CAS + ColdFusion

Posted by Quinn Madson | Posted in | Posted on 9:24 AM

3

The example available from JA-SIG is some of the ugliest code I've seen lately. This is what I came up with (based on their example code):
Application.cfm

<cfapplication name="my_awesome_app_name_here"
clientmanagement="yes" sessionmanagement="yes"
setclientcookies="yes" setdomaincookies="no"
loginstorage="session">
index.cfm
<!--- globals --->
<cfparam name="url.ticket" default="">
<cfparam name="username" default="">
<cfparam name="url.action" default="">
<cfscript>
cas_path = "https://cas-server.example.edu/cas/";
app_path = "https://coldfusion-server.example.edu/path/to/this/app/";
cas_url = cas_path & "login?" & "service=" & app_path;
</cfscript>

<!--- session init --->
<cflock timeout="10" scope="session" type="readonly">
<cfparam name="session.username" default="">
<cfparam name="session.authorized" default="0">
</cflock>

<!--- logout action --->
<cfif url.action eq "logout">
<!--- session reset --->
<cflock scope="session" timeout="30" type="exclusive">
<cfset session.username = "">
<cfset session.authorized = "0">
</cflock>

<cfset cas_url = cas_path & "logout">
<cflocation url="#cas_url#" addtoken="false">

<cfelse>
<!--- auth check --->
<cfif not len(trim(session.username))>
<cfif not len(trim(ticket))>
<cflocation url="#cas_url#" addtoken="no">
<cfelse>
<cfset cas_url = #cas_path# & "serviceValidate?ticket=" & url.ticket & "&" & "service=" & app_path & "/">
<cfhttp url="#cas_url#" method="get"/>
<cfset objXML = xmlParse(cfhttp.filecontent)>
<cfset SearchResults = XmlSearch(objXML,"cas:serviceResponse/cas:authenticationSuccess/cas:user")>

<cfif arraylen(SearchResults)>
Raw XML:<cfdump var="#cfhttp.filecontent#">
<cfdump var="#objXML#" label="CAS Results">
<cfdump var="#SearchResults#" label="Parsed CAS Results">
<cfset username = SearchResults[1].XmlText>
<cflock scope="session" timeout="30" type="exclusive">
<cfset session.username = username>
<cfset session.authorized = "1">
</cflock>
<cfelse>
<cflocation url="#cas_url#" addtoken="no">
</cfif>
</cfif>
</cfif>



<cfif structKeyExists(url, "accessdenied")>
Access Error
<cfelse>
Authenticated.<br/>
<cfdump var="#session#" label="ColdFusion Session Object">
<a href="?action=logout">Logout</a><br/>
</cfif>
</cfif>
Honestly, it's a pretty simple process:
  • Check for a ColdFusion session
  • If one doesn't exist, redirect to CAS and provide a call back URL
  • When CAS redirects back to your application you grab the ticket and verify it server to server via cfhttp.
  • If the ticket checks out, you create a ColdFusion session and use it within your application.
The point of this example is to keep it simple. The code is commented to clue you into where the different components would plug into the framework of your choice.

Zimbra URLs

Posted by Quinn Madson | Posted in | Posted on 7:08 AM

1

Zimbra has a bunch of built in functionality for rendering HTML versions of calendars as well as feeds such as RSS. This keeps coming up with Zimbra users inside and outside of our organization. I'm posting it here for future reference.

For an HTML representation of a public calendar we use a URL like this:

https://pantherlink.uwm.edu/zimbra/home/qkmadson/calendar.html?view=week

The view=week is optional; I just wanted to show an example. The view defaults to a month view and can be changed by the user. If the calendar is not set to public, you'll get a permission error. If you want to show a private calendar, you can use something like:

https://pantherlink.uwm.edu/home/bmaas/?fmt=freebusy&view=week

This will show the free and busy information but, no meeting details. For your purposes, you will need to change "pantherlink.uwm.edu" to your Zimbra server and change "qkmadson" or "bmaas" to one of your usernames. You may want to take a look at this blog entry:

http://www.zimbrablog.com/blog/archives/2006/01/rest-update.html

The show examples of how to use various feed options in Zimbra. For example, if you wanted to use RSS:

https://pantherlink.uwm.edu/zimbra/home/qkmadson/calendar.rss

RapidSVN currently broken in Ubuntu Repository

Posted by Quinn Madson | Posted in | Posted on 9:01 AM

0

The current package for RapidSVN segfaults constantly with the current version (as of today's date) in the Hardy Heron repos. To fix this:

  • Grab the Intrepid Ibex package by editing: /etc/apt/sources.list
  • Do a search and replace: "hardy" for "intrepid".
  • Update your packages and reinstall RapidSVN.
You can do this from the GUI side with gedit and synaptic. From the command line:
sudo -s
vim /etc/apt/sources.list

in vi:
:%s/hardy/intrepid/gi
:wq!

command line:
apt-get update
apt-get install rapidsvn
At this point, you should switch back to the hardy repos by editing sources.list and re-replacing intrepid for hardy.

Network Debugging w/ MVPMC

Posted by Quinn Madson | Posted in | Posted on 6:12 PM

0

While running the MVPMC software on MVC devices, sometimes I will receive an error that the streaming server cannot be found.

Check /var/log/messages for:

 dhcpd: DHCPACK on 192.168.0.51 to 00:0d:fe:39:21:06 via eth0

if that's the last message, make sure you run:
/usr/sbin/in.tftpd -l -a :16869 -s /tftpboot -v
/usr/bin/mvprelay 16881 5906 6337 192.168.0.1 &