It works for SSHA password without configuration or change. Exemple for CAS 6.0.5 provided by cas-overlay-6.0 and ldap Oracle Directory Server 11.
cas.properties : # connexion au ldap sur votre serveur ldap en anonyme ############################################################################### cas.authn.ldap[0].ldapUrl=ldap://myServer.fr:389/ cas.authn.ldap[0].type=ANONYMOUS cas.authn.ldap[0].useSsl=false cas.authn.ldap[0].useStartTls=false # connexion au ldap en mode authentifié ############################################################################### #cas.authn.ldap[0].ldapUrl=ldap://myServer.fr:389/ #cas.authn.ldap[0].useSsl=false #cas.authn.ldap[0].useStartTls=false #cas.authn.ldap[0].type=AUTHENTICATED ## Identifiant pour se connecter au LDAP #cas.authn.ldap[0].bindDn=cn=Directory Manager #cas.authn.ldap[0].bindCredential=myPassword # search for cas user who try to test login connection ################################################################################ cas.authn.ldap[0].baseDn=ou=XXXXXX,ou=educ,o=gouv,c=fr cas.authn.ldap[0].subtreeSearch=true cas.authn.ldap[0].searchFilter=(&(objectClass=person)(uid={user})) #cas.authn.ldap[0].searchFilter=uid={user} #cas.authn.ldap[0].principalAttributeList=cn,givenName,mail,sn With cas-overlay-6.0 you need to copy conf : ./build.sh copy for testing when something goes wrong : cas server side : ========================================================================================= telnet yourServer.fr 389 must works ! ldapsearch -h yourLdapServer.fr -D "cn=Directory Manager" -w yourPassword -b "ou=personnels,ou=XXXXX,ou=educ,o=gouv,c=fr" uid=loginTest or anonyme connexion ldapsearch -h yourLdapServer.fr -x -b "ou=personnels,ou=XXXXX,ou=educ,o=gouv,c=fr" uid=loginTest must provide card ldap server side ================================================================================================== tcpdump -v -i eth0 -s 0 -A 'tcp dst port 389' must provide line like this (when you run ldapsearch or cas test login connection) : tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes 18:04:23.846472 IP (tos 0x0, ttl 64, id 19303, offset 0, flags [DF], proto 6, length: 60) yourCasServer.fr.59810 > yourLdapServer.ldap: S [tcp sum ok] ... if connection between cas and ldap fails : correct this lines in cas.properties : cas.authn.ldap[0].ldapUrl=ldap://myServer.fr:389/ cas.authn.ldap[0].type=ANONYMOUS cas.authn.ldap[0].useSsl=false cas.authn.ldap[0].useStartTls=false when connection between cas and ldap is ok check cas log and acces ldap log for more information ! -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/79eba53c-cc52-4f2f-968b-0ed5892738aa%40apereo.org.
