CAS and Authorization
Chris
c.naslain at lectra.com
Fri Mar 7 10:44:47 EST 2008
Hi,
I have CAS-sified several websites by this method. It works very fine
and you can set different .htaccess for each websites with a different
LDAP group requirement. You can also ask for several groups (mod ldap is
not yet recursive).
Example with an ADAM server syncing 3 Active Directory servers:
#--- CAS Authentication
AuthType CAS
AuthName "CAS Authentication"
AuthLDAPURL ldap://ldap.company.com:389/OU=Users,DC=company,DC=com?uid?sub?
AuthLDAPBindDN CN=reader,OU=OU=Users,DC=company,DC=com
AuthLDAPBindPassword ******
AuthzLDAPAuthoritative off
require ldap-group CN=OU=Grp1,OU=Groups,DC=company,DC=com
require ldap-group CN=OU=Grp2,OU=Groups,DC=company,DC=com
require ldap-group CN=OU=Grp3,OU=Groups,DC=company,DC=com
Very efficient! ... but only with Apache 2.2.
Best,
Chris
More information about the cas
mailing list