Hi Willian,
Great! It kind of worked :)
I have put this in the authenticationManager Bean:
<bean id="authenticationManager"
class="org.jasig.cas.authentication.PolicyBasedAuthenticationManager">
<constructor-arg>
<map>
<entry key-ref="proxyAuthenticationHandler"
value-ref="proxyPrincipalResolver" />
<entry key-ref="ldapAuthenticationHandler"
value="#{null}" />
<entry key-ref="fileAuthnHandler" value="#{null}" />
</map>
</constructor-arg>
And this before ldapAuthenticationHandler:
<bean id="fileAuthnHandler"
class="org.jasig.cas.adaptors.generic.FileAuthenticationHandler"
p:fileName="/etc/cas/local-users.properties" />
But now I am getting this error:
2016-09-08 16:25:21,599 INFO
[org.jasig.cas.authentication.PolicyBasedAuthenticationManager] -
<LdapAuthenticationHandler failed authenticating scott>
2016-09-08 16:25:21,599 ERROR
[org.jasig.cas.authentication.PolicyBasedAuthenticationManager] -
<FileAuthenticationHandler: IO error reading backing file (Details:
Could not open ServletContext resource [/etc/cas/local-users.properties])>
Any hint?
Cheers.
On 08/09/16 13:58, William G. Thompson, Jr. wrote:
Yes, with CAS all things are possible. :)
AuthN handlers can be changed so you can have both. Something like
this would work. You'll need to make sure your usernames don't
overlap.
<bean id="fileAuthnHandler"
class="org.jasig.cas.adaptors.generic.FileAuthenticationHandler"
p:fileName="/path/to/local-users.properties" />
<bean id="ldapAuthnHandler"
class="org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler"
p:contextSource-ref="ldapAuthContext"
/>
Also see
https://apereo.github.io/cas/4.1.x/installation/Whitelist-Authentication.html
Best,
Bill
On Thu, Sep 8, 2016 at 4:45 AM, Josep Manel Andrés <[email protected]> wrote:
Hi all,
We've got a CAS server for our systems with an LDAP backend, which works
great, but we have an special case in which an app needs to be able to login
with root account, but this is not on the LDAP.
So my question is how it's possible to combine both systems, LDAP login and
a username and password for root account only. I would like to keep it
simple.
Best regards.
--
Josep Manel Andrés ([email protected])
Operations - Barcelona Supercomputing Center
C/ Jordi Girona, 31 http://www.bsc.es
08034 Barcelona, Spain Tel: +34-93-405 42 14
e-mail: [email protected] Fax: +34-93-413 77 21
-----------------------------------------------
WARNING / LEGAL TEXT: This message is intended only for the use of the
individual or entity to which it is addressed and may contain
information which is privileged, confidential, proprietary, or exempt
from disclosure under applicable law. If you are not the intended
recipient or the person responsible for delivering the message to the
intended recipient, you are strictly prohibited from disclosing,
distributing, copying, or in any way using this message. If you have
received this communication in error, please notify the sender and
destroy and delete any copies you may have received.
http://www.bsc.es/disclaimer
--
You received this message because you are subscribed to the Google Groups
"CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an
email to [email protected].
To post to this group, send email to [email protected].
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/57D1250D.1040903%40bsc.es.
For more options, visit https://groups.google.com/a/apereo.org/d/optout.
--
Josep Manel Andrés ([email protected])
Operations - Barcelona Supercomputing Center
C/ Jordi Girona, 31 http://www.bsc.es
08034 Barcelona, Spain Tel: +34-93-405 42 14
e-mail: [email protected] Fax: +34-93-413 77 21
-----------------------------------------------
WARNING / LEGAL TEXT: This message is intended only for the use of the
individual or entity to which it is addressed and may contain
information which is privileged, confidential, proprietary, or exempt
from disclosure under applicable law. If you are not the intended
recipient or the person responsible for delivering the message to the
intended recipient, you are strictly prohibited from disclosing,
distributing, copying, or in any way using this message. If you have
received this communication in error, please notify the sender and
destroy and delete any copies you may have received.
http://www.bsc.es/disclaimer
--
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/57D17675.3040701%40bsc.es.
For more options, visit https://groups.google.com/a/apereo.org/d/optout.
