Yes please, I would love that. I would much rather use the CAS built-in Authenticator if I can get it configured right. My trouble has been in understanding how to configure it and what it expects as parameter. A good example would help immensely.
b. ________________________________ From: Andrew Feller [mailto:[email protected]] Sent: Friday, February 20, 2009 8:17 AM To: [email protected] Subject: Re: [cas-user] CAS 3 problem Bruno, We used LDAP authentication against AD without any issues; we simply switched back to using Kerberos because it is faster and preferred by our AD admins. If you are having issues configuring this, I will be happy to send you a sample config. A- On 2/20/09 8:09 AM, "Bruno Melloni" <[email protected]> wrote: Hi Li, I hit similar difficulties trying to understand how to configure CAS for LDAP authentication against ActiveDirectory. In the end I found it easier to write my own Authentication Handler and plain vanilla LDAP search code. You are doing the right thing by trying to use the CAS LDAP authentication handler, as it is a much more robust answer than any custom handler can be. But if you can't figure out how to configure the LDAP Authenticator properly, let me know I'd be happy to share my code and configuration. It is very primitive, but reliable and easy to use. b. ________________________________ From: Andrew Feller [mailto:[email protected]]<mailto:[email protected]%5d> Sent: Friday, February 20, 2009 7:40 AM To: [email protected] Subject: Re: [cas-user] CAS 3 problem Li, I think this might be a misconfiguration issue. When configuring your LDAP Context & Authentication Handler, you can set how deep beneath the searchBase to search. If you are like the rest of us, you probably don't have all user entries within a single base, so you need to configure the scope to search subtrees. Without more info, this is my best knee jerk reaction. Hope it helps, A- <!-- LDAP Authentication Handler used to authenticate against Lotus Domino Scope Values (javax.naming.directory.SearchControls): OBJECT_SCOPE (0) ONLEVEL_SCOPE (1) SUBTREE_SCOPE (2) --> <bean class="org.jasig.cas.authentication.handler.support.BindLdapAuthenticationHandler" p:filter="uid=%uid" p:searchBase="o=whatever" p:contextSource-ref="contextSource" p:scope="2" p:timeout="120" /> CAS Wiki: http://www.ja-sig.org/wiki/display/CASUM/LDAP On 2/20/09 2:27 AM, "Raghu Ravi" <[email protected]> wrote: Hi Li, Could you give more detail on the error, the server log will do. On Fri, Feb 20, 2009 at 5:55 AM, Li Zhang <[email protected]> wrote: Hi, I've installed CAS 3.3.1 server on my machine. Now I only can use my own credentials to login. Other persons on the same LDAP server can not login using CAS. What could be the problem? Is that a certificate issue ? Thanks. Li -- Andrew Feller, Analyst LSU University Information Services 200 Frey Computing Services Center Baton Rouge, LA 70803 Office: 225.578.3737 Fax: 225.578.6400 -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
