CAS & LDAP
Michael Ströder
michael at stroeder.com
Thu Jul 24 13:24:39 EDT 2008
Matthew Jones wrote:
> We already have OpenLDAP installed (although this is another
> area of non-expertise on my part - just don't ask why I've got this job
> at all!) and it is set up to be suitable for use by the
> FastBindLdapAdaptor, i.e. authenticate by binding to LDAP using the
> users credentials.
LDAP Fast bind is a proprietary feature of MS AD. It likely won't work
with OpenLDAP.
> Now, I see that I should have an AuthenticatedLdapContextSource bean
> configured but this has parameters (property) such as userName and
> Password. Given that these values should come from the CAS login screen
> what should I put here?
These parameters are for the service user who's searching for user
entries. That's not the user name from the CAS login screen. It's a
bind-DN and the accompanying password. You need that if access control
on the LDAP server is tight and does not allow anonymous searching for
user entries (e.g. that's the default case for MS AD).
Ciao, Michael.
More information about the cas
mailing list