Sunil, I am trying to do the same thing with CAS 4.0 in a lab environment. Any chance of you posting your steps and deployer.Config.Context.xml file?
Thanks! Daniel. On Tuesday, June 3, 2014 10:51:40 AM UTC-7, Sunil Kalahasti wrote: > > Thanks for your information Bob. > > I have succeeded on integrating LDAP with CAS 4.0 some time back. I have > used LDAP Supporting Direct Bind configuration without SSL and pooling. > > I would post the steps soon. > > Thanks, > Sunil > > On Tuesday, June 3, 2014 11:13:06 PM UTC+5:30, Lapanja, Bob@POST wrote: >> >> I recently migrated to CAS 4.0 using LDAP. I didn’t need nor use the >> sslConfig attribute or bean. As for the search filter, the documentation >> uses {user} instead of %u. That’s also what I used and it worked. >> >> >> >> The only places I deviated from the documentation you linked to (for the >> LDAP Requiring Authenticated Search section) were: >> >> >> >> 1) I didn’t use sslConfig >> >> >> >> 2) I had to set subtreeSearch to true on my >> org.ldaptive.auth.PooledSearchDnResolver >> >> >> >> 3) Some of the properties in the xml config don’t match the properties >> file below (e.g. ${ldap.managerDn} and ${ldap.managerPassword} in the xml, >> but ${ldap.authn.managerDN} and ${ldap.authn.managerPassword} in the >> properties file), so I had to verify those were all named the same thing. >> >> >> >> 4) I had to add an org.ldaptive.auth.SearchEntryResolver to >> org.ldaptive.auth.Authenticator to handle objectGuid. >> >> >> >> 5) changed %u to {user} in my search filter. >> >> >> >> If we do not have ssl connection for ldap, is the following config >> necessary: >> >> >> >> <bean id="connectionConfig" class="org.ldaptive.ConnectionConfig" >> >> p:ldapUrl="${ldap.url}" >> >> p:connectTimeout="${ldap.connectTimeout}" >> >> p:useStartTLS="${ldap.useStartTLS}" >> >> p:sslConfig-ref="sslConfig"/> >> >> >> >> <bean id="sslConfig" class="org.ldaptive.ssl.SslConfig"> >> >> <property name="credentialConfig"> >> >> <bean class="org.ldaptive.ssl.X509CredentialConfig" >> >> p:trustCertificates="${ldap.trustedCert}" /> >> >> </property> >> >> </bean> >> >> >> >> Also our ldap parameters were as following: >> >> >> >> ldap.userDn=uid=admin,ou=People,o=organization >> >> ldap.search.filter=uid=%u,ou=People,o=organization >> >> >> >> ldap.host.name=ldap://as1.organization.com:389 >> >> ldap.manager.password=password12345 >> >> >> >> Do we need any changes in ldap.userDn, ldap.search.filter values for CAS 4.0? >> >> >> >> If there is any guide/document related to CAS 4.0 with ldap setup, please >> provide reference url. >> >> -- >> You are currently subscribed to cas-...@lists.jasig.org as: >> jasig-cas-user...@googlegroups.com >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/display/JSG/cas-user >> >> -- > You are currently subscribed to cas-...@lists.jasig.org <javascript:> as: > cas-user-ga...@googlegroups.com <javascript:> > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user