From cbb2f2f81452a97fddbdcc1f6010fbc85682e3b3 Mon Sep 17 00:00:00 2001 From: Erlend Hamnaberg <erlend@hamnaberg.net> Date: Thu, 29 Nov 2018 07:42:20 +0000 Subject: [PATCH] Redirect to application after login is complete --- README.md | 23 ++++++++++++++++------- 1 files changed, 16 insertions(+), 7 deletions(-) diff --git a/README.md b/README.md index 77bd12b..a95e6bb 100644 --- a/README.md +++ b/README.md @@ -12,21 +12,30 @@ * Mapping of custom user attributes to CAS assertion attributes The following features are **currently missing**: -* #2: Proxy ticket service and proxy ticket validation [CAS 2.0] -* #1: SAML request/response [CAS 3.0 - optional] +* [#1](/../../issues/1): SAML request/response [CAS 3.0 - optional] +* [#2](/../../issues/2): Proxy ticket service and proxy ticket validation [CAS 2.0] The following features are out of scope: * Long-Term Tickets - Remember-Me [CAS 3.0 - optional] +## Compatibility +The CAS plugin has been tested against the following Keycloak versions. Please ensure your version is compatible before deploying. +Please report test results with other versions! + +* For Keycloak **2.5.x, 3.0.x and 3.1.x** please use plugin version **1.0.0** +* For Keycloak **3.2.x, 3.3.x and 3.4.0** please use plugin version **2.1.0** +* Starting from Keycloak **3.4.3**, the plugin version should **match your Keycloak version** + ## Installation -1. Clone or download this repository (pre-compiled releases will follow!) -2. Run `mvn package` to build the plugin JAR -3. Copy the JAR file generated in the `target` folder into the `standalone/deployments` directory in your Keycloak server's root -4. Restart Keycloak (optional, hot deployment should work) +Installation of a compatible plugin version is simple and can be done without a Keycloak server restart. + +1. Download the latest release compatible with your Keycloak version from the [releases page](https://github.com/Doccrazy/keycloak-protocol-cas/releases) +2. Copy the JAR file into the `standalone/deployments` directory in your Keycloak server's root +3. Restart Keycloak (optional, hot deployment should work) ## Configuration To use the new protocol, you have to create a client within Keycloak as usual. -**Important: Due to [KEYCLOAK-4270](https://issues.jboss.org/browse/KEYCLOAK-4270), you have to select the `openid-connect` protocol when creating the client and change it after saving.** +**Important: Due to [KEYCLOAK-4270](https://issues.jboss.org/browse/KEYCLOAK-4270), you may have to select the `openid-connect` protocol when creating the client and change it after saving. This has been fixed in Keycloak 3.0.0.** As the CAS protocol does not transmit a client ID, the client will be identified by the redirect URIs (mapped to CAS service). No further configuration is necessary. Enter `https://your.keycloak.host/auth/realms/master/protocol/cas` as the CAS URL into your SP. -- Gitblit v1.9.1