It works for SSHA password without configuration or change. Exemple for CAS 6.0.5 provided by cas-overlay-6.0 and ldap Oracle Directory Server 11.
cas.properties : # connexion au ldap sur votre serveur ldap en anonyme ############################################################################### cas.authn.ldap[0].ldapUrl=ldap://myServer.fr:389/ cas.authn.ldap[0].type=ANONYMOUS cas.authn.ldap[0].useSsl=false cas.authn.ldap[0].useStartTls=false # connexion au ldap en mode authentifié ############################################################################### #cas.authn.ldap[0].ldapUrl=ldap://myServer.fr:389/ #cas.authn.ldap[0].useSsl=false #cas.authn.ldap[0].useStartTls=false #cas.authn.ldap[0].type=AUTHENTICATED ## Identifiant pour se connecter au LDAP #cas.authn.ldap[0].bindDn=cn=Directory Manager #cas.authn.ldap[0].bindCredential=myPassword # search for cas user who try to test login connection ################################################################################ cas.authn.ldap[0].baseDn=ou=XXXXXX,ou=educ,o=gouv,c=fr cas.authn.ldap[0].subtreeSearch=true cas.authn.ldap[0].searchFilter=(&(objectClass=person)(uid={user})) #cas.authn.ldap[0].searchFilter=uid={user} #cas.authn.ldap[0].principalAttributeList=cn,givenName,mail,sn With cas-overlay-6.0 you need to copy conf : ./build.sh copy for testing when something goes wrong : cas server side : ========================================================================================= telnet yourServer.fr 389 must works ! ldapsearch -h yourLdapServer.fr -D "cn=Directory Manager" -w yourPassword -b "ou=personnels,ou=XXXXX,ou=educ,o=gouv,c=fr" uid=loginTest or anonyme connexion ldapsearch -h yourLdapServer.fr -x -b "ou=personnels,ou=XXXXX,ou=educ,o=gouv,c=fr" uid=loginTest must provide card ldap server side ================================================================================================== tcpdump -v -i eth0 -s 0 -A 'tcp dst port 389' must provide line like this (when you run ldapsearch or cas test login connection) : tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes 18:04:23.846472 IP (tos 0x0, ttl 64, id 19303, offset 0, flags [DF], proto 6, length: 60) yourCasServer.fr.59810 > yourLdapServer.ldap: S [tcp sum ok] ... if connection between cas and ldap fails : correct this lines in cas.properties : cas.authn.ldap[0].ldapUrl=ldap://myServer.fr:389/ cas.authn.ldap[0].type=ANONYMOUS cas.authn.ldap[0].useSsl=false cas.authn.ldap[0].useStartTls=false when connection between cas and ldap is ok check cas log and acces ldap log for more information ! -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/79eba53c-cc52-4f2f-968b-0ed5892738aa%40apereo.org.
