How could i define CAS and Application roles?

[IuriGarcia]

THere is a way to register an user in the userdetails with role association?

[mskyttner]

@shahmanash - any idea?

I can't say anything on this off the top of my head. Should we ask on the channel, see if someone somewhere else in the community has some info?

Or do we need to dive into the groovy code for these answers?

I haven't seen any docs for it but on the other hand I probably haven't looked in the right places...

The living atlases community coordinator might know?

Personally, I am interested in understanding how to integrate an external component with the CAS to get the auth. Looking for something like a best practice outline or short tutorial. I provided this as feedback to the Paris workshop survey.

[shahmanash]

The workflow is , when a normal user registers himself or herself using userdetails app, he/she has the default role ROLE_USER. If he/she need to be assigned other role, the admin user can do so from the userdetails app. On the landing page of userdetails app, there is a link Admin tools (BioAtlas administrators only) which would lead to https://auth.bioatlas.se/userdetails/admin , where you can manage user roles.

One thing that need to be done manually, is create the first System Admin user , who can actually do all the Admin tasks. To do so, you would need to assign the role manually in the database to that user.

[IuriGarcia]

Ok, An user with role ROLE_SYSTEM_ADMIN is already set ( and another one with ROLE_ADMIN). Once i did log into the CAS and clicked on the Admin tools (BioAtlas administrators only) im being redirected to https://cas.ala-hml.vertigo.com.br/userdetails/admin?ticket=ST-4-imDbbgvxZqAUohXBbAyO-cas.ala-hml.vertigo.com.br .Userdetails container shows me the log:

2019-05-10 15:38:12.043 ERROR --- [apr-8080-exec-5] org.jasig.cas.client.util.XmlUtils       : The element type "hr" must be terminated by the matching end-tag "</hr>".

org.xml.sax.SAXParseException: The element type "hr" must be terminated by the matching end-tag "</hr>".
	at org.apache.xerces.util.ErrorHandlerWrapper.createSAXParseException(Unknown Source)
	at org.apache.xerces.util.ErrorHandlerWrapper.fatalError(Unknown Source)
	at org.apache.xerces.impl.XMLErrorReporter.reportError(Unknown Source)
	at org.apache.xerces.impl.XMLErrorReporter.reportError(Unknown Source)
	at org.apache.xerces.impl.XMLErrorReporter.reportError(Unknown Source)
	at org.apache.xerces.impl.XMLScanner.reportFatalError(Unknown Source)

and

2019-05-10 15:38:12.048 ERROR --- [apr-8080-exec-5] o.s.boot.web.support.ErrorPageFilter     : Forwarding to error page from request [/admin] due to exception [org.jasig.cas.client.validation.TicketValidationException: No principal was found in the response from the CAS server.]

javax.servlet.ServletException: org.jasig.cas.client.validation.TicketValidationException: No principal was found in the response from the CAS server.
	at org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(AbstractTicketValidationFilter.java:227)
	at au.org.ala.cas.client.UriFilter.doFilter(UriFilter.java:188)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
	at org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(AuthenticationFilter.java:164)
	at au.org.ala.cas.client.UriFilter.doFilter(UriFilter.java:188)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
	at org.jasig.cas.client.session.SingleSignOutFilter.doFilter(SingleSignOutFilter.java:97)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)

[IuriGarcia]

Fixed, it was a little missconfiguration in the userdetails properties and te association with the right roles into the DB. Ty, gentlemen.