Hello, I (finaly) managed to make the authentication work using openLdap. I know can access my application but I have another problem : I try to get some information about the users that are stored in the LDAP, so I configured the attributeRepository to get these informations and test with 2 applications (a script using phpCAS and this demo http://www.ja-sig.org/wiki/display/CASC/JA-SIG+Java+Client+Simple+WebApp+Sample ).
One more time, the authentication is ok but it seems that attributes aren't sent by CAS. My tomcat/cas logs don't say anything bad (for the moment.) I put the content of my deployerConfigContext.xml file in the case somebody would have an idea. <!-- ######################################################################################################################################## --> <?xml version="1.0" encoding="UTF-8"?> <beans xmlns="http://www.springframework.org/schema/beans"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xmlns:p="http://www.springframework.org/schema/p"; xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd";> <bean id="authenticationManager" class="org.jasig.cas.authentication.AuthenticationManagerImpl"> <property name="credentialsToPrincipalResolvers"> <list> <bean class="org.jasig.cas.authentication.principal.CredentialsToLDAPAttributePrincipalResolver"> <!-- The Principal resolver form the credentials --> <property name="credentialsToPrincipalResolver"> <bean class="org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver" /> </property> <!-- The query made to find the Principal ID. "%u" will be replaced by the resolved Principal --> <property name="filter" value="(ENTPersonLogin=%u)" /> <!-- The attribute used to define the new Principal ID --> <property name="principalAttributeName" value="ENTPersonLogin" /> <property name="searchBase" value="ou=people,dc=ent,dc=fr" /> <property name="contextSource" ref="contextSource" /> <property name="attributeRepository" ref="attributeRepository" /> </bean> <bean class="org.jasig.cas.authentication.principal.HttpBasedServiceCredentialsToPrincipalResolver" /> </list> </property> <property name="authenticationHandlers"> <list> <bean class="org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler" p:httpClient-ref="httpClient" /> <bean class="org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler" > <property name="filter" value="ENTPersonLogin=%u" /> <property name="searchBase" value="ou=people,dc=ent,dc=fr" /> <property name="contextSource" ref="contextSource" /> </bean> </list> </property> </bean> <bean id="contextSource" class="org.springframework.ldap.core.support.LdapContextSource"> <property name="anonymousReadOnly" value="false"/> <property name="pooled" value="true"/> <property name="urls"> <list> <!--value>ldaps://localhost/</value--> <value>ldap://localhost/</value> </list> </property> <property name="userDn" value="cn=admin,dc=ent,dc=fr"/> <!-- eg uid=LdapUser,dc=yourdomain,dc=edu --> <property name="password" value="xxxxxx"/> <property name="baseEnvironmentProperties"> <map> <entry key="java.naming.security.authentication" value="simple" /> </map> </property> </bean> <bean id="userDetailsService" class="org.springframework.security.userdetails.memory.InMemoryDaoImpl"> <property name="userMap"> <value> admin=notused,ROLE_ADMIN </value> </property> </bean> <bean id="attributeRepository" class="org.jasig.services.persondir.support.ldap.LdapPersonAttributeDao"> <property name="baseDN" value="ou=people,dc=ent,dc=fr" /> <property name="contextSource" ref="contextSource" /> <property name="requireAllQueryAttributes" value="true" /> <property name="queryAttributeMapping"> <map> <entry key="username" value="ENTPersonLogin" /> <entry key="uid" value="uid" /> <entry key="displayName" value="displayName" /> <entry key="sn" value="sn" /> </map> </property> <property name="resultAttributeMapping"> <map> <entry key="givenName" value="givenName"/> <entry key="distinguishedName" value="distinguishedName" /> <entry key="sn" value="sn" /> <entry key="uid" value="uid" /> <entry key="displayName" value="displayName" /> </map> </property> </bean> <bean id="serviceRegistryDao" class="org.jasig.cas.services.InMemoryServiceRegistryDaoImpl"> <property name="registeredServices"> <list> <bean class="org.jasig.cas.services.RegisteredServiceImpl" p:id="5" p:description="App1" p:serviceId="*://*.domain.int:*/**" p:name="App1" p:theme="default" p:allowedToProxy="true" p:enabled="true" p:ssoEnabled="true" p:anonymousAccess="false"> <property name="allowedAttributes" value="sn,uid,displayName"/> </bean> </list> </property> </bean> </beans> <!-- ######################################################################################################################################## --> Thank you very much in advance. Regards Marc -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev
