Working Java REST Client Example to access CAS REST API

krinker picture krinker · Mar 25, 2014 · Viewed 18.1k times · Source

I followed this tutorial to enable REST service on my local CAS server.

However there is no Java example

"Java REST Client Example

We need a real, working, example, the previous one is useless. Many people are emailing me that it is not working, and I confirm it does not work."

I was able to find this but that unfortunately did not work for me.

Any pointers/links? Much appreciated.

Answer

krinker picture krinker · Mar 25, 2014

Got it!

Here is the complete solution on how to enable CAS REST API and be able to connect to it via JAVA REST client to benefit others

  • Get CAS source code.
  • Review this article
  • Add following to pom.xml like suggested by the article in #2

<dependency> <groupId>org.jasig.cas</groupId> <artifactId>cas-server-integration-restlet</artifactId> <version>${cas.version}</version> <type>jar</type> </dependency>

  • Make sure to add following to pom.xml to avoid Spring jar collisions. In my case, cas-server-integration-restlet was dependent on spring-web, which used by default older version of Spring. So, I explicitly defined

<dependency> <groupId>org.springframework</groupId> <artifactId>spring-web</artifactId> <version>3.1.1.RELEASE</version> </dependency>

  • Compile your cas code. Should get cas.war in your target folder.
  • Upload it to your server, change permissions to tomcat and wait for it to get deployed
  • In CATALINA/conf find server.xml and uncomment 8443 port configuration so that our sever will allow SSL connections. Also, specify your certs in here.
  • Now navigate to exploded cas.war file and drill down to WEB-INF folder to find deployerConfigContext.xml file. Specify what CAS would use to authenticate. In my case, I used LDAP.
  • Add following to web.xml per article above

<servlet> <servlet-name>restlet</servlet-name> <servlet-class>com.noelios.restlet.ext.spring.RestletFrameworkServlet</servlet-class> <load-on-startup>1</load-on-startup> </servlet>

<servlet-mapping> <servlet-name>restlet</servlet-name> <url-pattern>/v1/*</url-pattern> </servlet-mapping>

  • Restart tomcat for changes to take effect.
  • Test that you can log in via standard CAS UI: https://server:8443/cas/login
  • Test that REST API was exposed via: https://server:8443/cas/v1/tickets
  • Now let's connect to it. I used this sample code. Make sure to give correct links and username/password
  • When I tried running the code as is, it complained about "Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target". Basically asking you to install certs. If you have the access to the server, just copy it over. If not, I found this code that will take care of the installation for you if you dont have access or just too lazy :)
  • Now, if you run the JAVA CAS Client with valid credentials you should see something like
201
https://server_name:8443/cas/v1/tickets/TGT-4-rhVWLapYuOYi4InSEcmfNcABzaLMCPJgGIzlKqU1vb50zxb6pp-server_name
Tgt is : TGT-4-rhVWLapYuOYi4InSEcmfNcABzaLMCPJgGIzlKqU1vb50zxb6pp-server_name.ndev.coic.mil
Service url is : service=https%3A%2F%2Fmyserver.com%2FtestApplication
https://server_name:8443/cas/v1/tickets/TGT-4-rhVWLapYuOYi4InSEcmfNcABzaLMCPJgGIzlKqU1vb50zxb6pp-server_name
Response code is:  200
200
ST-4-BZNVm9h6k3DAvSQe5I3C-server_name
  • You can see 200 code and the ticket. If you were to review logs of your cas on the server, you should see messages about successful athentication and ticket generation.
  • Change username/password to some dummy data and try to run the code. You will get 400 error message, which means that permission to access was denied.

Success!