SPRING Configuring BOOT with Jasig CAS

I am doing a test project to try boot spring for our future projects.

We are using jasig CAS and I am trying to setup using spring boot and embedded tomcat server.

So, I add spring-boot-starter-security to pom.xml

After that I am trying to configure WebSecurityConfig -> spring provides classes to configure using cas, for example I need to configure an entry point:

public CasAuthenticationEntryPoint casAuthenticationEntryPoint() {
    CasAuthenticationEntryPoint casAuthenticationEntryPoint = new CasAuthenticationEntryPoint();
    return casAuthenticationEntryPoint;


Here's the first problem: the org.springframework.security.cas.web.CasAuthenticationEntryPoint class is not reverse engineered by the application.

The dosen't class seems to be imported using spring-boot-starter-security.

What's the best practice? Do I have to manually add the dependency to my pump like I did before?




If so, which version should I use to match the download package and avoid conflicts?

Second, how do I configure embedded tomcat to include ssl with a certificate?

Here is my classic server.xml for CAS:

Connector emptySessionPath="true" port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol" SSLEnabled="true" URIEncoding="UTF-8"
    maxThreads="150" scheme="https" secure="true"
           clientAuth="false" sslProtocol="TLS" 
           keystoreFile="C:\***\***\***\.keystore" keystorePass="***"
    truststoreFile="C:\Program Files\Java\jdk1.7.0_67\jre\lib\security\cacerts"
     noCompressionUserAgents="gozilla, traviata"


Is it possible to customize keystorefile / truststorefile with embedded tomcat?



source to share

2 answers

Assuming you are spring-boot-starter-parent

parenting your project (or importing it into your own section <dependencyManagement>

), you don't need to declare a version for the dependency spring-security-cas

, since Boot already provides dependency management for It. You can simply do this:



See the reference documents for SSL configuration . You just need to specify a few properties to set up your keystore, etc. For example:

server.port = 8443
server.ssl.key-store = keystore.jks
server.ssl.key-store-password = secret
server.ssl.key-password = another-secret




I am a little confused, I am trying to complete the SSL setup, but I still have a problem.

Here is my tomcat config with spring boot:

server.port = 8080
server.ssl.key-store = C:\\dev\\web\\tomcat\\.keystore
server.ssl.key-store-password = changeit
server.ssl.key-password = changeit
server.ssl.trustStore = C:\\Program Files\\Java\\jdk1.7.0_67\\jre\\lib\\security\\cacerts
server.ssl.trustStorePassword = changeit


I run the application, no problem, I am redirected to my CAS server, I enter the login / logout password, then I get the error:

javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target


I like it if my certificate doesn't work, but when I use tomcat in the classic way (not inline, my config is in my first post) it works fine.

Did I miss something?



All Articles