Daniel, Please refer this thread for my working copy of deployerConfigContext.xml
Thanks, Daniel On Thursday, June 12, 2014 2:17:26 AM UTC+5:30, Daniel Salzedo wrote: > > Sunil, > > I am trying to do the same thing with CAS 4.0 in a lab environment. Any > chance of you posting your steps and deployer.Config.Context.xml file? > > Thanks! > Daniel. > > On Tuesday, June 3, 2014 10:51:40 AM UTC-7, Sunil Kalahasti wrote: >> >> Thanks for your information Bob. >> >> I have succeeded on integrating LDAP with CAS 4.0 some time back. I have >> used LDAP Supporting Direct Bind configuration without SSL and pooling. >> >> I would post the steps soon. >> >> Thanks, >> Sunil >> >> On Tuesday, June 3, 2014 11:13:06 PM UTC+5:30, Lapanja, Bob@POST wrote: >>> >>> I recently migrated to CAS 4.0 using LDAP. I didn’t need nor use the >>> sslConfig attribute or bean. As for the search filter, the documentation >>> uses {user} instead of %u. That’s also what I used and it worked. >>> >>> >>> >>> The only places I deviated from the documentation you linked to (for the >>> LDAP Requiring Authenticated Search section) were: >>> >>> >>> >>> 1) I didn’t use sslConfig >>> >>> >>> >>> 2) I had to set subtreeSearch to true on my >>> org.ldaptive.auth.PooledSearchDnResolver >>> >>> >>> >>> 3) Some of the properties in the xml config don’t match the properties >>> file below (e.g. ${ldap.managerDn} and ${ldap.managerPassword} in the xml, >>> but ${ldap.authn.managerDN} and ${ldap.authn.managerPassword} in the >>> properties file), so I had to verify those were all named the same thing. >>> >>> >>> >>> 4) I had to add an org.ldaptive.auth.SearchEntryResolver to >>> org.ldaptive.auth.Authenticator to handle objectGuid. >>> >>> >>> >>> 5) changed %u to {user} in my search filter. >>> >>> >>> >>> If we do not have ssl connection for ldap, is the following config >>> necessary: >>> >>> >>> >>> <bean id="connectionConfig" class="org.ldaptive.ConnectionConfig" >>> >>> p:ldapUrl="${ldap.url}" >>> >>> p:connectTimeout="${ldap.connectTimeout}" >>> >>> p:useStartTLS="${ldap.useStartTLS}" >>> >>> p:sslConfig-ref="sslConfig"/> >>> >>> >>> >>> <bean id="sslConfig" class="org.ldaptive.ssl.SslConfig"> >>> >>> <property name="credentialConfig"> >>> >>> <bean class="org.ldaptive.ssl.X509CredentialConfig" >>> >>> p:trustCertificates="${ldap.trustedCert}" /> >>> >>> </property> >>> >>> </bean> >>> >>> >>> >>> Also our ldap parameters were as following: >>> >>> >>> >>> ldap.userDn=uid=admin,ou=People,o=organization >>> >>> ldap.search.filter=uid=%u,ou=People,o=organization >>> >>> >>> >>> ldap.host.name=ldap://as1.organization.com:389 >>> >>> ldap.manager.password=password12345 >>> >>> >>> >>> Do we need any changes in ldap.userDn, ldap.search.filter values for CAS >>> 4.0? >>> >>> >>> >>> If there is any guide/document related to CAS 4.0 with ldap setup, please >>> provide reference url. >>> >>> -- >>> You are currently subscribed to cas-...@lists.jasig.org as: >>> jasig-cas-user...@googlegroups.com >>> To unsubscribe, change settings or access archives, see >>> http://www.ja-sig.org/wiki/display/JSG/cas-user >>> >>> -- >> You are currently subscribed to cas-...@lists.jasig.org as: >> cas-user-ga...@googlegroups.com >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/display/JSG/cas-user >> >> -- > You are currently subscribed to cas-...@lists.jasig.org <javascript:> as: > cas-user-ga...@googlegroups.com <javascript:> > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user