CAS LDAP Auth
ann.campbell at shawinc.com
ann.campbell at shawinc.com
Thu Aug 14 08:41:22 EDT 2008
Sandor,
Be aware that even tho the page Scott mentions says that you don't need
bind credentials if you use the FastBind handler - that's only partly
true.
There are three connections in a full authentication (assuming you use
FastBind. Presumably four if you don't.) :
1) auth the user's credentials. This one is indeed made without needing a
bind account.
2) look up the principal (as specified in the
credentialsToPrincipalResolver)
3) look up the attributes (as specified in the attributeRepository) using
the principal that was found in step 2.
The second and third connections are made anonymously (does your AD allow
anonymous search?) if you have not provided a bind account. I mention this
because I banged my head against it for quite a while before figuring out
what was going on.
Ann
------
G. Ann Campbell
Systems Engineer
Shaw Industries
"Scott Battaglia" <scott.battaglia at gmail.com>
Sent by: cas-bounces at tp.its.yale.edu
08/14/2008 07:31 AM
Please respond to
Yale CAS mailing list <cas at tp.its.yale.edu>
To
"Yale CAS mailing list" <cas at tp.its.yale.edu>
cc
Subject
Re: CAS LDAP Auth
This should help:
http://www.ja-sig.org/wiki/display/CASUM/LDAP
(it also shows up as the 8th item in a Google search, which is kind of
low...anyone here a SEO-type person? ;-))
On Thu, Aug 14, 2008 at 5:21 AM, Sandor Nemeth <
sandor.nemeth.1986 at gmail.com> wrote:
Hy all,
I'm pretty new to CAS and I'm looking forward to gather some information
about connection CAS and a MS Active Directory Server.
I googled for now a couple of hours, but I could not receive any solution
about my problem. How can I ( if I can ) configure an LDAP Server in CAS?
Or if I'm not, where should I configure it?
I found users in some mailing list archives, but there are links pointing
to 404 pages. I suppose, there was a solution to my problem, but I cannot
go on as I'm not able to find the new location of these pages.
Regards,
Sandor Nemeth
_______________________________________________
Yale CAS mailing list
cas at tp.its.yale.edu
http://tp.its.yale.edu/mailman/listinfo/cas
_______________________________________________
Yale CAS mailing list
cas at tp.its.yale.edu
http://tp.its.yale.edu/mailman/listinfo/cas
**********************************************************
Privileged and/or confidential information may be contained in this message. If you are not the addressee indicated in this message (or are not responsible for delivery of this message to that person) , you may not copy or deliver this message to anyone. In such case, you should destroy this message and notify the sender by reply e-mail.
If you or your employer do not consent to Internet e-mail for messages of this kind, please advise the sender.
Shaw Industries does not provide or endorse any opinions, conclusions or other information in this message that do not relate to the official business of the company or its subsidiaries.
**********************************************************
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas/attachments/20080814/b0f61779/attachment.html
More information about the cas
mailing list