David, Is there a JIRA issue to get this patch into mod_auth_cas ? (if you want to contribute it?)
Thanks Scott On Wed, Feb 10, 2010 at 11:21 AM, David Hawes <[email protected]> wrote: > On 2/9/10 6:10 PM, Vitty, Paul wrote: > ... > > Secondly, has anyone been able to get SAML release and mod_auth_cas > > to work successfully, by that I mean .htaccess files with 'require > > group student' etc, where the group information is provided by SAML > > release to mod_auth_cas? > > Attached is a patch against mod_auth_cas trunk that allows you to do > what you describe above. > > The directive: > > require group student > > would check the headers for the 'group' attribute provided by SAML and > give access if it equals 'student'. > > Note that with this patch you should use the name that was returned by > SAML, and not the name plus the CASAttributePrefix that could have been > configured. > > Also note that CASAuthNHeader must be set so the SAML attributes will be > stored in the headers. > > Finally, note that the require directives are effectively OR-ed. Any > match will give access. > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
