Good morning, FYI - I am aware I need to promote to 3.5.3, but first things first.
I forwarded this question to our support organizations for CAS and they have not come up with any explanation yet. I am hoping someone here has some insight. I have not changed the deployerConfigContext.xml file from 3.4.2.1 to 3.5.2.1. I looked over the distribution, but opted to try it as is. Our deployerConfigContext.xml file contains a component that allows expired and new users to fall through to an active directory proxy when they fail to be authenticated via straight AD LDAP. Our policies at UA expire students very quickly on some campuses so that they can not use the PC work stations. This causes issues when they come back to register for the next semester. In 3.4.2.1, I developed a nice configuration that will allow authentication through one or the other. 3.5.2.1, it only authenticates users that are not expired, i.e., it is not failing over. I have extracted the pertinent sections and placed them in a file, attached. It is a simple text file. One thing I did not do that may cause problems is that I did not denote a separate attributeRepository bean. They are identical for both straight AD and the proxy. Perhaps I should replicate them with a different name. If anyone can pinpoint a modification I should make to accommodate 3.5.2.1 quickly, I would greatly appreciate it. I very much want to move toward two-factor authentication and Casifying Shib, but need 3.5.2.1 to do that. Linda Toth University of Alaska - Office of Information Technology (OIT) - Identity and Access Management 910 Yukon Drive, Suite 103 Fairbanks, Alaska 99775 Tel: 907-450-8320 Fax: 907-450-8381 [email protected] | www.alaska.edu/oit/ -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
dcc-extract
Description: Binary data
