Cassifying Zimbra 5: Difference between revisions

(New page: CASIFYING ZIMBRA COLLABORATION SUITE 5 This document allows guiding you in the process of cassifying Zimbra Collaboration Suite 5. Installation of the Cas Client To download the CAS Clien...)
 
(Adding Template:Unsupported and Template:Article_Footer; also adding formatting)
Line 1: Line 1:
CASIFYING ZIMBRA COLLABORATION SUITE 5
{{Unsupported}}
 
=CASIFYING ZIMBRA COLLABORATION SUITE 5=
This document allows guiding you in the process of cassifying Zimbra Collaboration Suite 5.
This document allows guiding you in the process of cassifying Zimbra Collaboration Suite 5.


Installation of the Cas Client
==Installation of the Cas Client==
To download the CAS Client Java 2.1.0 go to  
To download the CAS Client Java 2.1.0 go to  
"http://www.ja-sig.org/products/cas/downloads/"
"http://www.ja-sig.org/products/cas/downloads/"
Line 10: Line 12:
Go to the lib file in Jetty ("/opt/zimbra/jetty/common/lib") and paste the casclient jar file.
Go to the lib file in Jetty ("/opt/zimbra/jetty/common/lib") and paste the casclient jar file.


Configuration of the Server Zimbra
==Configuration of the Server Zimbra==
Edit the file "zimbra.web.xml.in" (/opt/zimbra/jetty/etc)  
Edit the file "zimbra.web.xml.in" (/opt/zimbra/jetty/etc)  
Add the following information after sections "<filter>" and "<filter-mapping>" and before the first section of "<servlet>" (by adapting them):  
Add the following information after sections "<filter>" and "<filter-mapping>" and before the first section of "<servlet>" (by adapting them):  
//A ScreenShot is missing
//A ScreenShot is missing


Generation of the SSL_Certificate with Java Keytool
==Generation of the SSL_Certificate with Java Keytool==


Important Note: It is necessary to delete the certificate if it already exists by using the following commands:
'''''Important Note:''' It is necessary to delete the certificate if it already exists by using the following commands:''
#keytool -delete -alias cas -keystore %JAVA_HOME%/jre/lib/security/cacerts
#keytool -delete -alias cas -keystore %JAVA_HOME%/jre/lib/security/cacerts
# Keytool -delete -alias cas -file server.cert  
# Keytool -delete -alias cas -file server.cert  


If you have no name of the generated certificate either that these commands do not work well, you can directly delete files ".keystore" (In the directory home of the user: "/root") and "cacerts" (In the directory "/jdk/jre/lib/security")
If you have no name of the generated certificate either that these commands do not work well, you can directly delete files ".keystore" (In the directory home of the user: "/root") and "cacerts" (In the directory "/jdk/jre/lib/security")
# rm /opt/java/jre/lib/security/cacerts  
# rm /opt/java/jre/lib/security/cacerts  
# rm /root/.keystore  
# rm /root/.keystore  




Generate the certificate by the following command:
Generate the certificate by the following command:
# keytool -genkey -alias cas -keypass changeit -keyalg RSA
# keytool -genkey -alias cas -keypass changeit -keyalg RSA
Enter ‘changeit’ for the password
Enter ‘changeit’ for the password
Answer the list of questions.  
Answer the list of questions.  
Line 33: Line 35:


Export the certificate you generated from your personal keystore by the following command:
Export the certificate you generated from your personal keystore by the following command:
# keytool -export -alias cas -keypass changeit -file server.cert  
# keytool -export -alias cas -keypass changeit -file server.cert  
Enter ‘changeit’ for the password.
Enter ‘changeit’ for the password.
//A ScreenShot is missing
//A ScreenShot is missing


Import the certificate into Java's keystore with this command:
Import the certificate into Java's keystore with this command:
# keytool -import -alias cas -file server.cert -keypass changeit -keystore %JAVA_HOME%/jre/lib/security/cacerts
# keytool -import -alias cas -file server.cert -keypass changeit -keystore %JAVA_HOME%/jre/lib/security/cacerts
Enter ‘changeit’ for the password.
Enter ‘changeit’ for the password.
Answer by 'oui' to add the certificate to the keystore.
Answer by 'oui' to add the certificate to the keystore.
Line 49: Line 51:


Compile and execute the class downloaded by the commands:
Compile and execute the class downloaded by the commands:
# javac InstallCert.java
# javac InstallCert.java
Launch the CAS Server and execute the following command:
Launch the CAS Server and execute the following command:
# java InstallCert  
# java InstallCert  
//A ScreenShot is missing
//A ScreenShot is missing


Line 61: Line 63:
Launch the Server Zimbra
Launch the Server Zimbra
Under the user "zimbra", execute the command:  
Under the user "zimbra", execute the command:  
# zmprov gdpak Domaine_Name
# zmprov gdpak Domaine_Name
(This will create a preAuthKey" as this one:
(This will create a preAuthKey" as this one:
"45a9743161d93f5c2e2194890bca9c1452e45078844ea0134e357709bf11a06f")
"45a9743161d93f5c2e2194890bca9c1452e45078844ea0134e357709bf11a06f")


Note:  
'''''Note:''' To force the execution of the command zmprov you can add the option "-f" and the command will be: zmprov gdpak -f Domaine_Name''
To force the execution of the command zmprov you can add the option "-f" and the command will be: zmprov gdpak -f Domaine_Name




Line 79: Line 80:


Restart Zimbra to identify the new "jar" and the files of configuration:  
Restart Zimbra to identify the new "jar" and the files of configuration:  
# su root
# su root
# su - zimbra
# su - zimbra
# zmcontrol stop
# zmcontrol stop
# zmcontrol start
# zmcontrol start


Test the Cassified Zimbra’s Server:
Test the Cassified Zimbra’s Server:
Line 89: Line 90:
"http://ecm.ecmteggo.tp/zimbra/preauth.jsp"
"http://ecm.ecmteggo.tp/zimbra/preauth.jsp"
If everything is set up correctly you will be redirected to the CAS server’s login screen.[[Image:Example.jpg]]
If everything is set up correctly you will be redirected to the CAS server’s login screen.[[Image:Example.jpg]]
{{Article_Footer|unknown|3/18/2008}}

Revision as of 01:17, 19 March 2008


CASIFYING ZIMBRA COLLABORATION SUITE 5

This document allows guiding you in the process of cassifying Zimbra Collaboration Suite 5.

Installation of the Cas Client

To download the CAS Client Java 2.1.0 go to "http://www.ja-sig.org/products/cas/downloads/" Uncompresse the downloaded file: # tar xzvf cas-client-java-2.1.0.tar.gz Navigate to the casclient jar file ("/cas-client-java-2.1.0 /dist") and copy the file "casclient.jar" Go to the lib file in Jetty ("/opt/zimbra/jetty/common/lib") and paste the casclient jar file.

Configuration of the Server Zimbra

Edit the file "zimbra.web.xml.in" (/opt/zimbra/jetty/etc) Add the following information after sections "<filter>" and "<filter-mapping>" and before the first section of "<servlet>" (by adapting them): //A ScreenShot is missing

Generation of the SSL_Certificate with Java Keytool

Important Note: It is necessary to delete the certificate if it already exists by using the following commands:

#keytool -delete -alias cas -keystore %JAVA_HOME%/jre/lib/security/cacerts
# Keytool -delete -alias cas -file server.cert 

If you have no name of the generated certificate either that these commands do not work well, you can directly delete files ".keystore" (In the directory home of the user: "/root") and "cacerts" (In the directory "/jdk/jre/lib/security")

# rm /opt/java/jre/lib/security/cacerts 
# rm /root/.keystore 


Generate the certificate by the following command:

# keytool -genkey -alias cas -keypass changeit -keyalg RSA

Enter ‘changeit’ for the password Answer the list of questions. //A ScreenShot is missing

Export the certificate you generated from your personal keystore by the following command:

# keytool -export -alias cas -keypass changeit -file server.cert 

Enter ‘changeit’ for the password. //A ScreenShot is missing

Import the certificate into Java's keystore with this command:

# keytool -import -alias cas -file server.cert -keypass changeit -keystore %JAVA_HOME%/jre/lib/security/cacerts

Enter ‘changeit’ for the password. Answer by 'oui' to add the certificate to the keystore. //A ScreenShot is missing

Validation of the Certificate: Download the class "InstallCert.java" from the link: "http://blogs.sun.com/andreas/resource/InstallCert.java" (Attachements) Add the modifications put in fat by adapting them: //A ScreenShot is missing

Compile and execute the class downloaded by the commands:

# javac InstallCert.java

Launch the CAS Server and execute the following command:

# java InstallCert 

//A ScreenShot is missing


Answer the composed question by typing "Enter" //A ScreenShot is missing

Execute the zmprov command: Launch the Server Zimbra Under the user "zimbra", execute the command:

# zmprov gdpak Domaine_Name

(This will create a preAuthKey" as this one: "45a9743161d93f5c2e2194890bca9c1452e45078844ea0134e357709bf11a06f")

Note: To force the execution of the command zmprov you can add the option "-f" and the command will be: zmprov gdpak -f Domaine_Name


Configure the page "preauth.jsp" (Attachements): Under the user "root", copy the page "preauth.jsp" in the directory: "/opt/zimbra/jetty/webapps/zimbra" Replace the "DOMAIN_KEY" with the key which you produced with the "zmprov" in the previous stage. //A ScreenShot is missing


Modify the following lines towards the end of the JSP page, by substituting "domaine-name" by your domain: //A ScreenShot is missing

Restart Zimbra to identify the new "jar" and the files of configuration:

# su root
# su - zimbra
# zmcontrol stop
# zmcontrol start

Test the Cassified Zimbra’s Server: Lunch the CAS server Launch Zimbra in the Web browser with the url "http://ecm.ecmteggo.tp/zimbra/preauth.jsp" If everything is set up correctly you will be redirected to the CAS server’s login screen.File:Example.jpg

Verified Against: unknown Date Created: 3/18/2008
Article ID: https://wiki.zimbra.com/index.php?title=Cassifying_Zimbra_5 Date Modified: 2008-03-19



Try Zimbra

Try Zimbra Collaboration with a 60-day free trial.
Get it now »

Want to get involved?

You can contribute in the Community, Wiki, Code, or development of Zimlets.
Find out more. »

Looking for a Video?

Visit our YouTube channel to get the latest webinars, technology news, product overviews, and so much more.
Go to the YouTube channel »


Jump to: navigation, search