Matt Raible wrote: > I'm trying these instructions and I've gotten as far as configuring > security.xml and getting Roller started. In addition to these instructions, > I had to add casclient.jar to my WEB-INF/lib directory. > > Do you know how I can add users to CAS or how to have it read users from > LDAP?
Automatically provisioning users to both CAS and Roller will take some custom coding if you approach it the way I did. For the system I'm working on, I wrote a simple "User Registration App" that handles all user registration and provisioning and writes the necessary records to three databases: CAS, Roller and JavaBB; and wrote a new CAS authentication module to use my "CAS User" database. This keeps CAS and it's associated database as the canonical authentication db for the entire system. Strictly speaking it's not *necessary* to have three databases, as I could have written a CAS authentication module with the "knowledge" to use either the existing Roller db or JavaBB db, but I went that direction because it is more consistent with my long-term aims. But if you just "point" CAS at the roller db, then you avoid the issue of needing to provision users to extra places. But now you've made Roller the canonical system for authentication for the entire SSO domain, which may or may not be appropriate. As for getting CAS to read from LDAP, I'm not sure as I haven't tried that. If there is an existing CAS authentication module for LDAP then it should just be a case of configuring CAS appropriately. But that might be a question better asked on the CAS list. If there isn't an existing module for that, it would mean writing a new CAS authentication module. That's not hard to do, luckily. I wrote a simple one for the project I'm working on. If anybody is interested in seeing it as an example, I'll be happy to post the code. Thanks, Phil
