Christian -
I am trying to fill in the fields to configure CAS in Geoserver.
When I save the configuration and move CAS up to the top in the filter
list, I am not seeing any authentication behavior when I, for example,
preview layers.
Here are the values I am entering
for 'CAS server URL including context root' --> https://{our
cas server}/cas
for 'Service' --> I put in https://{our geoserver server,
with https port and geoserver context root}. Should this have a WMS or
WFS service name?
for 'Proxy callback URL' --> https://{our geoserver server,
with https port and geoserver context root}. Is this right?
All of the above 'test' okay, but I'm not sure what that means.
for 'Role source' --> I chose 'Role service' and 'default'
but I am not sure about this either.
Am I doing this right?
Garey Mills
On 8/29/2012 2:00 AM, [email protected] wrote:
> Hi Garey
>
> This should work out of the box since the code uses the CAS 2.0 URI
>
> proxyValidate
>
> According to the spec, this URI does the same as serviceValidate and
> validates proxy tickets additionally.
>
> I think there is no need to change your configuration. Please try and
> inform me about the result.
>
> Christian
>
> Zitat von Garey Mills <[email protected]>:
>
>> Christian -
>>
>> I have another question. I am setting up a Geoserver to use CAS
>> proxy tickets. But I also want to access the same layers in a protected
>> manner from OpenLayers. As far as I can see, that would require regular
>> CAS tickets. Can I use CAS proxy tickets and regular CAS tickets to
>> access content in the same Geoserver?
>>
>> Garey
>>
>> On 6/26/2012 2:27 AM, [email protected] wrote:
>>> Hi Garey
>>>
>>> I think we should stay on the user mailing list, this could be of
>>> interest for other users too.
>>>
>>> Regular CAS tickets are making sense if you want to authenticate to
>>> the GeoServer GUI. The core code is already finished but you
>>> cannot configure this scenario on the GUI. At the moment I have to
>>> wait until 2.2.0 is released.
>>>
>>> CAS is the first Single Sign-On / Single Log-Out mechanism
>>> introduced to GeoServer. I want to have an additional look at OpenID
>>> and OAuth to find the best solution for GUI integration.
>>>
>>> To answer your question, yes, there will be support for regular CAS
>>> tickets, but I cannot tell you a point in time at this moment.
>>>
>>> Christian
>>>
>>>
>>>
>>> Zitat von [email protected]:
>>>
>>>> Thank you Christian.
>>>>
>>>> I do have another question. Will Geoserver be able to handle
>>>> regular
>>>> CAS tickets, and not just proxy tickets?
>>>>
>>>> Garey
>>>>
>>>>> Hi Garey
>>>>>
>>>>> Yes, the changes are in trunk. I think the 2.2.0 RC-1 will appear
>>>>> during next week, the team is currently working on it.
>>>>>
>>>>> Since the security subsystem is brand new for 2.2.x, I am still
>>>>> working on the documentation. There will be a tutorial how to
>>>>> configure digest authentication, CAS proxy auth is pretty much the
>>>>> same.
>>>>>
>>>>> Christian
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> Zitat von Garey Mills <[email protected]>:
>>>>>
>>>>>> Christian -
>>>>>>
>>>>>> And I guess that I should also ask: are these changes in trunk?
>>>>>>
>>>>>> Garey
>>>>>>
>>>>>>
>>>>>> On 6/22/2012 12:52 AM, [email protected] wrote:
>>>>>>> Hi Garey
>>>>>>>
>>>>>>> There will be a Geoserver version 2.2.0-RC1 soon. I do not know
>>>>>>> about your CAS architecture, but if you can manage to send CAS
>>>>>>> proxy tickets to Geoserver OGC services, this will work.
>>>>>>>
>>>>>>> If you want to login into the Geoserver GUI using CAS, work is
>>>>>>> still in progress. The authentication filter is there but GUI
>>>>>>> integration is still missing.
>>>>>>>
>>>>>>> Which kind of CAS tickets do you use ?
>>>>>>>
>>>>>>>
>>>>>>> Zitat von garey <[email protected]>:
>>>>>>>
>>>>>>>> Christian -
>>>>>>>>
>>>>>>>> Did you get any further with integrating CAS and Geoserver?
>>>>>>>>
>>>>>>>> Garey Mills
>>>>>>>>
>>>>>>>> --
>>>>>>>> View this message in context:
>>>>>>>> http://osgeo-org.1560.n6.nabble.com/Using-CAS-an-option-with-Geoserver-tp3790236p4983114.html
>>>>>>>>
>>>>>>>> Sent from the GeoServer - User mailing list archive at
>>>>>>>> Nabble.com.
>>>>>>>>
>>>>>>>> ------------------------------------------------------------------------------
>>>>>>>>
>>>>>>>> Live Security Virtual
>>>>>>>> Conference
>>>>>>>> Exclusive live event will cover all the ways today's security and
>>>>>>>> threat landscape has changed and how IT managers can respond.
>>>>>>>> Discussions
>>>>>>>> will include endpoint security, mobile security and the latest in
>>>>>>>> malware
>>>>>>>> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
>>>>>>>> _______________________________________________
>>>>>>>> Geoserver-users mailing list
>>>>>>>> [email protected]
>>>>>>>> https://lists.sourceforge.net/lists/listinfo/geoserver-users
>>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> ----------------------------------------------------------------
>>>>>>> This message was sent using IMP, the Internet Messaging Program.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>
>>>>>> --
>>>>>> Garey Mills
>>>>>> Library Systems Office
>>>>>> UC Berkeley
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>
>>>>>
>>>>>
>>>>> ----------------------------------------------------------------
>>>>> This message was sent using IMP, the Internet Messaging Program.
>>>>>
>>>>>
>>>>>
>>>>
>>>>
>>>>
>>>
>>>
>>>
>>> ----------------------------------------------------------------
>>> This message was sent using IMP, the Internet Messaging Program.
>>>
>>>
>>>
>>
>> --
>> Garey Mills
>> Library Systems Office
>> UC Berkeley
>>
>>
>
>
>
> ----------------------------------------------------------------
> This message was sent using IMP, the Internet Messaging Program.
>
>
>
--
Garey Mills
Library Systems Office
UC Berkeley
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Geoserver-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/geoserver-users
