Bruno Melloni wrote: > > Hi Li, > > I hit similar difficulties trying to understand how to configure CAS > for LDAP authentication against ActiveDirectory. In the end I found it > easier to write my own Authentication Handler and plain vanilla LDAP > search code. > > You are doing the right thing by trying to use the CAS LDAP > authentication handler, as it is a much more robust answer than any > custom handler can be. But if you can’t figure out how to configure > the LDAP Authenticator properly, let me know I’d be happy to share my > code and configuration. It is very primitive, but reliable and easy to > use. > > b. > > ------------------------------------------------------------------------ > > *From:* Andrew Feller [mailto:[email protected]] > *Sent:* Friday, February 20, 2009 7:40 AM > *To:* [email protected] > *Subject:* Re: [cas-user] CAS 3 problem > > Li, > > I think this might be a misconfiguration issue. When configuring your > LDAP Context & Authentication Handler, you can set how deep beneath > the searchBase to search. If you are like the rest of us, you probably > don’t have all user entries within a single base, so you need to > configure the scope to search subtrees. Without more info, this is my > best knee jerk reaction. > > Hope it helps, > A- > > <!-- > LDAP Authentication Handler used to authenticate against Lotus Domino > Scope Values (javax.naming.directory.SearchControls): > OBJECT_SCOPE (0) > ONLEVEL_SCOPE (1) > SUBTREE_SCOPE (2) > --> > <bean > class="org.jasig.cas.authentication.handler.support.BindLdapAuthenticationHandler" > p:filter="uid=%uid" > p:searchBase="o=whatever" > p:contextSource-ref="contextSource" > * p:scope="2" > * p:timeout="120" /> > > CAS Wiki: http://www.ja-sig.org/wiki/display/CASUM/LDAP > > > > On 2/20/09 2:27 AM, "Raghu Ravi" <[email protected]> wrote: > > Hi Li, > Could you give more detail on the error, the server log will do. > > On Fri, Feb 20, 2009 at 5:55 AM, Li Zhang <[email protected]> wrote: > > Hi, > > I've installed CAS 3.3.1 server on my machine. > Now I only can use my own credentials to login. > Other persons on the same LDAP server can > not login using CAS. What could be the problem? > Is that a certificate issue ? > > > Thanks. > > Li > > > -- > Andrew Feller, Analyst > LSU University Information Services > 200 Frey Computing Services Center > Baton Rouge, LA 70803 > Office: 225.578.3737 > Fax: 225.578.6400 > > -- > > You are currently subscribed to [email protected] as: > [email protected] > > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- > You are currently subscribed to [email protected] as: [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user I did a wrong configuration in the deployconfigxontext.xml. I only search on my uid, so it only works for me. Now I changed it to search on everyone, then it works.
Thanks for everybody who responded! Li -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
