CAS has the ability to connect to an account store, or multiple account stores for that matter in the way its authentication managers and handlers dictate to find and authenticate users. If you have more than one, such that accounts for instance are spread across an active directory server, another ldap server, a database, etc you potentially have to specify all of them in the CAS configuration, or find a way to merge and harmonize these stores into one cohesive unit.
Additionally, if you have applications that are perhaps hosted on the cloud or somehow maintain their own account stores (such as Blackboard) in the way that ids are different from what you know and what the app knows, there will need to be a mapping defined between your account store and the app and a lookup step to find and locate the corresponding userid for the app. There's no "requirement" for ldaps, although it is certainly recommended. From: Constance Morris [mailto:cmor...@daltonstate.edu] Sent: Monday, April 15, 2013 1:33 PM To: cas-user@lists.jasig.org Subject: RE:[cas-user] CAS setup question Also, when setting up network connections why would there be a need for LDAP-over-SSL connection? From: Constance Morris [mailto:cmor...@daltonstate.edu] Sent: Monday, April 15, 2013 4:19 PM To: cas-user@lists.jasig.org Subject: [cas-user] CAS setup question We are running Luminis 4 portal and currently have active directory (AD) setup for authentication. I'm in the process of creating a CAS server and do not completely understand the connection with everything. Does the CAS server still have to connect to the LDAP in addition to then connecting to active directory for users to SSO, or can it connect just to active directory and the other resources (D2L, AdvisorTrac, etc.)? Thank you! Constance -- You are currently subscribed to cas-user@lists.jasig.org as: cmor...@daltonstate.edu To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org as: mmoay...@unicon.net To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user