Thursday, March 1, 2012

CILogon and Liferay Part 3: Installing the Servlets

This is part 3 of a set of blog posts detailing a procedure for setting up CILogon to provide authentication for a Liferay Portal.

So your Servlets build successfully in Maven, right?  if not, go back and make sure they do before proceeding. Also, by now you should have either your official X509 certificate form your CA or gotten a test cert from CILogon, along with instructions on how to install it.  If not, get these before going any further.

Let's configure Tomcat:

Open up the server.xml file in Tomcat's conf folder.  Find the tag for the secure Connector port.  It may be commented out by default.  Uncomment it and edit it to look like this:

    <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
               maxThreads="150" scheme="https" secure="true"
               clientAuth="false" sslProtocol="TLS"
keystoreFile="[The path to your local keystore]"
keystorePass="[Your keystore password]" />

You should have the path and password for your keystore from the installation steps when you received the certificate.  This isn't an optional step, even for testing.  The CILogon establishes a trust before sending you to your IdP, and if it can't do that you'll go no further.

All done?  Good.  Now restart your Tomcat.

Once Tomcat is back up and running, and there are no errors related to your keystore, you can install your CILogon servlet app.  Take the war file and copy it to the /webapps folder in your Tomcat.  It will automatically hot deploy.  Watch the catalina.out file and make sure no errors arise from the installation.

Done?  Good.  On to the next step...


  1. What do you mean? In this case, we're just hot deploying the servlets into Tomcat.