-
Notifications
You must be signed in to change notification settings - Fork 26
Configuring JSON Service Registry
- Create JSON configuration file
servicesRegistry.conf
and put it in/etc/cas
. Example services definitions:
{
"services":[
{
"id":1,
"serviceId":"https://www.google.com/**",
"name":"GOOGLE",
"description":"Test service with ant-style pattern matching",
"theme":"my_example_theme",
"allowedToProxy":true,
"enabled":true,
"ssoEnabled":true,
"anonymousAccess":false,
"evaluationOrder":1,
"allowedAttributes":["uid", "mail"]
},
{
"id":2,
"serviceId":"https://yahoo.com",
"name":"YAHOO",
"description":"Test service with exact match on its serviceId and optional extra attributes",
"extraAttributes":{
"someCustomAttribute":"Custom attribute value"
},
"evaluationOrder":2
},
{
"id":3,
"serviceId":"^(https?|imaps?)://.*",
"name":"HTTPS or IMAPS",
"description":"Test service with regex-style pattern matching of any service either via HTTPS or IMAPS",
"evaluationOrder":3
}
]
}
- Define a bean using custom XML config element from cas-addons XML schema which would produce a bean with
serviceRegistryDao
id indeployerConfigContext
:
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:cas="http://unicon.net/schema/cas"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://unicon.net/schema/cas
http://unicon.net/schema/cas/cas-addons.xsd">
<!-- This definition uses the default config file location of /etc/cas/servicesRegistry.conf -->
<cas:json-services-registry/>
<!-- Use this form to configure with different config file location -->
<!-- <cas:json-services-registry config-file="file:/opt/cas/otherConfigFile.json"/> -->
</beans>
Note: Since version 1.9
, the value of the config-file
attribute does not have to be file but rather, could be an external URL publicly available.
- To add change notification support:
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:p="http://www.springframework.org/schema/p"
xmlns:c="http://www.springframework.org/schema/c"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:task="http://www.springframework.org/schema/task"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/task
http://www.springframework.org/schema/task/spring-task.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context.xsd">
<!-- To enable JsonServiceRegistryDao#ServicesManagerInjectableBeanPostProcessor. Excludes the MongoDb services registry, which is defined as @Repository stereotype -->
<context:component-scan base-package="net.unicon.cas.addons.serviceregistry">
<context:exclude-filter type="annotation" expression="org.springframework.stereotype.Repository"/>
</context:component-scan>
<cas:resource-change-detector id="registeredServicesChangeDetectingEventNotifier"
watched-resource="file:/etc/cas/servicesRegistry.conf"/>
<task:scheduler id="springScheduler" pool-size="3"/>
<task:scheduled-tasks scheduler="springScheduler">
<task:scheduled ref="registeredServicesChangeDetectingEventNotifier" method="notifyOfTheResourceChangeEventIfNecessary" fixed-delay="2000"/>
</task:scheduled-tasks>
</beans>
- To disable default CAS' registered services reloading and rely solely on cas-addons' resource change detection notification reloading behavior (available since version
1.5.3
):
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:cas="http://unicon.net/schema/cas"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://unicon.net/schema/cas
http://unicon.net/schema/cas/cas-addons.xsd">
...
<cas:disable-default-registered-services-reloading/>
...
</beans>
The JsonServiceRegistryDao
forces the CAS Services Management web interface to only be available in read-only mode. All changes made via this management interface using this implementation are only kept in memory and not written back out to the file. This of course means that adopters would be able to review the changes made to the JSON configuration file, yet actual changes would have to be manually or otherwise entered into the file directly.
As of version 1.6
there exists an alternative implementation of the CAS service registry, ReadWriteJsonServiceRegistryDao
which effectively extends the JsonServiceRegistryDao
to allow for write-operations, such that manual editions of the file would no longer be the only way to add service definitions.
To create ReadWriteJsonServiceRegistryDao
bean, simply add read-write="true"
attribute to the configuration element:
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:cas="http://unicon.net/schema/cas"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://unicon.net/schema/cas
http://unicon.net/schema/cas/cas-addons.xsd">
<!-- This definition uses the default config file location of /etc/cas/servicesRegistry.conf -->
<cas:json-services-registry read-write="true"/>
<!-- Use this form to configure with different config file location -->
<!-- <cas:readwrite-json-services-registry read-write="true" config-file="file:/opt/cas/otherConfigFile.json"/> -->
</beans>