The goal is to enable OpenClinica to participate in single sign-on with the CCTS suite, while preserving the authorization/permissions that are configured in OpenClinica.
Usage
Users must be entered in the GAARDS utility, the grid identity must be entered in the OpenClinica database, and corresponding roles assigned to the grid identity.
Prerequisites
A working CCTS installation.
A working OpenClinica installation.
Build Steps
JDK 1.5 or greater, ant 1.6.x or greater installed. A working OpenClinica installation
Download soulwing cas client v 0.5.3.
Unzip soulwing websso package to <SW-WEBSSO>.
Copy the following dependencies from soulwing cas client into <SW-WEBSSO>/lib: catalina.jar, commons-logging.jar, servlet-api.jar, soulwing-casclient-0.5.3.jar, soulwing-casclient-tomcat-ext-0.5.3.jar
Run the following command to build: ant dist.
Configuring the OpenClinica
Configuration steps:
Generate the certificate and key for the OpenClinica server with the GAARDS utility, refer to the CCTS 1.1 installation guide.
Add an entry similar to Appendix A to the <CATALINA_HOME>/conf/server.xml, refer to the tomcat SSL documentation for more information.
Perform step 7 "Establish trust with WebSSO CAS Server" of the webSSO developers guide which can be found at WebSSO 1.2. Developers Guide.
Follow soulwing client directions at http://www.soulwing.org/tomcat-cas.jsp with the following modifications, and remember to change the login-config entry in the web.xml to <auth-method>CAS</auth-method>
In the "Install library JAR files" sections, add the following jar copies:
uams-soulwing-casclient.jar to <CATALINA_HOME>/common/lib
uams-soulwing-websso-casclient-tomcat-ext.jar to <CATALINA_HOME>/server/lib
In the "Augment Tomcat's default authenticators" section replace CAS=org.soulwing.cas.apps.tomcat.CasAuthenticator with CAS=edu.uams.soulwing.cas.apps.tomcat.CasAuthenticator
In the "Configure a resource Valve" section, the entry should be as in Appendix B
Add the servlet entry listed in Appendix C to the OpenClinica web.xml
The grid ID an their role assignments must be added to the OpenClinica web.xml
Appendix A
SSL ENTRY FOR <CATALINA_HOME>/CONF/SERVER.XML:
Below is the section in the file called server.xml that configures tomcat for SSL. This file it located in CATALINA_HOME/conf directory
<!-- Define a SSL Coyote HTTP/1.1 Connector on relevant port -->
<Connector port="8443" maxHttpHeaderSize="8192"
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" disableUploadTimeout="true"
acceptCount="100" debug="0" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
keystoreFile="C:\yourkeystoredirectory\webSSOKeystore"
keystorePass="webSSOkeystorePasswd" />
Appendix B
SOULWING VALVE ENTRY
The soulwing instructions for the valve entry are slightly incorrect - below is the correct entry. This entry is in server.xml located in CATALINA_HOME/conf directory
Administration
