Re: [cas-user] CAS 4.0 : Apache LDAP authentication
Daniel,
Please refer this thread for my working copy of deployerConfigContext.xml
Thanks,
Daniel
On Thursday, June 12, 2014 2:17:26 AM UTC+5:30, Daniel Salzedo wrote:
Sunil,
I am trying to do the same thing with CAS 4.0 in a lab environment. Any
chance of you posting your steps and deployer.Config.Context.xml file?
Thanks!
Daniel.
On Tuesday, June 3, 2014 10:51:40 AM UTC-7, Sunil Kalahasti wrote:
Thanks for your information Bob.
I have succeeded on integrating LDAP with CAS 4.0 some time back. I have
used LDAP Supporting Direct Bind configuration without SSL and pooling.
I would post the steps soon.
Thanks,
Sunil
On Tuesday, June 3, 2014 11:13:06 PM UTC+5:30, Lapanja, Bob@POST wrote:
I recently migrated to CAS 4.0 using LDAP. I didn’t need nor use the
sslConfig attribute or bean. As for the search filter, the documentation
uses {user} instead of %u. That’s also what I used and it worked.
The only places I deviated from the documentation you linked to (for the
LDAP Requiring Authenticated Search section) were:
1) I didn’t use sslConfig
2) I had to set subtreeSearch to true on my
org.ldaptive.auth.PooledSearchDnResolver
3) Some of the properties in the xml config don’t match the properties
file below (e.g. ${ldap.managerDn} and ${ldap.managerPassword} in the xml,
but ${ldap.authn.managerDN} and ${ldap.authn.managerPassword} in the
properties file), so I had to verify those were all named the same thing.
4) I had to add an org.ldaptive.auth.SearchEntryResolver to
org.ldaptive.auth.Authenticator to handle objectGuid.
5) changed %u to {user} in my search filter.
If we do not have ssl connection for ldap, is the following config
necessary:
bean id=connectionConfig class=org.ldaptive.ConnectionConfig
p:ldapUrl=${ldap.url}
p:connectTimeout=${ldap.connectTimeout}
p:useStartTLS=${ldap.useStartTLS}
p:sslConfig-ref=sslConfig/
bean id=sslConfig class=org.ldaptive.ssl.SslConfig
property name=credentialConfig
bean class=org.ldaptive.ssl.X509CredentialConfig
p:trustCertificates=${ldap.trustedCert} /
/property
/bean
Also our ldap parameters were as following:
ldap.userDn=uid=admin,ou=People,o=organization
ldap.search.filter=uid=%u,ou=People,o=organization
ldap.host.name=ldap://as1.organization.com:389
ldap.manager.password=password12345
Do we need any changes in ldap.userDn, ldap.search.filter values for CAS
4.0?
If there is any guide/document related to CAS 4.0 with ldap setup, please
provide reference url.
--
You are currently subscribed to cas-...@lists.jasig.org as:
jasig-cas-user...@googlegroups.com
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
--
You are currently subscribed to cas-...@lists.jasig.org as:
cas-user-ga...@googlegroups.com
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
--
You are currently subscribed to cas-...@lists.jasig.org javascript: as:
cas-user-ga...@googlegroups.com javascript:
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
--
You are currently subscribed to cas-user@lists.jasig.org as:
arch...@mail-archive.com
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
Re: [cas-user] CAS 4.0 : Apache LDAP authentication
Daniel,
Please refer this thread for working copy of my deployerConfifContext.xml;:
https://groups.google.com/forum/#!topic/jasig-cas-user/vuQa4ZOuL4U
Thanks,
Sunil
On Thursday, June 12, 2014 2:17:26 AM UTC+5:30, Daniel Salzedo wrote:
Sunil,
I am trying to do the same thing with CAS 4.0 in a lab environment. Any
chance of you posting your steps and deployer.Config.Context.xml file?
Thanks!
Daniel.
On Tuesday, June 3, 2014 10:51:40 AM UTC-7, Sunil Kalahasti wrote:
Thanks for your information Bob.
I have succeeded on integrating LDAP with CAS 4.0 some time back. I have
used LDAP Supporting Direct Bind configuration without SSL and pooling.
I would post the steps soon.
Thanks,
Sunil
On Tuesday, June 3, 2014 11:13:06 PM UTC+5:30, Lapanja, Bob@POST wrote:
I recently migrated to CAS 4.0 using LDAP. I didn’t need nor use the
sslConfig attribute or bean. As for the search filter, the documentation
uses {user} instead of %u. That’s also what I used and it worked.
The only places I deviated from the documentation you linked to (for the
LDAP Requiring Authenticated Search section) were:
1) I didn’t use sslConfig
2) I had to set subtreeSearch to true on my
org.ldaptive.auth.PooledSearchDnResolver
3) Some of the properties in the xml config don’t match the properties
file below (e.g. ${ldap.managerDn} and ${ldap.managerPassword} in the xml,
but ${ldap.authn.managerDN} and ${ldap.authn.managerPassword} in the
properties file), so I had to verify those were all named the same thing.
4) I had to add an org.ldaptive.auth.SearchEntryResolver to
org.ldaptive.auth.Authenticator to handle objectGuid.
5) changed %u to {user} in my search filter.
If we do not have ssl connection for ldap, is the following config
necessary:
bean id=connectionConfig class=org.ldaptive.ConnectionConfig
p:ldapUrl=${ldap.url}
p:connectTimeout=${ldap.connectTimeout}
p:useStartTLS=${ldap.useStartTLS}
p:sslConfig-ref=sslConfig/
bean id=sslConfig class=org.ldaptive.ssl.SslConfig
property name=credentialConfig
bean class=org.ldaptive.ssl.X509CredentialConfig
p:trustCertificates=${ldap.trustedCert} /
/property
/bean
Also our ldap parameters were as following:
ldap.userDn=uid=admin,ou=People,o=organization
ldap.search.filter=uid=%u,ou=People,o=organization
ldap.host.name=ldap://as1.organization.com:389
ldap.manager.password=password12345
Do we need any changes in ldap.userDn, ldap.search.filter values for CAS
4.0?
If there is any guide/document related to CAS 4.0 with ldap setup, please
provide reference url.
--
You are currently subscribed to cas-...@lists.jasig.org as:
jasig-cas-user...@googlegroups.com
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
--
You are currently subscribed to cas-...@lists.jasig.org as:
cas-user-ga...@googlegroups.com
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
--
You are currently subscribed to cas-...@lists.jasig.org javascript: as:
cas-user-ga...@googlegroups.com javascript:
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
--
You are currently subscribed to cas-user@lists.jasig.org as:
arch...@mail-archive.com
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
Re: [cas-user] CAS 4.0 : Apache LDAP authentication
Sunil,
I am trying to do the same thing with CAS 4.0 in a lab environment. Any
chance of you posting your steps and deployer.Config.Context.xml file?
Thanks!
Daniel.
On Tuesday, June 3, 2014 10:51:40 AM UTC-7, Sunil Kalahasti wrote:
Thanks for your information Bob.
I have succeeded on integrating LDAP with CAS 4.0 some time back. I have
used LDAP Supporting Direct Bind configuration without SSL and pooling.
I would post the steps soon.
Thanks,
Sunil
On Tuesday, June 3, 2014 11:13:06 PM UTC+5:30, Lapanja, Bob@POST wrote:
I recently migrated to CAS 4.0 using LDAP. I didn’t need nor use the
sslConfig attribute or bean. As for the search filter, the documentation
uses {user} instead of %u. That’s also what I used and it worked.
The only places I deviated from the documentation you linked to (for the
LDAP Requiring Authenticated Search section) were:
1) I didn’t use sslConfig
2) I had to set subtreeSearch to true on my
org.ldaptive.auth.PooledSearchDnResolver
3) Some of the properties in the xml config don’t match the properties
file below (e.g. ${ldap.managerDn} and ${ldap.managerPassword} in the xml,
but ${ldap.authn.managerDN} and ${ldap.authn.managerPassword} in the
properties file), so I had to verify those were all named the same thing.
4) I had to add an org.ldaptive.auth.SearchEntryResolver to
org.ldaptive.auth.Authenticator to handle objectGuid.
5) changed %u to {user} in my search filter.
If we do not have ssl connection for ldap, is the following config
necessary:
bean id=connectionConfig class=org.ldaptive.ConnectionConfig
p:ldapUrl=${ldap.url}
p:connectTimeout=${ldap.connectTimeout}
p:useStartTLS=${ldap.useStartTLS}
p:sslConfig-ref=sslConfig/
bean id=sslConfig class=org.ldaptive.ssl.SslConfig
property name=credentialConfig
bean class=org.ldaptive.ssl.X509CredentialConfig
p:trustCertificates=${ldap.trustedCert} /
/property
/bean
Also our ldap parameters were as following:
ldap.userDn=uid=admin,ou=People,o=organization
ldap.search.filter=uid=%u,ou=People,o=organization
ldap.host.name=ldap://as1.organization.com:389
ldap.manager.password=password12345
Do we need any changes in ldap.userDn, ldap.search.filter values for CAS 4.0?
If there is any guide/document related to CAS 4.0 with ldap setup, please
provide reference url.
--
You are currently subscribed to cas-...@lists.jasig.org as:
jasig-cas-user...@googlegroups.com
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
--
You are currently subscribed to cas-...@lists.jasig.org javascript: as:
cas-user-ga...@googlegroups.com javascript:
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
--
You are currently subscribed to cas-user@lists.jasig.org as:
arch...@mail-archive.com
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
RE: [cas-user] CAS 4.0 : Apache LDAP authentication
I recently migrated to CAS 4.0 using LDAP. I didn’t need nor use the sslConfig
attribute or bean. As for the search filter, the documentation uses {user}
instead of %u. That’s also what I used and it worked.
The only places I deviated from the documentation you linked to (for the LDAP
Requiring Authenticated Search section) were:
1) I didn’t use sslConfig
2) I had to set subtreeSearch to true on my
org.ldaptive.auth.PooledSearchDnResolver
3) Some of the properties in the xml config don’t match the properties file
below (e.g. ${ldap.managerDn} and ${ldap.managerPassword} in the xml, but
${ldap.authn.managerDN} and ${ldap.authn.managerPassword} in the properties
file), so I had to verify those were all named the same thing.
4) I had to add an org.ldaptive.auth.SearchEntryResolver to
org.ldaptive.auth.Authenticator to handle objectGuid.
5) changed %u to {user} in my search filter.
If we do not have ssl connection for ldap, is the following config necessary:
bean id=connectionConfig class=org.ldaptive.ConnectionConfig
p:ldapUrl=${ldap.url}
p:connectTimeout=${ldap.connectTimeout}
p:useStartTLS=${ldap.useStartTLS}
p:sslConfig-ref=sslConfig/
bean id=sslConfig class=org.ldaptive.ssl.SslConfig
property name=credentialConfig
bean class=org.ldaptive.ssl.X509CredentialConfig
p:trustCertificates=${ldap.trustedCert} /
/property
/bean
Also our ldap parameters were as following:
ldap.userDn=uid=admin,ou=People,o=organization
ldap.search.filter=uid=%u,ou=People,o=organization
ldap.host.name=ldap://as1.organization.com:389
ldap.manager.password=password12345
Do we need any changes in ldap.userDn, ldap.search.filter values for CAS 4.0?
If there is any guide/document related to CAS 4.0 with ldap setup, please
provide reference url.
--
You are currently subscribed to cas-user@lists.jasig.org as:
arch...@mail-archive.com
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
Re: [cas-user] CAS 4.0 : Apache LDAP authentication
Thanks for your information Bob.
I have succeeded on integrating LDAP with CAS 4.0 some time back. I have
used LDAP Supporting Direct Bind configuration without SSL and pooling.
I would post the steps soon.
Thanks,
Sunil
On Tuesday, June 3, 2014 11:13:06 PM UTC+5:30, Lapanja, Bob@POST wrote:
I recently migrated to CAS 4.0 using LDAP. I didn’t need nor use the
sslConfig attribute or bean. As for the search filter, the documentation
uses {user} instead of %u. That’s also what I used and it worked.
The only places I deviated from the documentation you linked to (for the
LDAP Requiring Authenticated Search section) were:
1) I didn’t use sslConfig
2) I had to set subtreeSearch to true on my
org.ldaptive.auth.PooledSearchDnResolver
3) Some of the properties in the xml config don’t match the properties
file below (e.g. ${ldap.managerDn} and ${ldap.managerPassword} in the xml,
but ${ldap.authn.managerDN} and ${ldap.authn.managerPassword} in the
properties file), so I had to verify those were all named the same thing.
4) I had to add an org.ldaptive.auth.SearchEntryResolver to
org.ldaptive.auth.Authenticator to handle objectGuid.
5) changed %u to {user} in my search filter.
If we do not have ssl connection for ldap, is the following config
necessary:
bean id=connectionConfig class=org.ldaptive.ConnectionConfig
p:ldapUrl=${ldap.url}
p:connectTimeout=${ldap.connectTimeout}
p:useStartTLS=${ldap.useStartTLS}
p:sslConfig-ref=sslConfig/
bean id=sslConfig class=org.ldaptive.ssl.SslConfig
property name=credentialConfig
bean class=org.ldaptive.ssl.X509CredentialConfig
p:trustCertificates=${ldap.trustedCert} /
/property
/bean
Also our ldap parameters were as following:
ldap.userDn=uid=admin,ou=People,o=organization
ldap.search.filter=uid=%u,ou=People,o=organization
ldap.host.name=ldap://as1.organization.com:389
ldap.manager.password=password12345
Do we need any changes in ldap.userDn, ldap.search.filter values for CAS 4.0?
If there is any guide/document related to CAS 4.0 with ldap setup, please
provide reference url.
--
You are currently subscribed to cas-...@lists.jasig.org javascript: as:
jasig-cas-user...@googlegroups.com javascript:
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
--
You are currently subscribed to cas-user@lists.jasig.org as:
arch...@mail-archive.com
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
