In this example we are goint to protect all the files that are in the folder protected in the site : http://sitioprueba.com/casexample
For this porpouse we need a service of CAS, for this example we will use: https://servidorcas.sitio.com
First of all you need to configurate the filter in web.xml file.
<filter>
<filter-name>CAS Single Sign Out Filter</filter-name>
<filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class>
<init-param>
<param-name>casServerUrlPrefix</param-name>
<param-value>https://servidorcas.sitio.com/cas</param-value>
</init-param>
</filter>
<listener>
<listener-class>org.jasig.cas.client.session.SingleSignOutHttpSessionListener</listener-class>
</listener>
<filter>
<filter-name>CAS Authentication Filter</filter-name>
<!–<filter-class>org.jasig.cas.client.authentication.Saml11AuthenticationFilter</filter-class> –>
<filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class>
<init-param>
<param-name>casServerLoginUrl</param-name>
<param-value>https://servidorcas.sitio.com/cas/login</param-value>
</init-param>
<init-param>
<param-name>serverName</param-name>
<param-value>http://sitioprueba.com/casexample/</param-value>
</init-param>
</filter>
<filter>
<filter-name>CAS Validation Filter</filter-name>
<!–<filter-class>org.jasig.cas.client.validation.Saml11TicketValidationFilter</filter-class> –>
<filter-class>org.jasig.cas.client.validation.Cas30ProxyReceivingTicketValidationFilter</filter-class>
<init-param>
<param-name>casServerUrlPrefix</param-name>
<param-value>https://servidorcas.sitio.com/cas</param-value>
</init-param>
<init-param>
<param-name>serverName</param-name>
<param-value>http://sitioprueba.com/casexample/</param-value>
</init-param>
<init-param>
<param-name>redirectAfterValidation</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<param-name>useSession</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<param-name>authn_method</param-name>
<param-value>mfa-duo</param-value>
</init-param>
</filter>
<filter>
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
<filter-class>org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>CAS Single Sign Out Filter</filter-name>
<url-pattern>/protected/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>CAS Validation Filter</filter-name>
<url-pattern>/protected/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>CAS Authentication Filter</filter-name>
<url-pattern>/protected/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
<url-pattern>/protected/*</url-pattern>
</filter-mapping>
Later we are going to configurate the index.xhtml file.
In this file we are going to include a link to a file of the protected folder:
<p:commandButton id=”btnEnlace” value=”Login” action=”/protected/index.xhtml?faces-redirect=true” />
Finally we have to configurate the controller file of index.xhtml
FacesContext fc = FacesContext.getCurrentInstance();
ExternalContext externalContext = fc.getExternalContext();
System.out.println(“Usuario: ” + externalContext.getRemoteUser());
String codigo= externalContext.getRemoteUser(); //With this code we can recover all the information