[cas-user] Annoncing a new OpenCms7.0.5-CAS3.3.1-LDAP module release

Tue, 14 Apr 2009 01:57:38 -0700 

Hi list,

I'm glad to announce a new module release for OpenCms7.0.5, CAS 3.3.1
and OpenLDAP.

The module is tested in Fedora 10, Tomcat 5.5.27, MySQL 5.0.67, OpenCms
7.0.5, CAS 3.3.1, OpenLDAP 2.4.12 and OpenJDK 1.6.0.


What's new:
1. Two new authorization handler are added in this release to support
CAS or LDAP based authorization. The handlers can create/adjust a user's
groups(OU)/roles by groupOfNames(groupsOfUniqueNames)/roleOccupant or
alias.

2. CAS 2.0 protocal is supported. And when using CAS handlers, OpenCms
will not search LDAP directly anymore. This change will make it possible
for those who want to use a database for OpenCms-CAS authz/authn. The
user's information will be got from the /serviceValidate (or your
customized servlet) and attributes. The attributes can be put by
PersonDirectory or its extension.

CAS + LDAP authz & authn:
Client                  OpenCms                  CAS       LDAP
  |          a url         |                      |         |
  |----------req---------->|check permission      |         |
  |                     allowed?                  |         |
  |<---------res-----------|yes                   |         |
  |               not allowd. guest?              |         |
  |<---------res-----------|not guest             |         |
  |                a guest. has ticket?           |         |
  |                        |      to /login       |         |
  |               no ticket|---------req--------->|         |
  |<-----------------res--------------------------|         |
  |           username/password                   |         |
  |------------------req------------------------->|         |
  |                        |                      |<-authz->|
  |                        |                  logged in?    |
  |<-----------------res--------------------------|no       |
  |                        |    forward the url   |         |
  |                        |<--------res----------|yes      |
  |              a guest. has ticket?             |         |
  |                     yes|                      |         |
  |                   has CmsUser?                |         |
  |                      no|   /serviceValidate   |         |
  |                        |----------req-------->|         |
  |                        |                      |<-find-->|
  |                        |<---------res---------|         |
  |                 store user info               |         |
  |         the url        |                      |         |
  |<----------res----------|not a guest           |         |


How to get it:
You can get this module from Langhua SVN:
http://www.langhua.cn/langhua/modules/ldap/branch/opencms7.0.5-cas3.3.1-ldap/
Username: anon
Password: anon

Or ViewVC:
http://www.langhua.cn/viewvc/svn/modules/ldap/branch/opencms7.0.5-cas3.3.1-ldap/


Enjoy it,

Shi Yusen/Beijing Langhua Ltd.


-- 
You are currently subscribed to [email protected] as: 
[email protected]
To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user

Reply via email to