Hi,
I try to setup CAS (4.0.0) with JAAS Authentication, which works fine.
For a simple authorization, I also want to include the roles of the user. How
can I achieve this with LDAP or Active Directory?
Currently I have the following configuration for jaas:
CAS {
com.sun.security.auth.module.LdapLoginModule SUFFICIENT
userProvider="ldap://myldapserver.example.com:389/dc=example,dc=com";
authIdentity="{USERNAME}@example.com"
authzIdentity="{MEMBEROF}"
userFilter="(samaccountname={USERNAME})"
useSSL=false
debug=true;
};
After successful authentication I want to send the roles of the user to CAS
clients as custom attributes (protocol version 3)
With the current configuration only the first ā€˛memberof" group will be added to
the principal. But usually there is not only one memberof attribute in the
users ldap entry.
Is there a way to get all groups with the jaas module? And how can I release
the group as an attribute with CAS?
Kind regards,
Christian
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
