Hi Michael, I tried a couple of combinations with the following lines, but none of them worked. Every time I get "no ldap connection" error in my apache log file:
*AuthzLDAPMethod ldap AuthLDAPBindDN "o=Princeton University,c=US" AuthLDAPUrl "ldap://ldap.princeton.edu/ou=Mathematics, o=Princeton University, c=US?uid?sub?" AuthzLDAPAuthoritative off require ldap-group* The error message: *[Wed Jan 27 16:44:26 2010] [emerg] [client 128.112.85.133] cannot bind to [27482] LDAP Server as (null)/(null): -1 [Wed Jan 27 16:44:26 2010] [crit] [client 128.112.85.133] [27482] no ldap connection* Authentication works fine. But Authorization does not. Any Ideas? Thanks, Abhi. Michael J. Barton wrote: > > Abhi, > > > > Have you tried the following?: > > > > > > /AuthType CAS / > > /AuthName "CAS AuthN" / > > / / > > /AuthzLDAPMethod ldap / > > /AuthLDAPURL ldap://ldap.princeton.edu/o=Princeton University, > c=US?uid?sub?/ > > / / > > /# you will need to bind to LDAP if attributes are not visible to an > anonymous bind/ > > /#AuthLDAPBindDN cn=netid,o=Princeton University, c=US / > > /#AuthLDAPBindPassword ******** / > > / / > > /AuthzLDAPAuthoritative off / > > / / > > /# department 245 is Physics/ > > /# require ldap-attribute puhomedepartmentnumber=245/ > > /# or/ > > /# require ldap-attribute ou=Physics/ > > > > I found this information at the links listed below. I adapted the > example to use Princeton-specific information. Hope this is useful > and let me know if it proves successful. > > > > http://n4.nabble.com/mod-auth-cas-mod-authz-ldap-Active-Directory-td262065.html > > http://httpd.apache.org/docs/2.2/mod/mod_authnz_ldap.html > > > > -Michael > > > > > > > > > > > > -----Original Message----- > From: abhig [mailto:[email protected]] > Sent: Tuesday, January 26, 2010 5:52 PM > To: [email protected] > Subject: [cas-user] group authorization in CAS using LDAP > > > > Hi, > > Could someone please tell me how to implement group authorization in > CAS using LDAP? > > I need to know what directive I can use to set it in my htaccess file. > > If anyone has some working example, please share. > > Thanks, > > Abhi. > > -- > > You are currently subscribed to [email protected] as: > [email protected] > > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
