CAS3.0.7 + LDAP configuration -- urgent help request!!

Richard Gundersen richardgundersen at hotmail.com
Mon Apr 28 18:18:28 EDT 2008 

Hi Edward

Just seen your company name. I remember Mathematica from my uni days :)> >> I think it's in Web.xml. If you follow that guide in (1) it I meant to say WEB-INF sorry. In any case, see Scotts reply to my response because I got a few things wrong (sorry, I'm very new to CAS so take my advice with a pinch of salt). 
Because you are using a very old version of CAS, it doesn't use POM files. I doubt copying the file would help. I suspect many other configuration files are different/missing if the version is so old.

If I were you, I'd consider upgrading to the latest CAS and following the demo tutorial to set it up. It worked fine for me. (http://www.ja-sig.org/wiki/display/CASUM/Demo)

I got LDAP working too so when I get to the office I can post my config if that helps (will be tomorrow). 

I also need to get the roles working, but Scott sent a very helpful reply (you should have it). I will be trying it out tomorrow so when I get it working I will also post my solution (you may already have solved it by then though)
Regards 

Richard 


> Date: Mon, 28 Apr 2008 16:11:33 -0500
> From: edwardc at wolfram.com
> To: cas at tp.its.yale.edu
> Subject: Re: CAS3.0.7 + LDAP configuration -- urgent help request!!
> 
> Richard Gundersen wrote:
> > 2. If I want to configure CAS 3.0.7 to LDAP, I don't find porn.xml in 
> > webapps.
> > >> It's called pom.xml (not porn) and I think it's in a subdirectory 
> > under /META-INF
> I don't find pom.xml  under /META-INF but MANIFEST.MF from CAS 3.0.7. 
> May I just copy pom.xml from CAS 3.2.1 to CAS 3.0.7's /META-INF instead? 
> That will work too?
> 
> >
> >
> > 3. where should I put the following code in deployerConfigContext.xml?
> > >> I think it's in Web.xml. If you follow that guide in (1) it 
> > explains what you need to change. There a quite a few options to 
> > change, but I found if I went through each one systematically, I 
> > eventually got the config right. It helps if you have some config from 
> > something else that connects to your LDAP server (some other app) that 
> > you can look at for the correct syntax (LDAP connection syntax can 
> > vary a bit depending on which LDAP server you are using. Also, have an 
> > LDAP browser handy so you can see your directory structure. That will 
> > also help.
> 
> What I mean where to put is AuthenticatedLdapContextSource
> 
> <bean id="contextSource" class="org.jasig.cas.adaptors.ldap.util.AuthenticatedLdapContextSource">
> 	<property name="pooled" value="true"/>
> 	<property name="urls">
> 		<list>
> 			<value>ldaps://ldap.rutgers.edu/</value>
> 			<value>ldaps://ldap2.rutgers.edu/</value>
> 		</list>
> 	</property>
> 	<property name="userName" value="{bind_username_goes_here}"/>
> 	<property name="password" value="{bind_user_password_goes_here}"/>
> 	<property name="baseEnvironmentProperties">
> 		<map>
> 			<entry>
> 				<key>
> 					<value>java.naming.security.authentication</value>
> 				</key>
> 				<value>simple</value>
> 			</entry>
> 		</map>
> 	</property>
> </bean>
> 
> Please take a look at my attachment if the AuthenticatedLdapContextSource  is in the right place in my deployerConfigContext.xml
> 
> 
> >
> >
> > 4. I don't understand the following piece code from ldap
> >  
> >      <property name="userName" value="{bind_username_goes_here}"/>
> >      <property name="password" value="{bind_user_password_goes_here}"/>
> >
> > >> put your LDAP administrator username and password in there. So, 
> > whereas with MySQL you have root/mypassword, put in the corresponding 
> > values for LDAP instead. I can't remember if I kept the {} braces - 
> > they may not be required if you put the literal username/password in. 
> > Try with and without.
> 
> What I understand is
> In my deployerConfigContext.xml, I can either use LDAP or other 
> connection such as mysql. I cannot use both at the same time. So, I have 
> comment out mysql connection if I use LDAP. Please take a look at my 
> attachment. Correct me if I am wrong.
> >
> >
> > If you know how to populate roles etc into the session principal 
> > (either with MySQL or LDAP) please let me know :)
> Also, where to put  the following
> 
> <bean class="org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler">
> 	<property name="filter" value="uid=%u" />
> 	<property name="searchBase" value="ou=people,dc=rutgers,dc=edu" />
> 	<property name="contextSource" ref="contextSource" />
> </bean>
> 
> Please take a look at my attachment and see if I put in the right place?
> 
> 
> 
> I want to populate roles, please tell me how to do that?
> 
> 
> Edward
> _______________________________________________
> Yale CAS mailing list
> cas at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas

_________________________________________________________________
Search and win with BigSnapSearch.com 
http://www.bigsnapsearch.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas/attachments/20080428/d47181c6/attachment.html

More information about the cas mailing list