I'm making a test project to try spring boot for our future projects.
We are using jasig CAS and I'm trying to configure with spring boot and the embedded tomcat server.
So I add in the pom.xml spring-boot-starter-security
After that I try to configure WebSecurityConfig -> spring provides classes to configure with cas, for example I need to configure an entry point :
@Bean
public CasAuthenticationEntryPoint casAuthenticationEntryPoint() {
CasAuthenticationEntryPoint casAuthenticationEntryPoint = new CasAuthenticationEntryPoint();
casAuthenticationEntryPoint.setLoginUrl("https://localhost:9443/cas/login");
casAuthenticationEntryPoint.setServiceProperties(serviceProperties());
return casAuthenticationEntryPoint;
}
Here is the first problem : the class org.springframework.security.cas.web.CasAuthenticationEntryPoint isn't reconized by the application.
The class dosen't seem to be imported with spring-boot-starter-security.
What is the best practice ? Do I have to manually add the dependency in my pom like I was doing before ?
example :
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-cas</artifactId>
<version>${spring-security.version}</version>
<type>jar</type>
<scope>compile</scope>
</dependency>
If so, which version do I need to use to fit with the boot version package and avoid conflicts ?
The second point is how do I configure the embedded tomcat to enable ssl with certificate ?
Here is my classic server.xml config for CAS :
Connector emptySessionPath="true" port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol" SSLEnabled="true" URIEncoding="UTF-8"
maxThreads="150" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
keystoreFile="C:\***\***\***\.keystore" keystorePass="***"
truststoreFile="C:\Program Files\Java\jdk1.7.0_67\jre\lib\security\cacerts"
compression="on"
compressionMinSize="2048"
noCompressionUserAgents="gozilla, traviata"
compressableMimeType="text/html,text/xml,text/plain,text/css,text/javascript"/>
Is it possible to configure keystorefile/truststorefile with the embedded tomcat ?
Thanks