We have CAS Server in which it uses cas-server-webapp-3.4.10.war for Single 
Sign On and this CAS Server is integrated with a LDAP Server.

We have a Drupal site and it uses a CAS module (http://drupal.org/project/cas) 
and with this, CAS users are able to login to Drupal sites as SSO. But we are 
unable to map groups (Attributes of LDAP) as Drupal roles . So by searching 
Google we came to know that by mapping LDAP attributes to CAS we can map roles. 

So can you please help me on this in which we need to map or import LDAP 
attributes to CAS so that while login Drupal sites with CAS users it 
automatically maps LDAP groups (attributes) as Drupal roles. 

Attached my deployerConfigContext.xml and we are using linux ubuntu servers for 
LDAP and CAS.

Thanks
GeoP.C.
-- 
You are currently subscribed to [email protected] as: 
[email protected]
To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans";
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
       xmlns:p="http://www.springframework.org/schema/p";
       xmlns:sec="http://www.springframework.org/schema/security";
       xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
       http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.xsd";>
	   
	   <bean id="contextSource" class="org.springframework.ldap.core.support.LdapContextSource">
             <property name="urls">
            <list>
                <value>ldap://192.168.1.115:10389/</value>
            </list>
        </property>
        <property name="userDn" value="uid=admin,ou=system"/>
        <property name="password" value="secret"/>
        <property name="baseEnvironmentProperties">
            <map>
                <entry>
                    <key>
                        <value>java.naming.security.authentication</value>
                    </key>
                    <value>simple</value>
                </entry>
            </map>
        </property>
		</bean>
		
		<bean id="authenticationManager"
			class="org.jasig.cas.authentication.AuthenticationManagerImpl">
			<property name="credentialsToPrincipalResolvers">
				<list>
					<bean 
						class="org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver" />
					<bean
						class="org.jasig.cas.authentication.principal.HttpBasedServiceCredentialsToPrincipalResolver" />
				</list>
			</property>
			<property name="authenticationHandlers">
				<list>
					<bean class="org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler"
						p:httpClient-ref="httpClient" />
					<bean
						class="org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler">
						<property name="filter" value="uid=%u" />
						<property name="searchBase" value="cn=Engineering,ou=CitrusInformatics,dc=apacheds,dc=local" />
						<property name="contextSource" ref="contextSource" />
					</bean>
				</list>
			</property>
		</bean>
			
		<sec:user-service id="userDetailsService">
        <sec:user name="@@THIS SHOULD BE REPLACED@@" password="notused" authorities="ROLE_ADMIN" />
		</sec:user-service>
		
		<bean id="attributeRepository"
			class="org.jasig.services.persondir.support.StubPersonAttributeDao">
			<property name="backingMap">
				<map>
					<entry key="uid" value="uid" />
					<entry key="eduPersonAffiliation" value="eduPersonAffiliation" /> 
					<entry key="groupMembership" value="groupMembership" />
				</map>
			</property>
		</bean>
		
		<bean
		id="serviceRegistryDao"
        class="org.jasig.cas.services.InMemoryServiceRegistryDaoImpl">
            <property name="registeredServices">
                <list>
                    <bean class="org.jasig.cas.services.RegisteredServiceImpl">
                        <property name="id" value="0" />
                        <property name="name" value="HTTP" />
                        <property name="description" value="Only Allows HTTP Urls" />
                        <property name="serviceId" value="http://**"; />
                    </bean>

                    <bean class="org.jasig.cas.services.RegisteredServiceImpl">
                        <property name="id" value="1" />
                        <property name="name" value="HTTPS" />
                        <property name="description" value="Only Allows HTTPS Urls" />
                        <property name="serviceId" value="https://**"; />
                    </bean>

                    <bean class="org.jasig.cas.services.RegisteredServiceImpl">
                        <property name="id" value="2" />
                        <property name="name" value="IMAPS" />
                        <property name="description" value="Only Allows HTTPS Urls" />
                        <property name="serviceId" value="imaps://**" />
                    </bean>

                    <bean class="org.jasig.cas.services.RegisteredServiceImpl">
                        <property name="id" value="3" />
                        <property name="name" value="IMAP" />
                        <property name="description" value="Only Allows IMAP Urls" />
                        <property name="serviceId" value="imap://**" />
                    </bean>
                </list>
            </property>
        </bean>
	<bean id="auditTrailManager" class="com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager" />
</beans>

Reply via email to