Installation#
Thanks for your interest in Casa! Follow the instructions below to spin up an instance of Casa to offer end-users self-service 2FA and more for their account(s) in your Gluu Server.
View screenshots in the User Guide.
Gluu Server pre-requirements#
Casa must be installed on the same server or VM as an operational Gluu Server 4.0 instance with at least the following components:
- Apache
- Backend database (LDAP / Couchbase / Hybrid mode)
- oxAuth
Warning
It is required your installation was configured to use a FQDN for hostname, not an IP address
In addition, make sure your instance meets the following requirements:
-
At least 1GB of additional RAM on the server or VM in addition to Gluu Server system requirements
-
Enable Dynamic Client Registration: in your Gluu Server admin UI ("oxTrust"), navigate to
Configuration>JSON Configuration>oxAuth configuration, find thedynamicRegistrationEnabledproperty, and confirm it is set totrue.Note
Dynamic client registration can be turned off after Casa installation, as needed.
Installation via Linux Packages#
Warning
If you have logged into the Gluu chroot in any console terminal, log out before proceeding.
Ubuntu 18 (bionic)#
| Command Description | Xenial Commands |
|---|---|
| Add Gluu Repository | echo "deb https://repo.gluu.org/ubuntu/ bionic main" > /etc/apt/sources.list.d/gluu-repo.list |
| Add Gluu GPG Key | curl https://repo.gluu.org/ubuntu/gluu-apt.key | apt-key add - |
| Update/Clean Repo | apt-get update |
| Install Gluu Casa | apt-get install gluu-casa |
Ubuntu 16 (xenial)#
| Command Description | Xenial Commands |
|---|---|
| Add Gluu Repository | echo "deb https://repo.gluu.org/ubuntu/ xenial main" > /etc/apt/sources.list.d/gluu-repo.list |
| Add Gluu GPG Key | curl https://repo.gluu.org/ubuntu/gluu-apt.key | apt-key add - |
| Update/Clean Repo | apt-get update |
| Install Gluu Casa | apt-get install gluu-casa |
CentOS 7#
| Command Description | CentOS 7.2 |
|---|---|
| Add Gluu Repository | wget https://repo.gluu.org/centos/Gluu-centos7.repo -O /etc/yum.repos.d/Gluu.repo |
| Add Gluu GPG Key | wget https://repo.gluu.org/centos/RPM-GPG-KEY-GLUU -O /etc/pki/rpm-gpg/RPM-GPG-KEY-GLUU |
| Import GPG Key | rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-GLUU |
| Update/Clean Repo | yum clean all |
| Install Gluu Casa | yum install gluu-casa |
RHEL 7#
| Command Description | RHEL 7 |
|---|---|
| Add Gluu Repository | wget https://repo.gluu.org/rhel/Gluu-rhel7.repo -O /etc/yum.repos.d/Gluu.repo |
| Add Gluu GPG Key | wget https://repo.gluu.org/rhel/RPM-GPG-KEY-GLUU -O /etc/pki/rpm-gpg/RPM-GPG-KEY-GLUU |
| Import GPG Key | rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-GLUU |
| Update/Clean Repo | yum clean all |
| Install Gluu Casa | yum install gluu-casa |
Debian 9 (Stretch)#
| Command Description | Stretch Commands |
|---|---|
| Add Gluu Repository | echo "deb https://repo.gluu.org/debian/ stretch main" > /etc/apt/sources.list.d/gluu-repo.list |
| Add Gluu GPG Key | curl https://repo.gluu.org/debian/gluu-apt.key | apt-key add - |
| Update/Clean Repo | apt-get update |
| Install Gluu Casa | apt-get install gluu-casa |
Run the Setup Script#
The Casa setup script, setup_casa.py, adds the application to the Gluu Server, imports required data to LDAP, and applies a number of required configurations in the Gluu Server chroot.
Log in to the Gluu Server chroot, as follows:
/sbin/gluu-serverd login
(Or service gluu-server login for Ubuntu 16).
Then cd to the setup scripts directory and run setup_casa.py:
cd /install/community-edition-setup
./setup_casa.py
Answer the setup questions as prompted. Hit Enter to accept the default value specified in square brackets, if appropriate.
Finish setup#
After answering the setup questions, your selections will be displayed with a prompt to finish installation. If everything looks good, hit Y to finish.
Upon successful installation, a confirmation message will appear that says: "Casa installation successful! Point your browser to https://<host>/casa".
Note
To change the default URL path for Casa follow the steps listed here. It is advisable to apply this customization before credentials are enrolled.
Unlocking admin features#
Recall admin capabilities are disabled by default. To unlock admin features follow these steps:
- Navigate inside chroot to
/opt/gluu/jetty/casa/ - Create an empty file named
.administrable(ie.touch .administrable) - Restart casa
- Wait a couple of minutes, then visit the URL and authenticate against Gluu to access Casa
Warning
Once you have configured, tailored, and tested your deployment thoroughly, you are strongly encouraged to remove the marker file. This will prevent problems in case a user can escalate privileges or if some administrative account is compromised.
Licensing#
A Casa installation has a 30 day trial period after which you need a license file for casa to work properly. Check this page for more details.