crpeck / cas-overlay-docker Goto Github PK

View Code? Open in Web Editor NEW

16.0 6.0 8.0 15 KB

Docker compose setup to build & run Apereo CAS in Docker

Dockerfile 100.00%

cas-overlay-docker's Introduction

CAS Docker Overlay

Uses gradle to build CAS 6.x

Docker Compose setup using a multi-stage build:

First stage builds a Docker image that:
- clones https://github.com/apereo/cas-overlay-template
- copies the src (local overlay) tree into it
- builds cas.war
Second stage runs CAS in a Docker container
- copies the directory etc/cas into the container at /etc/cas
- generates a self-signed keystore for CAS to use at startup
- copies the cas.war file from the first stage
- exposes port 8443
- runs /usr/bin/java -jar cas.war (using the embedded Tocmat server)

To use

To build & run CAS in Docker type: docker-compose up --force-recreate
Open up a page at https://localhost:8443/cas/login and login as:
- user: casuser
- password: Mellon
Type ctrl-c to exit, then type this to cleanup: docker-compose down --rmi all

Notes

If you want to grab a copy of the cas.war file that is running in the container use the 'docker cp' command, for example:

wishbringer:~ $ docker ps -a
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS                  PORTS                    NAMES
79e44dd14c7e        dockercasdev_cas    "/usr/bin/java -ja..."   21 seconds ago      Up 20 seconds           0.0.0.0:8443->8443/tcp   dockercasdev_cas_1
6f5bc662213b        nginx               "nginx -g 'daemon ..."   5 days ago          Exited (0) 5 days ago                            webserver
de061f8c8aef        alpine              "env"                    5 days ago          Exited (0) 5 days ago                            amazing_feynman
4e3975361ef2        alpine              "ifconfig"               5 days ago          Exited (0) 5 days ago                            keen_jang
wishbringer:~ $ docker cp 79e44dd14c7e:/root/cas.war .
wishbringer:~ $ ls -l cas.war
-rw-r--r--  1 crpeck  staff  91251638 Aug 15 14:40 cas.war

The end result is an image of about 173MB that has a full implementation of CAS.

REPOSITORY             TAG                 IMAGE ID            CREATED             SIZE
casoverlaydocker_cas   latest              954457811c53        18 seconds ago      173MB

Proxy authentication

In order to get the proxy authentication working, you need to make sure that the container has imported your SSL certificate (self signed or not).

Your certificate needs to be setup for a local host on your machine.

Step 1

Create a docker-compose.override.yml file:

version: '2'
services:
  cas:
    extra_hosts:
      - "casclient:172.22.0.1"

Change casclient and 172.22.0.1 based on your host settings.

On my side casclient is the hostname of CAS client application and 172.22.0.1 is the IP of the host running Docker.

Step 2

Copy the SSL certificate from your application into etc/cas/config/certificate.pem.

The format of the certificate must be in PEM.

Step 3

docker-compose up

docker-compose up --force-recreate --build

References

Documentation
Issue Tracker
Mailing Lists
Chatroom
Blog

cas-overlay-docker's People

Contributors

Stargazers

Watchers

Forkers

gikoluo rreganjr iamamused plank-tools sealionking letian0805 crane-docker ahettlin

cas-overlay-docker's Issues

Unable to connect with /cas/login

Hi,

When trying to connect to /cas/login for authentication, I get this message:

The application you attempted to authenticate to is not authorized to use CAS. This usually indicates that the application is not registered with CAS, or its authorization policy defined in its registration record prevents it from leveraging CAS functionality, or it's malformed and unrecognized by CAS. Contact your CAS administrator to learn how you might register and integrate your application with CAS.

The URL of my client is: https://ecasclient/ and the CAS server is https://localhost:8443/cas

What can I do to fix this ?

Unable to build

Hi,

I'm trying your repo to have a simple CAS server locally and I'm having issue while the build:

Adding debian:COMODO_RSA_Certification_Authority.pem
Adding debian:GeoTrust_Universal_CA.pem
done.
Setting up junit4 (4.12-8) ...
Setting up groovy (2.4.16-2) ...
update-alternatives: using /usr/share/groovy/bin/groovy to provide /usr/bin/groovy (groovy) in auto mode
update-alternatives: error: error creating symbolic link '/usr/share/man/man1/groovy.1.gz.dpkg-tmp': No such file or directory
dpkg: error processing package groovy (--configure):
 installed groovy package post-installation script subprocess returned error exit status 2
Setting up ant-optional (1.10.5-2) ...
Setting up bnd (3.5.0-4) ...
dpkg: dependency problems prevent configuration of libgradle-core-java:
 libgradle-core-java depends on groovy (>= 2.4.7); however:
  Package groovy is not configured yet.

dpkg: error processing package libgradle-core-java (--configure):
 dependency problems - leaving unconfigured
dpkg: dependency problems prevent configuration of libgradle-plugins-java:
 libgradle-plugins-java depends on libgradle-core-java (>= 4.4.1-6); however:
  Package libgradle-core-java is not configured yet.

dpkg: error processing package libgradle-plugins-java (--configure):
 dependency problems - leaving unconfigured
dpkg: dependency problems prevent configuration of gradle:
 gradle depends on libgradle-core-java (>= 4.4.1-6); however:
  Package libgradle-core-java is not configured yet.
 gradle depends on libgradle-plugins-java (>= 4.4.1-6); however:
  Package libgradle-plugins-java is not configured yet.

dpkg: error processing package gradle (--configure):
 dependency problems - leaving unconfigured
Processing triggers for libc-bin (2.28-10) ...
Processing triggers for ca-certificates (20190110) ...
Updating certificates in /etc/ssl/certs...
0 added, 0 removed; done.
Running hooks in /etc/ca-certificates/update.d...

done.
done.
Errors were encountered while processing:
 openjdk-11-jre-headless:amd64
 groovy
 libgradle-core-java
 libgradle-plugins-java
 gradle
E: Sub-process /usr/bin/dpkg returned an error code (1)
ERROR: Service 'cas' failed to build: The command '/bin/sh -c cd /tmp   && apt-get update   && apt-get install -y --no-install-recommends git gradle   && git clone -b master --single-branch https://github.com/apereo/cas-overlay-template.git cas-overlay   && mkdir -p /tmp/cas-overlay/src/main/webapp' returned a non-zero code: 100
$

It builds fail..

[root@localhost cas-overlay-docker]# docker-compose up --force-recreate
Building cas
Step 1/14 : FROM openjdk:8-jre-alpine as buildwar
 ---> 3402df656dfa
Step 2/14 : MAINTAINER Chris Peck <[email protected]>
 ---> Using cache
 ---> 45832f2b577f
Step 3/14 : RUN cd /tmp   && apk --no-cache add maven git   && git clone -b master --single-branch https://github.com/apereo/cas-overlay-template.git cas-overlay   && mkdir -p /tmp/cas-overlay/src/main/webapp
 ---> Using cache
 ---> 5afaf6cbbf0b
Step 4/14 : COPY src/main/webapp/ /tmp/cas-overlay/src/main/webapp/
ERROR: Service 'cas' failed to build: COPY failed: stat /var/lib/docker/tmp/docker-builder499900585/src/main/webapp: no such file or directory

Better way to include dependencies in the overlay

I need to copy different build.gradle to include the dependencies I want to enable on my CAS instance. Is there an easier/more reliable method to do this? Such as having the entire cas-overlay-directory/ to override and modular .gradle files. Is it possible?