logo

Jasigsakai12 columbia-customizes-cas

E
ellentuck

The document discusses migrating an existing authentication system at Columbia University to the Central Authentication Service (CAS). Specifically, it addresses: 1) Integrating the legacy service registry and custom attributes into CAS. 2) Adding support for the legacy "WIND" authentication protocol to CAS to allow existing clients to continue using either the legacy or CAS protocols during migration. 3) Customizing CAS login behavior and UI to match the existing system.

Technology
1 of 39
Download to read offline
Dan Ellentuck, Columbia University Bill Thompson, Unicon Inc. June 10-15, 2012 Growing Community; Growing Possibilities
 Reasons to Choose CAS: Google Apps SSO SAML Support Vendor Support Community Support Tie-in with other open source tools and products, e.g., Sakai  Complicating Factors: Pre-existing local web auth system Active, diverse client base  Question: How can legacy system be migrated to CAS?
 CAS support for Google Apps SSO  Migrating a pre-existing web auth system to CAS  CAS customizations and enhancements: • Adding support for a new protocol • Plugging in a custom service registry • Enabling per-service UI tweaks • Changing some basic login behavior
 Google Apps SSO is based on SAML 2. See: https://developers.google.com/google- apps/sso/saml_reference_implementation  Step-by-step instructions on configuring CAS for Google Apps sso: https://wiki.jasig.org/pages/viewpage.action?pageId=60634 84  Works OOTB.
 Sibling of CAS, called “WIND”.  Cookie-based SSO.  No generic login.  Per-service UI customization and opt-in SSO.  Similar APIs with different request param names: CAS: /login?service=https://MY-APPLICATION-PATH /logout /serviceValidate?service=https://APPLICATION-PATH&ticket=SERVICE-TICKET WIND: /login?destination=https://MY-APPLICATION-PATH /logout /validate?ticketid=SERVICE-TICKET
 2 private validation response formats (text and xml): yes de3 <wind:serviceResponse xmlns:wind='http://www.columbia.edu/acis/rad/authmethods/wind'> <wind:authenticationSuccess> <wind:user>de3</wind:user> <wind:passwordtyped>true</wind:passwordtyped> <wind:logintime>1338696023</wind:logintime> <wind:passwordtime>1331231507</wind:passwordtime> <wind:passwordchangeURI>https://idmapp.cc.columbia.edu/acctmanage/changepasswd </wind:passwordchangeURI> </wind:authenticationSuccess> </wind:serviceResponse>
 Service registry with maintenance UI  Service attributes for UI customization, multiple destinations, attribute release, application contacts, etc. SERVICE DESTINATION SERVICE_LABEL SERVICE_LABEL DESTINATION SINGLE_SIGN_ON (T/F) PROXY_GRANTING (T/F) RETURN_XML (T/F) SERVICE_CONTACT ID_FORMAT DESCRIPTION SERVICE_LABEL HELP_URI (for customizing UI) EMAIL_ADDRESS IMAGE_PATH(for customizing UI ) CONTACT_TYPE HELP_LABEL(for customizing UI) AFFILIATION SERVICE_LABEL AFFILIATION (like ATTRIBUTE)
 Collaboration between Columbia and Unicon.  Tasks: ◦ Plug legacy service registry into CAS. ◦ Add legacy authentication protocol to CAS. ◦ Port login UI customizations to CAS. ◦ Change some login behavior (eliminate generic login.)  New service registrations must use CAS protocol.  Existing clients can use either legacy or CAS protocols during transition.
• Java • View technologies (JSP, CSS, etc.) • Maven (dependencies; overlays) • Spring configuration (CAS set up) • Spring Web Flow (SWF) • App server/web server (tomcat/apache)
 Service Registry is obvious extension point.  Advantages to plugging in local service registry: ◦ Retain extended service attributes and functions ◦ Remove migration headache ◦ Can continue to use legacy maintenance UI
 Step 1: Write a CAS RegisteredService adaptor, part 1. Write an interface that extends CAS RegisteredService with any extra attributes in the custom service registry. public interface WindRegisteredService extends RegisteredService { /** * Returns a display label for the help link. Can be null. * Ignored if getHelpUri() is null. * @return String */ String getHelpLabel(); /** * Returns a help URI. Can be null. * @return String */ String getHelpUri(); ...etc. }
 Step 2: Write a CAS RegisteredService adaptor, part 2. Write a RegisteredService implementation that adapts an instance of the custom service to the extended RegisteredService interface. public class WindRegisteredServiceImpl implements WindRegisteredService, Comparable<RegisteredService> { public boolean matches(Service targetService) { if (!isEnabled() || targetService == null || targetService.getId() == null || targetService.getId().isEmpty()) return false; for (String registeredDestination : List<String>) getWindService().getAllowed_destinations()) { String target = targetService.getId().substring(0, registeredDestination.length()); if (registeredDestination.equalsIgnoreCase(target)) return true; } return false; } ... }
 Step 3: Implement a CAS ServicesManager (maps incoming Service URL of a request with the matching CAS RegisteredService.) public class ReadOnlyWindServicesManagerImpl implements ReloadableServicesManager { ... public RegisteredService findServiceBy(Service targetService) { edu.columbia.acis.rad.wind.model.Service windService = findWindService(targetService); return ( windService != null ) ? getRegisteredServicesByName().get(windService.getLabel()) : null; } public RegisteredService findServiceBy(long id) { return getRegisteredServicesById().get(id); } ... }
 Step 4: Write Spring bean definitions for the new ServicesManager. applicationContext.xml <!– Default servicesManager bean definition replaced by custom servicesManager <bean id="servicesManager" class="org.jasig.cas.services.DefaultServicesManagerImpl"> <constructor-arg index="0" ref="serviceRegistryDao"/> </bean> --> <bean id="servicesManager" class="edu.columbia.acis.rad.wind.cas.ReadOnlyWindServicesManagerImpl"> <constructor-arg index=“0” ref =“wind-ServicesCollection"/> </bean> ...etc.
 Result…  Additional service attributes and functions are available to CAS  Custom maintenance UI can be used  Service registry uses custom logic to match Service URL of incoming request with appropriate registered service.  Easy migration
 CAS is multi-protocol  Wind and CAS protocols are similar but not identical  Different servlet API and validation response formats  Advantages to adding legacy protocol to CAS: ◦ Single authentication service ◦ Single SSO domain ◦ Easy migration from legacy system
 Step 1: Implement the CAS Service interface for the new protocol by subclassing abstractWebApplicationService: public class WindService extends AbstractWebApplicationService { private static final String DESTINATION_PARAM = "destination"; private static final String SERVICE_PARAM = "service"; private static final String TICKET_PARAM = "ticketid"; ... // Create a Service instance from the request: public static WindService from(HttpServletRequest request, HttpClient httpClient) { String origUrl = request.getParameter(DESTINATION_PARAM); ... new WindService(origUrl, origUrl, /*artifactId not used*/ null, httpClient); }
 Step 2: Write an ArgumentExtractor class to retrieve values of protocol-specific request parameters and return instances of the Service class created in Step 1: public class WindArgumentExtractor extends AbstractSingleSignOutEnabledArgumentExtractor { private static final String TICKET_PARAM = "ticketid"; ... protected WebApplicationService extractServiceInternal ( HttpServletRequest request) //Coming in from validation request if ("/validate".equals(request.getServletPath())) { String ticketId = request.getParameter(TICKET_PARAM); ServiceTicket st = (ServiceTicket) this.ticketRegistry.getTicket(ticketId, ServiceTicket.class); WindService ws = st != null ? (WindService) st.getService() : null; ... return WindService.from(ticketId, ws., getHttpClientIfSingleSignOutEnabled());
 Step 3: In web.xml, map the servlet path for the protocol’s version of the service ticket validation request to the cas servlet: <servlet> <servlet-name>cas</servlet-name> <servlet-class> org.jasig.cas.web.init.SafeDispatcherServlet </servlet-class> <init-param> <param-name>publishContext</param-name> <param-value>false</param-value> </init-param> <load-on-startup>1</load-on-startup> </servlet> ... <servlet-mapping> <servlet-name>cas</servlet-name> <url-pattern>/validate</url-pattern> </servlet-mapping> ...
 Step 4: Write a view class to format the service ticket validation response: class WindResponseView extends AbstractCasView { .... private buildSuccessXmlResponse(Assertion assertion) { def auth = assertion.chainedAuthentications[0] def principalId = auth.principal.id def xmlOutput = new StreamingMarkupBuilder() xmlOutput.bind { mkp.declareNamespace('wind': WIND_XML_NAMESPACE) wind.serviceResponse { wind.authenticationSuccess { wind.user(principalId) wind.passwordtyped(assertion.fromNewLogin) wind.logintime(auth.authenticatedDate.time) ...etc. } } }.toString() }
 Step 5: Define and wire up beans for the various protocol operations: argumentExtractorsConfiguration.xml defines ArgumentExtractor classes for the various supported protocols: <bean id="windArgumentExtractor" class="edu.columbia.cas.wind.WindArgumentExtractor" p:httpClient-ref="httpClient" p:disableSingleSignOut="true"> <constructor-arg index="0" ref="ticketRegistry"/> </bean> uniqueIdGenerators.xml protocol is mapped to uniqueID generator for service tickets via Service class: <util:map id=“uniqueIdGeneratorsMap”> <entry key=“edu.columbia.cas.wind.WindService” value-ref=“serviceTicketUniqueIdGenerator” /> ...etc. </util:map>
 Step 5: Define and wire up beans for the various protocol operations (cont’d): cas-servlet.xml bean definitions made available to the web flow: <prop key=“/validate”> windValidateController </prop ... <bean id=“windValidateController” class=“org.jasig.cas.web.ServiceValidateController” p:proxyHandler-ref=“proxy20Handler” p:successView=“windServiceSuccessView” p:failureView=“windServiceFailureView” p:validationSpecificationClass= “org.jasig.cas.validation.Cas20WithoutProxyingValidationSpecification” p:centralAuthenticationService-ref=“centralAuthenticationService” p:argumentExtractor-ref=“windArgumentExtractor”/> ...etc.
2012 Jasig Sakai Conference 23
 Result…  CAS will detect a request in the new protocol;  Extract appropriate request parameters;  Respond in the appropriate format.  Legacy clients continue to use usual auth protocol until ready to migrate.  Single server/SSO realm.
 Adding local images and content to the CAS login UI is a common implementation step.  CAS lets each RegisteredService have its own style sheet (high effort.)  Legacy auth service allows per-service tweaks to the login UI (low effort): • Custom logo • Help link and help label • Choice of displaying institutional links • Popular with clients
 Prerequisite: ◦ Must have service-specific attributes that control the customization. ◦ Extend service registry with custom UI elements; or ◦ Plug in custom service registry (see above.)
 Step 1: Write a Spring Web Flow Action class to map the incoming Service to a RegisteredService and make the RegisteredService available in the web flow context. Public class ServiceUiElementsResolverAction extends AbstractAction { ... protected Event doExecute(RequestContext requestContext) throws Exception { // get the Service from requestContext. Service service = (Service) requestContext.getFlowScope().get("service", Service.class); ... // get the RegisteredService for this request from the ServicesManager. WindRegisteredService registeredService = (WindRegisteredService) this.servicesManager.findServiceBy(service); ... // make RegisteredService available to the view. requestContext.getRequestScope().put("registeredService", registeredService); ... } ... }
 Step 2: Define a bean for the Action class in cas- servlet.xml, to make the class available to the login web flow: cas-servlet.xml ... <bean id="uiElementsResolverAction“ class="edu.columbia.cas.wind.ServiceUiElementsResolverAction"> <constructor-arg index="0" ref=“servicesManager"/> </bean>
 Step 3: Make the RegisteredService available to the web flow by doing our Action in the login web flow just before the login UI is rendered: Login-webflow.xml ... <view-state id="viewLoginForm" view="casLoginView" model="credentials"> <binder> <binding property="username" /> <binding property="password" /> </binder> <on-entry> <set name="viewScope.commandName" value="'credentials'" /> <!– Make RegisteredService available in web flow context --> <evaluate expression="uiElementsResolverAction"/> </on-entry> <transition on="submit" bind="true" validate="true" to="realSubmit"> <evaluate expression="authenticationViaFormAction.doBind (flowRequestContext, flowScope.credentials)" /> </transition> </view-state>
 Step 4: In the login view, refer to RegisteredService attributes when customizing the UI markup: casLoginView.jsp ... <!-- Derive the path to the logo image from the registered service. --> <c:set var="imagePath" value = "${!empty registeredService.imagePath ? registeredService.imagePath : defaultImagePath}"/> ... <!-- display the custom logo --> <img src="<c:url value="${imagePath}" />" alt="${registeredService.name}" /> ...
 Result… ◦ Vanilla login page ◦ Login page with default logo, institutional links ◦ Login page with custom logo ◦ Login page with another custom logo and help link
 CAS allows a login without a service, a generic login, which creates a ticket granting ticket but no service ticket.  Generic login permitted  Legacy auth service assumes client is always trying to log into something. Treats a generic login as an error. We want to preserve this behavior.
 Step 1: Write a Spring Web Flow Action that checks if the login request has a known service destination and returns success/error. public class CheckForRegisteredServiceAction extends AbstractAction { ServicesManager servicesManager; protected Event doExecute(RequestContext requestContext) throws Exception { Service service = (Service) requestContext.getFlowScope().get("service", Service.class); RegisteredService registeredService = null; if(service != null) { registeredService = this.servicesManager.findServiceBy(service); } return ( registeredService==null ) ? error() : success(); } }
 Step 2: Make the class available to the login web flow by defining a bean in cas-servlet.xml: cas-servlet.xml ... <bean id="checkForRegisteredServiceAction“ class="edu.columbia.cas.wind.CheckForRegisteredServiceAction" > <constructor-arg index="0" ref="servicesManager"/> </bean> ...
Step 3: In the login web flow add an action-state to check that the request has a service parameter, and it corresponds to a RegisteredService. login-webflow.xml ... <!-- validate the request: non-null service with corresponding RegisteredService --> <decision-state id="hasServiceCheck"> <if test="flowScope.service != null" then="hasRegisteredServiceCheck“ else="viewServiceErrorView" /> </decision-state> <!-- Is there a corresponding RegisteredService? --> <action-state id="hasRegisteredServiceCheck"> <evaluate expression="checkForRegisteredServiceAction"/> <transition on="success" to="ticketGrantingTicketExistsCheck" /> <transition on="error" to="viewServiceErrorView" /> </action-state>
 Result… ◦ CAS will now assume client is always trying to log into something and treat a request without a known service destination as an error. ◦ Users will not see login UI less they arrive with a registered service. ◦ Generic login not permitted
 Tasks accomplished: ◦ Support Google Apps SSO ◦ Plug legacy service registry into CAS ◦ Add legacy authentication protocol to CAS ◦ Port login UI customizations to CAS ◦ Eliminate generic login
Dan Ellentuck, Columbia University de3@columbia.edu Bill Thompson, Unicon Inc. wgthom@unicon.net

Recommended

11-DWR-and-JQuery
11-DWR-and-JQuery11-DWR-and-JQuery
11-DWR-and-JQuery
tutorialsruby
 
Use Windows Azure Service Bus, BizTalk Services, Mobile Services, and BizTalk...
Use Windows Azure Service Bus, BizTalk Services, Mobile Services, and BizTalk...Use Windows Azure Service Bus, BizTalk Services, Mobile Services, and BizTalk...
Use Windows Azure Service Bus, BizTalk Services, Mobile Services, and BizTalk...
BizTalk360
 
Android ax app wcf
Android ax app wcfAndroid ax app wcf
Android ax app wcf
Aravindharamanan S
 
Android+ax+app+wcf
Android+ax+app+wcfAndroid+ax+app+wcf
Android+ax+app+wcf
Aravindharamanan S
 
Spring 3: What's New
Spring 3: What's NewSpring 3: What's New
Spring 3: What's New
Ted Pennings
 
Integration of Backbone.js with Spring 3.1
Integration of Backbone.js with Spring 3.1Integration of Backbone.js with Spring 3.1
Integration of Backbone.js with Spring 3.1
Michał Orman
 
Rest with Java EE 6 , Security , Backbone.js
Rest with Java EE 6 , Security , Backbone.jsRest with Java EE 6 , Security , Backbone.js
Rest with Java EE 6 , Security , Backbone.js
Carol McDonald
 
Medium TechTalk — iOS
Medium TechTalk — iOSMedium TechTalk — iOS
Medium TechTalk — iOS
jimmyatmedium
 

Recommended

11-DWR-and-JQuery
11-DWR-and-JQuery11-DWR-and-JQuery
11-DWR-and-JQuery
tutorialsruby
 
Use Windows Azure Service Bus, BizTalk Services, Mobile Services, and BizTalk...
Use Windows Azure Service Bus, BizTalk Services, Mobile Services, and BizTalk...Use Windows Azure Service Bus, BizTalk Services, Mobile Services, and BizTalk...
Use Windows Azure Service Bus, BizTalk Services, Mobile Services, and BizTalk...
BizTalk360
 
Android ax app wcf
Android ax app wcfAndroid ax app wcf
Android ax app wcf
Aravindharamanan S
 
Android+ax+app+wcf
Android+ax+app+wcfAndroid+ax+app+wcf
Android+ax+app+wcf
Aravindharamanan S
 
Spring 3: What's New
Spring 3: What's NewSpring 3: What's New
Spring 3: What's New
Ted Pennings
 
Integration of Backbone.js with Spring 3.1
Integration of Backbone.js with Spring 3.1Integration of Backbone.js with Spring 3.1
Integration of Backbone.js with Spring 3.1
Michał Orman
 
Rest with Java EE 6 , Security , Backbone.js
Rest with Java EE 6 , Security , Backbone.jsRest with Java EE 6 , Security , Backbone.js
Rest with Java EE 6 , Security , Backbone.js
Carol McDonald
 
Medium TechTalk — iOS
Medium TechTalk — iOSMedium TechTalk — iOS
Medium TechTalk — iOS
jimmyatmedium
 
AngularJs Workshop SDP December 28th 2014
AngularJs Workshop SDP December 28th 2014AngularJs Workshop SDP December 28th 2014
AngularJs Workshop SDP December 28th 2014
Ran Wahle
 
vCloud SDK for PHP - Introduction
vCloud SDK for PHP - IntroductionvCloud SDK for PHP - Introduction
vCloud SDK for PHP - Introduction
Pablo Roesch
 
Android Cloud to Device Messaging Framework at GTUG Stockholm
Android Cloud to Device Messaging Framework at GTUG StockholmAndroid Cloud to Device Messaging Framework at GTUG Stockholm
Android Cloud to Device Messaging Framework at GTUG Stockholm
Johan Nilsson
 
MVC on the server and on the client
MVC on the server and on the clientMVC on the server and on the client
MVC on the server and on the client
Sebastiano Armeli
 
The most basic inline tag
The most basic inline tagThe most basic inline tag
The most basic inline tag
April Anne Emmanuel
 
OpenWebBeans/Web Beans
OpenWebBeans/Web BeansOpenWebBeans/Web Beans
OpenWebBeans/Web Beans
Gurkan Erdogdu
 
Java Svet - Communication Between Android App Components
Java Svet - Communication Between Android App ComponentsJava Svet - Communication Between Android App Components
Java Svet - Communication Between Android App Components
Aleksandar Ilić
 
Ch3 server controls
Ch3 server controlsCh3 server controls
Ch3 server controls
Madhuri Kavade
 
MongoDB.local Sydney: Evolving your Data Access with MongoDB Stitch
MongoDB.local Sydney: Evolving your Data Access with MongoDB StitchMongoDB.local Sydney: Evolving your Data Access with MongoDB Stitch
MongoDB.local Sydney: Evolving your Data Access with MongoDB Stitch
MongoDB
 
Lviv MDDay 2014. Сергій Комлач “Використання accessibility api для доступу до...
Lviv MDDay 2014. Сергій Комлач “Використання accessibility api для доступу до...Lviv MDDay 2014. Сергій Комлач “Використання accessibility api для доступу до...
Lviv MDDay 2014. Сергій Комлач “Використання accessibility api для доступу до...
Lviv Startup Club
 
Spring MVC
Spring MVCSpring MVC
Spring MVC
Emprovise
 
MBL302 Using the AWS Mobile SDKs - AWS re: Invent 2012
MBL302 Using the AWS Mobile SDKs - AWS re: Invent 2012MBL302 Using the AWS Mobile SDKs - AWS re: Invent 2012
MBL302 Using the AWS Mobile SDKs - AWS re: Invent 2012
Amazon Web Services
 
22 code snippet_web_services_2
22 code snippet_web_services_222 code snippet_web_services_2
22 code snippet_web_services_2
Traitet Thepbandansuk
 
Restful Web Service
Restful Web ServiceRestful Web Service
Restful Web Service
Bin Cai
 
Final microsoft cloud summit - windows azure building block services
Final microsoft cloud summit - windows azure building block servicesFinal microsoft cloud summit - windows azure building block services
Final microsoft cloud summit - windows azure building block services
stratospheres
 
Using the Tooling API to Generate Apex SOAP Web Service Clients
Using the Tooling API to Generate Apex SOAP Web Service ClientsUsing the Tooling API to Generate Apex SOAP Web Service Clients
Using the Tooling API to Generate Apex SOAP Web Service Clients
Daniel Ballinger
 
How To Manage API Request with AXIOS on a React Native App
How To Manage API Request with AXIOS on a React Native AppHow To Manage API Request with AXIOS on a React Native App
How To Manage API Request with AXIOS on a React Native App
Andolasoft Inc
 
Windows phone 7 series
Windows phone 7 seriesWindows phone 7 series
Windows phone 7 series
openbala
 
Lecture 11. Microsoft mobile services
Lecture 11. Microsoft mobile servicesLecture 11. Microsoft mobile services
Lecture 11. Microsoft mobile services
Maksym Davydov
 
14
1414
14
Marco Grondacci
 
Service Gagnant 9 Spring 2011
Service Gagnant 9 Spring 2011Service Gagnant 9 Spring 2011
Service Gagnant 9 Spring 2011
patrickarnaud
 
Certificate of Placement, Yasar
Certificate of Placement, YasarCertificate of Placement, Yasar
Certificate of Placement, Yasar
Miss. Antónia FICOVÁ, Engineer. (Not yet Dr.)
 

More Related Content

What's hot

AngularJs Workshop SDP December 28th 2014
AngularJs Workshop SDP December 28th 2014AngularJs Workshop SDP December 28th 2014
AngularJs Workshop SDP December 28th 2014
Ran Wahle
 
vCloud SDK for PHP - Introduction
vCloud SDK for PHP - IntroductionvCloud SDK for PHP - Introduction
vCloud SDK for PHP - Introduction
Pablo Roesch
 
Android Cloud to Device Messaging Framework at GTUG Stockholm
Android Cloud to Device Messaging Framework at GTUG StockholmAndroid Cloud to Device Messaging Framework at GTUG Stockholm
Android Cloud to Device Messaging Framework at GTUG Stockholm
Johan Nilsson
 
MVC on the server and on the client
MVC on the server and on the clientMVC on the server and on the client
MVC on the server and on the client
Sebastiano Armeli
 
The most basic inline tag
The most basic inline tagThe most basic inline tag
The most basic inline tag
April Anne Emmanuel
 
OpenWebBeans/Web Beans
OpenWebBeans/Web BeansOpenWebBeans/Web Beans
OpenWebBeans/Web Beans
Gurkan Erdogdu
 
Java Svet - Communication Between Android App Components
Java Svet - Communication Between Android App ComponentsJava Svet - Communication Between Android App Components
Java Svet - Communication Between Android App Components
Aleksandar Ilić
 
Ch3 server controls
Ch3 server controlsCh3 server controls
Ch3 server controls
Madhuri Kavade
 
MongoDB.local Sydney: Evolving your Data Access with MongoDB Stitch
MongoDB.local Sydney: Evolving your Data Access with MongoDB StitchMongoDB.local Sydney: Evolving your Data Access with MongoDB Stitch
MongoDB.local Sydney: Evolving your Data Access with MongoDB Stitch
MongoDB
 
Lviv MDDay 2014. Сергій Комлач “Використання accessibility api для доступу до...
Lviv MDDay 2014. Сергій Комлач “Використання accessibility api для доступу до...Lviv MDDay 2014. Сергій Комлач “Використання accessibility api для доступу до...
Lviv MDDay 2014. Сергій Комлач “Використання accessibility api для доступу до...
Lviv Startup Club
 
Spring MVC
Spring MVCSpring MVC
Spring MVC
Emprovise
 
MBL302 Using the AWS Mobile SDKs - AWS re: Invent 2012
MBL302 Using the AWS Mobile SDKs - AWS re: Invent 2012MBL302 Using the AWS Mobile SDKs - AWS re: Invent 2012
MBL302 Using the AWS Mobile SDKs - AWS re: Invent 2012
Amazon Web Services
 
22 code snippet_web_services_2
22 code snippet_web_services_222 code snippet_web_services_2
22 code snippet_web_services_2
Traitet Thepbandansuk
 
Restful Web Service
Restful Web ServiceRestful Web Service
Restful Web Service
Bin Cai
 
Final microsoft cloud summit - windows azure building block services
Final microsoft cloud summit - windows azure building block servicesFinal microsoft cloud summit - windows azure building block services
Final microsoft cloud summit - windows azure building block services
stratospheres
 
Using the Tooling API to Generate Apex SOAP Web Service Clients
Using the Tooling API to Generate Apex SOAP Web Service ClientsUsing the Tooling API to Generate Apex SOAP Web Service Clients
Using the Tooling API to Generate Apex SOAP Web Service Clients
Daniel Ballinger
 
How To Manage API Request with AXIOS on a React Native App
How To Manage API Request with AXIOS on a React Native AppHow To Manage API Request with AXIOS on a React Native App
How To Manage API Request with AXIOS on a React Native App
Andolasoft Inc
 
Windows phone 7 series
Windows phone 7 seriesWindows phone 7 series
Windows phone 7 series
openbala
 
Lecture 11. Microsoft mobile services
Lecture 11. Microsoft mobile servicesLecture 11. Microsoft mobile services
Lecture 11. Microsoft mobile services
Maksym Davydov
 

What's hot (19)

AngularJs Workshop SDP December 28th 2014
AngularJs Workshop SDP December 28th 2014AngularJs Workshop SDP December 28th 2014
AngularJs Workshop SDP December 28th 2014
 
vCloud SDK for PHP - Introduction
vCloud SDK for PHP - IntroductionvCloud SDK for PHP - Introduction
vCloud SDK for PHP - Introduction
 
Android Cloud to Device Messaging Framework at GTUG Stockholm
Android Cloud to Device Messaging Framework at GTUG StockholmAndroid Cloud to Device Messaging Framework at GTUG Stockholm
Android Cloud to Device Messaging Framework at GTUG Stockholm
 
MVC on the server and on the client
MVC on the server and on the clientMVC on the server and on the client
MVC on the server and on the client
 
The most basic inline tag
The most basic inline tagThe most basic inline tag
The most basic inline tag
 
OpenWebBeans/Web Beans
OpenWebBeans/Web BeansOpenWebBeans/Web Beans
OpenWebBeans/Web Beans
 
Java Svet - Communication Between Android App Components
Java Svet - Communication Between Android App ComponentsJava Svet - Communication Between Android App Components
Java Svet - Communication Between Android App Components
 
Ch3 server controls
Ch3 server controlsCh3 server controls
Ch3 server controls
 
MongoDB.local Sydney: Evolving your Data Access with MongoDB Stitch
MongoDB.local Sydney: Evolving your Data Access with MongoDB StitchMongoDB.local Sydney: Evolving your Data Access with MongoDB Stitch
MongoDB.local Sydney: Evolving your Data Access with MongoDB Stitch
 
Lviv MDDay 2014. Сергій Комлач “Використання accessibility api для доступу до...
Lviv MDDay 2014. Сергій Комлач “Використання accessibility api для доступу до...Lviv MDDay 2014. Сергій Комлач “Використання accessibility api для доступу до...
Lviv MDDay 2014. Сергій Комлач “Використання accessibility api для доступу до...
 
Spring MVC
Spring MVCSpring MVC
Spring MVC
 
MBL302 Using the AWS Mobile SDKs - AWS re: Invent 2012
MBL302 Using the AWS Mobile SDKs - AWS re: Invent 2012MBL302 Using the AWS Mobile SDKs - AWS re: Invent 2012
MBL302 Using the AWS Mobile SDKs - AWS re: Invent 2012
 
22 code snippet_web_services_2
22 code snippet_web_services_222 code snippet_web_services_2
22 code snippet_web_services_2
 
Restful Web Service
Restful Web ServiceRestful Web Service
Restful Web Service
 
Final microsoft cloud summit - windows azure building block services
Final microsoft cloud summit - windows azure building block servicesFinal microsoft cloud summit - windows azure building block services
Final microsoft cloud summit - windows azure building block services
 
Using the Tooling API to Generate Apex SOAP Web Service Clients
Using the Tooling API to Generate Apex SOAP Web Service ClientsUsing the Tooling API to Generate Apex SOAP Web Service Clients
Using the Tooling API to Generate Apex SOAP Web Service Clients
 
How To Manage API Request with AXIOS on a React Native App
How To Manage API Request with AXIOS on a React Native AppHow To Manage API Request with AXIOS on a React Native App
How To Manage API Request with AXIOS on a React Native App
 
Windows phone 7 series
Windows phone 7 seriesWindows phone 7 series
Windows phone 7 series
 
Lecture 11. Microsoft mobile services
Lecture 11. Microsoft mobile servicesLecture 11. Microsoft mobile services
Lecture 11. Microsoft mobile services
 

Viewers also liked

14
1414
14
Marco Grondacci
 
Service Gagnant 9 Spring 2011
Service Gagnant 9 Spring 2011Service Gagnant 9 Spring 2011
Service Gagnant 9 Spring 2011
patrickarnaud
 
Certificate of Placement, Yasar
Certificate of Placement, YasarCertificate of Placement, Yasar
Certificate of Placement, Yasar
Miss. Antónia FICOVÁ, Engineer. (Not yet Dr.)
 
Sektorel ekonomi web
Sektorel ekonomi webSektorel ekonomi web
Sektorel ekonomi web
Neşe Çetin
 
Mayas 3
Mayas 3Mayas 3
Mayas 3
Francisco Javier Pat Castro
 
EQUIPO MAYAS 9
EQUIPO MAYAS 9EQUIPO MAYAS 9
EQUIPO MAYAS 9
Francisco Javier Pat Castro
 
İnsan Kaynağı ve lojistik
İnsan Kaynağı ve lojistikİnsan Kaynağı ve lojistik
İnsan Kaynağı ve lojistikCafer SALCAN
 
Doc Ugur Sezerman JADE
Doc Ugur Sezerman JADEDoc Ugur Sezerman JADE
Doc Ugur Sezerman JADE
Cenk Tezcan
 
Оптимальные стратегии в аукционах, конкурсах и запросах котировок
Оптимальные стратегии в аукционах, конкурсах и запросах котировокОптимальные стратегии в аукционах, конкурсах и запросах котировок
Оптимальные стратегии в аукционах, конкурсах и запросах котировок
ontolog125
 
педсовет
педсоветпедсовет
педсоветSvetlana-77
 
Исследование рынка товаров для уборки, октябрь 2011
Исследование рынка товаров для уборки, октябрь 2011Исследование рынка товаров для уборки, октябрь 2011
Исследование рынка товаров для уборки, октябрь 2011
Константин Овчинников
 
The WebRTC Data Channel
The WebRTC Data ChannelThe WebRTC Data Channel
The WebRTC Data Channel
Svetlin Mladenov
 
INTERNATIONAL SALES COMMISSION CONTRACT
INTERNATIONAL SALES COMMISSION CONTRACTINTERNATIONAL SALES COMMISSION CONTRACT
INTERNATIONAL SALES COMMISSION CONTRACT
Global Negotiator
 
АКАР: Условия проведения тендера на выбор поставщика BTL услуг
АКАР: Условия проведения тендера на выбор поставщика BTL услугАКАР: Условия проведения тендера на выбор поставщика BTL услуг
АКАР: Условия проведения тендера на выбор поставщика BTL услуг
RACA_research
 
La prueba de la virginidad
La prueba de la virginidadLa prueba de la virginidad
La prueba de la virginidad
Cedoc Inamu
 
Doğuş Çay Durum Analizi
Doğuş Çay Durum AnaliziDoğuş Çay Durum Analizi
Doğuş Çay Durum AnaliziMehmet KUZU
 
Just to say Hello is Enough
Just to say Hello is EnoughJust to say Hello is Enough
Just to say Hello is Enough
Miss. Antónia FICOVÁ, Engineer. (Not yet Dr.)
 
WebRTC: Efficiency, Loyalty & Flexibility
WebRTC: Efficiency, Loyalty & FlexibilityWebRTC: Efficiency, Loyalty & Flexibility
WebRTC: Efficiency, Loyalty & Flexibility
SRI Infotech
 

Viewers also liked (20)

14
1414
14
 
Service Gagnant 9 Spring 2011
Service Gagnant 9 Spring 2011Service Gagnant 9 Spring 2011
Service Gagnant 9 Spring 2011
 
Certificate of Placement, Yasar
Certificate of Placement, YasarCertificate of Placement, Yasar
Certificate of Placement, Yasar
 
Sektorel ekonomi web
Sektorel ekonomi webSektorel ekonomi web
Sektorel ekonomi web
 
Mayas 3
Mayas 3Mayas 3
Mayas 3
 
EQUIPO MAYAS 9
EQUIPO MAYAS 9EQUIPO MAYAS 9
EQUIPO MAYAS 9
 
İnsan Kaynağı ve lojistik
İnsan Kaynağı ve lojistikİnsan Kaynağı ve lojistik
İnsan Kaynağı ve lojistik
 
Doc Ugur Sezerman JADE
Doc Ugur Sezerman JADEDoc Ugur Sezerman JADE
Doc Ugur Sezerman JADE
 
Оптимальные стратегии в аукционах, конкурсах и запросах котировок
Оптимальные стратегии в аукционах, конкурсах и запросах котировокОптимальные стратегии в аукционах, конкурсах и запросах котировок
Оптимальные стратегии в аукционах, конкурсах и запросах котировок
 
педсовет
педсоветпедсовет
педсовет
 
Исследование рынка товаров для уборки, октябрь 2011
Исследование рынка товаров для уборки, октябрь 2011Исследование рынка товаров для уборки, октябрь 2011
Исследование рынка товаров для уборки, октябрь 2011
 
vitamin
vitaminvitamin
vitamin
 
The WebRTC Data Channel
The WebRTC Data ChannelThe WebRTC Data Channel
The WebRTC Data Channel
 
INTERNATIONAL SALES COMMISSION CONTRACT
INTERNATIONAL SALES COMMISSION CONTRACTINTERNATIONAL SALES COMMISSION CONTRACT
INTERNATIONAL SALES COMMISSION CONTRACT
 
АКАР: Условия проведения тендера на выбор поставщика BTL услуг
АКАР: Условия проведения тендера на выбор поставщика BTL услугАКАР: Условия проведения тендера на выбор поставщика BTL услуг
АКАР: Условия проведения тендера на выбор поставщика BTL услуг
 
La prueba de la virginidad
La prueba de la virginidadLa prueba de la virginidad
La prueba de la virginidad
 
Doğuş Çay Durum Analizi
Doğuş Çay Durum AnaliziDoğuş Çay Durum Analizi
Doğuş Çay Durum Analizi
 
Just to say Hello is Enough
Just to say Hello is EnoughJust to say Hello is Enough
Just to say Hello is Enough
 
Abd sunumu
Abd sunumuAbd sunumu
Abd sunumu
 
WebRTC: Efficiency, Loyalty & Flexibility
WebRTC: Efficiency, Loyalty & FlexibilityWebRTC: Efficiency, Loyalty & Flexibility
WebRTC: Efficiency, Loyalty & Flexibility
 

Similar to Jasigsakai12 columbia-customizes-cas

Web services in java
Web services in javaWeb services in java
Web services in java
maabujji
 
Community call: Develop multi tenant apps with the Microsoft identity platform
Community call: Develop multi tenant apps with the Microsoft identity platformCommunity call: Develop multi tenant apps with the Microsoft identity platform
Community call: Develop multi tenant apps with the Microsoft identity platform
Microsoft 365 Developer
 
Advanced #2 networking
Advanced #2 networkingAdvanced #2 networking
Advanced #2 networking
Vitali Pekelis
 
Symfony2 from the Trenches
Symfony2 from the TrenchesSymfony2 from the Trenches
Symfony2 from the Trenches
Jonathan Wage
 
Symfony2 - from the trenches
Symfony2 - from the trenchesSymfony2 - from the trenches
Symfony2 - from the trenches
Lukas Smith
 
Multi Client Development with Spring
Multi Client Development with SpringMulti Client Development with Spring
Multi Client Development with Spring
Joshua Long
 
70562-Dumps
70562-Dumps70562-Dumps
70562-Dumps
Pragya Rastogi
 
Asp.NET MVC
Asp.NET MVCAsp.NET MVC
Asp.NET MVC
vrluckyin
 
Implement Service Broker with Spring Boot #cf_tokyo
Implement Service Broker with Spring Boot #cf_tokyoImplement Service Broker with Spring Boot #cf_tokyo
Implement Service Broker with Spring Boot #cf_tokyo
Toshiaki Maki
 
Camunda BPM 7.2: Tasklist and Javascript Forms SDK (English)
Camunda BPM 7.2: Tasklist and Javascript Forms SDK (English)Camunda BPM 7.2: Tasklist and Javascript Forms SDK (English)
Camunda BPM 7.2: Tasklist and Javascript Forms SDK (English)
camunda services GmbH
 
WCF Fundamentals
WCF Fundamentals WCF Fundamentals
WCF Fundamentals
Safaa Farouk
 
13 asp.net session19
13 asp.net session1913 asp.net session19
13 asp.net session19
Vivek chan
 
Event Streaming with Kafka Streams and Spring Cloud Stream | Soby Chacko, VMware
Event Streaming with Kafka Streams and Spring Cloud Stream | Soby Chacko, VMwareEvent Streaming with Kafka Streams and Spring Cloud Stream | Soby Chacko, VMware
Event Streaming with Kafka Streams and Spring Cloud Stream | Soby Chacko, VMware
HostedbyConfluent
 
JavaCro'14 - Building interactive web applications with Vaadin – Peter Lehto
JavaCro'14 - Building interactive web applications with Vaadin – Peter LehtoJavaCro'14 - Building interactive web applications with Vaadin – Peter Lehto
JavaCro'14 - Building interactive web applications with Vaadin – Peter Lehto
HUJAK - Hrvatska udruga Java korisnika / Croatian Java User Association
 
Fm 2
Fm 2Fm 2
Fm 2
sambavade
 
Asp.Net Ajax Component Development
Asp.Net Ajax Component DevelopmentAsp.Net Ajax Component Development
Asp.Net Ajax Component Development
Chui-Wen Chiu
 
MongoDB.local Atlanta: Introduction to Serverless MongoDB
MongoDB.local Atlanta: Introduction to Serverless MongoDBMongoDB.local Atlanta: Introduction to Serverless MongoDB
MongoDB.local Atlanta: Introduction to Serverless MongoDB
MongoDB
 
State management
State managementState management
State management
Muhammad Amir
 
Dependency injection - the right way
Dependency injection - the right wayDependency injection - the right way
Dependency injection - the right way
Thibaud Desodt
 
GAC Java Presentation_Server Side Include_Cookies_Filters 2022.ppt
GAC Java Presentation_Server Side Include_Cookies_Filters 2022.pptGAC Java Presentation_Server Side Include_Cookies_Filters 2022.ppt
GAC Java Presentation_Server Side Include_Cookies_Filters 2022.ppt
CUO VEERANAN VEERANAN
 

Similar to Jasigsakai12 columbia-customizes-cas (20)

Web services in java
Web services in javaWeb services in java
Web services in java
 
Community call: Develop multi tenant apps with the Microsoft identity platform
Community call: Develop multi tenant apps with the Microsoft identity platformCommunity call: Develop multi tenant apps with the Microsoft identity platform
Community call: Develop multi tenant apps with the Microsoft identity platform
 
Advanced #2 networking
Advanced #2 networkingAdvanced #2 networking
Advanced #2 networking
 
Symfony2 from the Trenches
Symfony2 from the TrenchesSymfony2 from the Trenches
Symfony2 from the Trenches
 
Symfony2 - from the trenches
Symfony2 - from the trenchesSymfony2 - from the trenches
Symfony2 - from the trenches
 
Multi Client Development with Spring
Multi Client Development with SpringMulti Client Development with Spring
Multi Client Development with Spring
 
70562-Dumps
70562-Dumps70562-Dumps
70562-Dumps
 
Asp.NET MVC
Asp.NET MVCAsp.NET MVC
Asp.NET MVC
 
Implement Service Broker with Spring Boot #cf_tokyo
Implement Service Broker with Spring Boot #cf_tokyoImplement Service Broker with Spring Boot #cf_tokyo
Implement Service Broker with Spring Boot #cf_tokyo
 
Camunda BPM 7.2: Tasklist and Javascript Forms SDK (English)
Camunda BPM 7.2: Tasklist and Javascript Forms SDK (English)Camunda BPM 7.2: Tasklist and Javascript Forms SDK (English)
Camunda BPM 7.2: Tasklist and Javascript Forms SDK (English)
 
WCF Fundamentals
WCF Fundamentals WCF Fundamentals
WCF Fundamentals
 
13 asp.net session19
13 asp.net session1913 asp.net session19
13 asp.net session19
 
Event Streaming with Kafka Streams and Spring Cloud Stream | Soby Chacko, VMware
Event Streaming with Kafka Streams and Spring Cloud Stream | Soby Chacko, VMwareEvent Streaming with Kafka Streams and Spring Cloud Stream | Soby Chacko, VMware
Event Streaming with Kafka Streams and Spring Cloud Stream | Soby Chacko, VMware
 
JavaCro'14 - Building interactive web applications with Vaadin – Peter Lehto
JavaCro'14 - Building interactive web applications with Vaadin – Peter LehtoJavaCro'14 - Building interactive web applications with Vaadin – Peter Lehto
JavaCro'14 - Building interactive web applications with Vaadin – Peter Lehto
 
Fm 2
Fm 2Fm 2
Fm 2
 
Asp.Net Ajax Component Development
Asp.Net Ajax Component DevelopmentAsp.Net Ajax Component Development
Asp.Net Ajax Component Development
 
MongoDB.local Atlanta: Introduction to Serverless MongoDB
MongoDB.local Atlanta: Introduction to Serverless MongoDBMongoDB.local Atlanta: Introduction to Serverless MongoDB
MongoDB.local Atlanta: Introduction to Serverless MongoDB
 
State management
State managementState management
State management
 
Dependency injection - the right way
Dependency injection - the right wayDependency injection - the right way
Dependency injection - the right way
 
GAC Java Presentation_Server Side Include_Cookies_Filters 2022.ppt
GAC Java Presentation_Server Side Include_Cookies_Filters 2022.pptGAC Java Presentation_Server Side Include_Cookies_Filters 2022.ppt
GAC Java Presentation_Server Side Include_Cookies_Filters 2022.ppt
 

Recently uploaded

Serial Arm Control in Real Time Presentation
Serial Arm Control in Real Time PresentationSerial Arm Control in Real Time Presentation
Serial Arm Control in Real Time Presentation
tolgahangng
 
20240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 202420240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 2024
Matthew Sinclair
 
RESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for studentsRESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for students
KAMESHS29
 
Mariano G Tinti - Decoding SpaceX
Mariano G Tinti - Decoding SpaceXMariano G Tinti - Decoding SpaceX
Mariano G Tinti - Decoding SpaceX
Mariano Tinti
 
“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”
Claudio Di Ciccio
 
Video Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the FutureVideo Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the Future
Alpen-Adria-Universität
 
TrustArc Webinar - 2024 Global Privacy Survey
TrustArc Webinar - 2024 Global Privacy SurveyTrustArc Webinar - 2024 Global Privacy Survey
TrustArc Webinar - 2024 Global Privacy Survey
TrustArc
 
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
SOFTTECHHUB
 
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
SOFTTECHHUB
 
20240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 202420240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 2024
Matthew Sinclair
 
GenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizationsGenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizations
kumardaparthi1024
 
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success StoryDriving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Safe Software
 
Presentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of GermanyPresentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of Germany
innovationoecd
 
Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1
DianaGray10
 
HCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAUHCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAU
panagenda
 
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
Neo4j
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
Safe Software
 
Removing Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software FuzzingRemoving Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software Fuzzing
Aftab Hussain
 
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
Neo4j
 
UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5
DianaGray10
 

Recently uploaded (20)

Serial Arm Control in Real Time Presentation
Serial Arm Control in Real Time PresentationSerial Arm Control in Real Time Presentation
Serial Arm Control in Real Time Presentation
 
20240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 202420240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 2024
 
RESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for studentsRESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for students
 
Mariano G Tinti - Decoding SpaceX
Mariano G Tinti - Decoding SpaceXMariano G Tinti - Decoding SpaceX
Mariano G Tinti - Decoding SpaceX
 
“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”
 
Video Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the FutureVideo Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the Future
 
TrustArc Webinar - 2024 Global Privacy Survey
TrustArc Webinar - 2024 Global Privacy SurveyTrustArc Webinar - 2024 Global Privacy Survey
TrustArc Webinar - 2024 Global Privacy Survey
 
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
 
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
 
20240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 202420240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 2024
 
GenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizationsGenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizations
 
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success StoryDriving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success Story
 
Presentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of GermanyPresentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of Germany
 
Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1
 
HCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAUHCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAU
 
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
 
Removing Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software FuzzingRemoving Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software Fuzzing
 
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
 
UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5
 

Jasigsakai12 columbia-customizes-cas

  • 1. Dan Ellentuck, Columbia University Bill Thompson, Unicon Inc. June 10-15, 2012 Growing Community; Growing Possibilities
  • 2. Reasons to Choose CAS: Google Apps SSO SAML Support Vendor Support Community Support Tie-in with other open source tools and products, e.g., Sakai  Complicating Factors: Pre-existing local web auth system Active, diverse client base  Question: How can legacy system be migrated to CAS?
  • 3. CAS support for Google Apps SSO  Migrating a pre-existing web auth system to CAS  CAS customizations and enhancements: • Adding support for a new protocol • Plugging in a custom service registry • Enabling per-service UI tweaks • Changing some basic login behavior
  • 4. Google Apps SSO is based on SAML 2. See: https://developers.google.com/google- apps/sso/saml_reference_implementation  Step-by-step instructions on configuring CAS for Google Apps sso: https://wiki.jasig.org/pages/viewpage.action?pageId=60634 84  Works OOTB.
  • 5. Sibling of CAS, called “WIND”.  Cookie-based SSO.  No generic login.  Per-service UI customization and opt-in SSO.  Similar APIs with different request param names: CAS: /login?service=https://MY-APPLICATION-PATH /logout /serviceValidate?service=https://APPLICATION-PATH&ticket=SERVICE-TICKET WIND: /login?destination=https://MY-APPLICATION-PATH /logout /validate?ticketid=SERVICE-TICKET
  • 6. 2 private validation response formats (text and xml): yes de3 <wind:serviceResponse xmlns:wind='http://www.columbia.edu/acis/rad/authmethods/wind'> <wind:authenticationSuccess> <wind:user>de3</wind:user> <wind:passwordtyped>true</wind:passwordtyped> <wind:logintime>1338696023</wind:logintime> <wind:passwordtime>1331231507</wind:passwordtime> <wind:passwordchangeURI>https://idmapp.cc.columbia.edu/acctmanage/changepasswd </wind:passwordchangeURI> </wind:authenticationSuccess> </wind:serviceResponse>
  • 7. Service registry with maintenance UI  Service attributes for UI customization, multiple destinations, attribute release, application contacts, etc. SERVICE DESTINATION SERVICE_LABEL SERVICE_LABEL DESTINATION SINGLE_SIGN_ON (T/F) PROXY_GRANTING (T/F) RETURN_XML (T/F) SERVICE_CONTACT ID_FORMAT DESCRIPTION SERVICE_LABEL HELP_URI (for customizing UI) EMAIL_ADDRESS IMAGE_PATH(for customizing UI ) CONTACT_TYPE HELP_LABEL(for customizing UI) AFFILIATION SERVICE_LABEL AFFILIATION (like ATTRIBUTE)
  • 8. Collaboration between Columbia and Unicon.  Tasks: ◦ Plug legacy service registry into CAS. ◦ Add legacy authentication protocol to CAS. ◦ Port login UI customizations to CAS. ◦ Change some login behavior (eliminate generic login.)  New service registrations must use CAS protocol.  Existing clients can use either legacy or CAS protocols during transition.
  • 9. Java • View technologies (JSP, CSS, etc.) • Maven (dependencies; overlays) • Spring configuration (CAS set up) • Spring Web Flow (SWF) • App server/web server (tomcat/apache)
  • 10. Service Registry is obvious extension point.  Advantages to plugging in local service registry: ◦ Retain extended service attributes and functions ◦ Remove migration headache ◦ Can continue to use legacy maintenance UI
  • 11. Step 1: Write a CAS RegisteredService adaptor, part 1. Write an interface that extends CAS RegisteredService with any extra attributes in the custom service registry. public interface WindRegisteredService extends RegisteredService { /** * Returns a display label for the help link. Can be null. * Ignored if getHelpUri() is null. * @return String */ String getHelpLabel(); /** * Returns a help URI. Can be null. * @return String */ String getHelpUri(); ...etc. }
  • 12. Step 2: Write a CAS RegisteredService adaptor, part 2. Write a RegisteredService implementation that adapts an instance of the custom service to the extended RegisteredService interface. public class WindRegisteredServiceImpl implements WindRegisteredService, Comparable<RegisteredService> { public boolean matches(Service targetService) { if (!isEnabled() || targetService == null || targetService.getId() == null || targetService.getId().isEmpty()) return false; for (String registeredDestination : List<String>) getWindService().getAllowed_destinations()) { String target = targetService.getId().substring(0, registeredDestination.length()); if (registeredDestination.equalsIgnoreCase(target)) return true; } return false; } ... }
  • 13. Step 3: Implement a CAS ServicesManager (maps incoming Service URL of a request with the matching CAS RegisteredService.) public class ReadOnlyWindServicesManagerImpl implements ReloadableServicesManager { ... public RegisteredService findServiceBy(Service targetService) { edu.columbia.acis.rad.wind.model.Service windService = findWindService(targetService); return ( windService != null ) ? getRegisteredServicesByName().get(windService.getLabel()) : null; } public RegisteredService findServiceBy(long id) { return getRegisteredServicesById().get(id); } ... }
  • 14. Step 4: Write Spring bean definitions for the new ServicesManager. applicationContext.xml <!– Default servicesManager bean definition replaced by custom servicesManager <bean id="servicesManager" class="org.jasig.cas.services.DefaultServicesManagerImpl"> <constructor-arg index="0" ref="serviceRegistryDao"/> </bean> --> <bean id="servicesManager" class="edu.columbia.acis.rad.wind.cas.ReadOnlyWindServicesManagerImpl"> <constructor-arg index=“0” ref =“wind-ServicesCollection"/> </bean> ...etc.
  • 15. Result…  Additional service attributes and functions are available to CAS  Custom maintenance UI can be used  Service registry uses custom logic to match Service URL of incoming request with appropriate registered service.  Easy migration
  • 16. CAS is multi-protocol  Wind and CAS protocols are similar but not identical  Different servlet API and validation response formats  Advantages to adding legacy protocol to CAS: ◦ Single authentication service ◦ Single SSO domain ◦ Easy migration from legacy system
  • 17. Step 1: Implement the CAS Service interface for the new protocol by subclassing abstractWebApplicationService: public class WindService extends AbstractWebApplicationService { private static final String DESTINATION_PARAM = "destination"; private static final String SERVICE_PARAM = "service"; private static final String TICKET_PARAM = "ticketid"; ... // Create a Service instance from the request: public static WindService from(HttpServletRequest request, HttpClient httpClient) { String origUrl = request.getParameter(DESTINATION_PARAM); ... new WindService(origUrl, origUrl, /*artifactId not used*/ null, httpClient); }
  • 18. Step 2: Write an ArgumentExtractor class to retrieve values of protocol-specific request parameters and return instances of the Service class created in Step 1: public class WindArgumentExtractor extends AbstractSingleSignOutEnabledArgumentExtractor { private static final String TICKET_PARAM = "ticketid"; ... protected WebApplicationService extractServiceInternal ( HttpServletRequest request) //Coming in from validation request if ("/validate".equals(request.getServletPath())) { String ticketId = request.getParameter(TICKET_PARAM); ServiceTicket st = (ServiceTicket) this.ticketRegistry.getTicket(ticketId, ServiceTicket.class); WindService ws = st != null ? (WindService) st.getService() : null; ... return WindService.from(ticketId, ws., getHttpClientIfSingleSignOutEnabled());
  • 19. Step 3: In web.xml, map the servlet path for the protocol’s version of the service ticket validation request to the cas servlet: <servlet> <servlet-name>cas</servlet-name> <servlet-class> org.jasig.cas.web.init.SafeDispatcherServlet </servlet-class> <init-param> <param-name>publishContext</param-name> <param-value>false</param-value> </init-param> <load-on-startup>1</load-on-startup> </servlet> ... <servlet-mapping> <servlet-name>cas</servlet-name> <url-pattern>/validate</url-pattern> </servlet-mapping> ...
  • 20. Step 4: Write a view class to format the service ticket validation response: class WindResponseView extends AbstractCasView { .... private buildSuccessXmlResponse(Assertion assertion) { def auth = assertion.chainedAuthentications[0] def principalId = auth.principal.id def xmlOutput = new StreamingMarkupBuilder() xmlOutput.bind { mkp.declareNamespace('wind': WIND_XML_NAMESPACE) wind.serviceResponse { wind.authenticationSuccess { wind.user(principalId) wind.passwordtyped(assertion.fromNewLogin) wind.logintime(auth.authenticatedDate.time) ...etc. } } }.toString() }
  • 21. Step 5: Define and wire up beans for the various protocol operations: argumentExtractorsConfiguration.xml defines ArgumentExtractor classes for the various supported protocols: <bean id="windArgumentExtractor" class="edu.columbia.cas.wind.WindArgumentExtractor" p:httpClient-ref="httpClient" p:disableSingleSignOut="true"> <constructor-arg index="0" ref="ticketRegistry"/> </bean> uniqueIdGenerators.xml protocol is mapped to uniqueID generator for service tickets via Service class: <util:map id=“uniqueIdGeneratorsMap”> <entry key=“edu.columbia.cas.wind.WindService” value-ref=“serviceTicketUniqueIdGenerator” /> ...etc. </util:map>
  • 22. Step 5: Define and wire up beans for the various protocol operations (cont’d): cas-servlet.xml bean definitions made available to the web flow: <prop key=“/validate”> windValidateController </prop ... <bean id=“windValidateController” class=“org.jasig.cas.web.ServiceValidateController” p:proxyHandler-ref=“proxy20Handler” p:successView=“windServiceSuccessView” p:failureView=“windServiceFailureView” p:validationSpecificationClass= “org.jasig.cas.validation.Cas20WithoutProxyingValidationSpecification” p:centralAuthenticationService-ref=“centralAuthenticationService” p:argumentExtractor-ref=“windArgumentExtractor”/> ...etc.
  • 23. 2012 Jasig Sakai Conference 23
  • 24. Result…  CAS will detect a request in the new protocol;  Extract appropriate request parameters;  Respond in the appropriate format.  Legacy clients continue to use usual auth protocol until ready to migrate.  Single server/SSO realm.
  • 25. Adding local images and content to the CAS login UI is a common implementation step.  CAS lets each RegisteredService have its own style sheet (high effort.)  Legacy auth service allows per-service tweaks to the login UI (low effort): • Custom logo • Help link and help label • Choice of displaying institutional links • Popular with clients
  • 26. Prerequisite: ◦ Must have service-specific attributes that control the customization. ◦ Extend service registry with custom UI elements; or ◦ Plug in custom service registry (see above.)
  • 27. Step 1: Write a Spring Web Flow Action class to map the incoming Service to a RegisteredService and make the RegisteredService available in the web flow context. Public class ServiceUiElementsResolverAction extends AbstractAction { ... protected Event doExecute(RequestContext requestContext) throws Exception { // get the Service from requestContext. Service service = (Service) requestContext.getFlowScope().get("service", Service.class); ... // get the RegisteredService for this request from the ServicesManager. WindRegisteredService registeredService = (WindRegisteredService) this.servicesManager.findServiceBy(service); ... // make RegisteredService available to the view. requestContext.getRequestScope().put("registeredService", registeredService); ... } ... }
  • 28. Step 2: Define a bean for the Action class in cas- servlet.xml, to make the class available to the login web flow: cas-servlet.xml ... <bean id="uiElementsResolverAction“ class="edu.columbia.cas.wind.ServiceUiElementsResolverAction"> <constructor-arg index="0" ref=“servicesManager"/> </bean>
  • 29. Step 3: Make the RegisteredService available to the web flow by doing our Action in the login web flow just before the login UI is rendered: Login-webflow.xml ... <view-state id="viewLoginForm" view="casLoginView" model="credentials"> <binder> <binding property="username" /> <binding property="password" /> </binder> <on-entry> <set name="viewScope.commandName" value="'credentials'" /> <!– Make RegisteredService available in web flow context --> <evaluate expression="uiElementsResolverAction"/> </on-entry> <transition on="submit" bind="true" validate="true" to="realSubmit"> <evaluate expression="authenticationViaFormAction.doBind (flowRequestContext, flowScope.credentials)" /> </transition> </view-state>
  • 30. Step 4: In the login view, refer to RegisteredService attributes when customizing the UI markup: casLoginView.jsp ... <!-- Derive the path to the logo image from the registered service. --> <c:set var="imagePath" value = "${!empty registeredService.imagePath ? registeredService.imagePath : defaultImagePath}"/> ... <!-- display the custom logo --> <img src="<c:url value="${imagePath}" />" alt="${registeredService.name}" /> ...
  • 31. Result… ◦ Vanilla login page ◦ Login page with default logo, institutional links ◦ Login page with custom logo ◦ Login page with another custom logo and help link
  • 32. CAS allows a login without a service, a generic login, which creates a ticket granting ticket but no service ticket.  Generic login permitted  Legacy auth service assumes client is always trying to log into something. Treats a generic login as an error. We want to preserve this behavior.
  • 33. Step 1: Write a Spring Web Flow Action that checks if the login request has a known service destination and returns success/error. public class CheckForRegisteredServiceAction extends AbstractAction { ServicesManager servicesManager; protected Event doExecute(RequestContext requestContext) throws Exception { Service service = (Service) requestContext.getFlowScope().get("service", Service.class); RegisteredService registeredService = null; if(service != null) { registeredService = this.servicesManager.findServiceBy(service); } return ( registeredService==null ) ? error() : success(); } }
  • 34. Step 2: Make the class available to the login web flow by defining a bean in cas-servlet.xml: cas-servlet.xml ... <bean id="checkForRegisteredServiceAction“ class="edu.columbia.cas.wind.CheckForRegisteredServiceAction" > <constructor-arg index="0" ref="servicesManager"/> </bean> ...
  • 35. Step 3: In the login web flow add an action-state to check that the request has a service parameter, and it corresponds to a RegisteredService. login-webflow.xml ... <!-- validate the request: non-null service with corresponding RegisteredService --> <decision-state id="hasServiceCheck"> <if test="flowScope.service != null" then="hasRegisteredServiceCheck“ else="viewServiceErrorView" /> </decision-state> <!-- Is there a corresponding RegisteredService? --> <action-state id="hasRegisteredServiceCheck"> <evaluate expression="checkForRegisteredServiceAction"/> <transition on="success" to="ticketGrantingTicketExistsCheck" /> <transition on="error" to="viewServiceErrorView" /> </action-state>
  • 36. Result… ◦ CAS will now assume client is always trying to log into something and treat a request without a known service destination as an error. ◦ Users will not see login UI less they arrive with a registered service. ◦ Generic login not permitted
  • 37. Tasks accomplished: ◦ Support Google Apps SSO ◦ Plug legacy service registry into CAS ◦ Add legacy authentication protocol to CAS ◦ Port login UI customizations to CAS ◦ Eliminate generic login
  • 38.
  • 39. Dan Ellentuck, Columbia University de3@columbia.edu Bill Thompson, Unicon Inc. wgthom@unicon.net