We are using several production and testing moodles (1.9.x) with CAS 3.3.5
We use MS-AD for the ldap requirements, over ldaps.
Below is a dump from the configs we use (stored in the "mdl_config_plugins"
table).
It may help you with some of the settings.
(i've modified all our specifics ...)
We are running with CAS only, so in that case you need to change all user
accounts to 'cas' authentication (last update query).
Also, make sure that your underlying openssl is properly configured for the
ldap server ssl certificates; either import the signing CA public key(s), or
configure not to check (eg. when using self-signed certs on the ldap
servers)
Good luck,
Johan
---------------------
INSERT INTO `mdl_config_plugins` (`plugin`, `name`, `value`) VALUES
('auth/cas', 'removeuser', '0'),
('auth/cas', 'groupecreators', ''),
('auth/cas', 'attrcreators', ''),
('auth/cas', 'memberattribute_isdn', ''),
('auth/cas', 'memberattribute', ''),
('auth/cas', 'objectclass', ''),
('auth/cas', 'version', '3'),
('auth/cas', 'bind_pw', 'your-password'),
('auth/cas', 'bind_dn', 'cn=moodleuser,ou=your_ou,dc=yoursite,dc=edu'),
('auth/cas', 'opt_deref', '0'),
('auth/cas', 'search_sub', '1'),
('auth/cas', 'user_attribute', ''),
('auth/cas', 'user_type', 'default'),
('auth/cas', 'contexts', 'ou=web_accounts_ou,dc=yoursite,dc=edu'),
('auth/cas', 'ldapencoding', 'utf-8'),
('auth/cas', 'host_url',
'ldaps://ldap1.yoursite.edu;ldaps://ldap2.yoursite.edu'),
('auth/cas', 'multiauth', ''),
('auth/cas', 'logoutcas', '1'),
('auth/cas', 'proxycas', ''),
('auth/cas', 'language', 'english'),
('auth/cas', 'baseuri', 'cas/'),
('auth/cas', 'casversion', '2'),
('auth/cas', 'port', '443'),
('auth/cas', 'hostname', 'cas.yoursite.edu');
UPDATE `mdl_user` set `auth` = 'cas' where `auth` = 'manual';
----- Original Message -----
From: "Giuseppe Sollazzo" <[email protected]>
To: <[email protected]>
Sent: Thursday, December 17, 2009 9:32 AM
Subject: [cas-user] Apparent auth success, but authentication failed in
moodle
Hi all,
I was wondering if anyone of you could give me again a hand with
CAS/Moodle issues. I hope this is not too much off-topic.
Basically, in my setting CAS (3.3.3, over tomcat 5.5 using Apache SSL
proxying to Tomcat rather than native SSL in Tomcat, as a workaround to
certificate problems) seems to work properly, as I get the following log4j
extract:
2009-12-17 16:17:34,381 INFO
[org.jasig.cas.authentication.AuthenticationManagerImpl] -
AuthenticationHandler:
org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler successfully
authenticated the user which provided the following credentials:
[username: myUser]
2009-12-17 16:17:34,381 DEBUG
[org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver]
- Attempting to resolve a principal...
2009-12-17 16:17:34,381 DEBUG
[org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver]
- Creating SimplePrincipal for [myUser]
I can confirm it works as if I connect straight to the CAS interface, I
get the "Log in successful" message.
Nonetheless, in Moodle I get an Authentication failed message. I'm just
wondering if anyone had similar experiences. Can this possibly be related
to the properties in cas.properties? Or maybe does anyone know how to
activate logging into phpCAS/moodle?
Thanks,
--
Giuseppe Sollazzo
Systems Developer / Administrator
Computing Services
St. George's, University of London
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
