Re: CAS LDAP Security Autnetication method

Wed, 16 Apr 2008 16:38:51 -0700

Srikar,

The easiest thing that should work is to change "ldap:" to "ldaps:" and enable SSL on the LDAP server.  This will positively affect the performance of LDAP and CAS itself, but the effect may not be perceptible.  CAS will be sending the password to LDAP just as it does now, except over an encrypted connection.

Adam

Srikar Kummamuri wrote:

I am using Sun One LDAP with the CAS and using simple security authentication which works fine as shown bellow.

 

   <bean id="contextSource" class="org.jasig.cas.adaptors.ldap.util.AuthenticatedLdapContextSource">

                <property name="pooled" value="true"/>

                <property name="urls">

                        <list>

                                <value>ldap://10.30.12.48:7042</value>

                        </list>

                </property>

                <property name="userName" value="cn=casdevadmin"/>

                <property name="password" value="Vfr45tgB"/>

                <property name="baseEnvironmentProperties">

                        <map>

                                <entry>

                                        <key>

                                                <value>java.naming.security.authentication</value>

                                        </key>

                                        <value>simple</value>

                                </entry>

                        </map>

                </property>

        </bean>

 

 

 

But I want to use some type of encryption and tried MDS5 as follows which did not work and throwing the error “javax.naming.AuthenticationNotSupportedException: Digest-MD5”

 

 

                                        <key>

                                                <value>java.naming.security.authentication</value>

                                        </key>

                                        <value>Digest-MD5</value>

 

 

Just wondering to know if any body has got any examples for me to follow for encrypted security in deployerConfigContext.xml

 

 

..Srikar

 

From: Srikar Kummamuri
Sent: Tuesday, March 04, 2008 3:49 PM
To: '[email protected]'
Subject: RE: Remote User >From CAS client 3.1.1

 

Scott,

I am trying to get the user inside an application where I don’t have access to request. All I can do is query the CAS API to get the user. So I can not call request.getRemoteUser() and hence trying to get it from CAS.  I have seen the 2.1 version accessing the filter and getting the user directly and thought 3.1 also can get me the user form API.

 

Seems like I need to modify the CAS Client Code or generate one more class, add it to filters and get the remote user from there.

 

 

 

 

 


_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
  



begin:vcard
fn:Adam Rybicki
n:Rybicki;Adam
org:Unicon, Inc.;Professional Services
adr:Suite 113;;3140 North Arizona Avenue;Chandler;AZ;85225;United States
email;internet:[EMAIL PROTECTED]
tel;work:+1-480-558-2400
tel;home:+1-310-265-8286
tel;cell:+1-310-980-2758
x-mozilla-html:FALSE
url:http://www.unicon.net/
version:2.1
end:vcard

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas

Reply via email to