Julien Garnier wrote: > Wath I want to do : > - automatic login if someone comes with a certificate of My own > compagnie and his mail is in my ldap server. I've troubles to set up > this authentication, cause I've some certificates errors that I can't > solve.
Can you elaborate on the problems you have? > I've read many tutorials but any of them are realy clear for me > on how to set up with my own certificate authority. First you have to import your CA cert as trusted in the Java key store. Whether it works also depends on whether your CA was correctly set up (e.g. regarding certificate profile: naming, X.509v3 extensions). YOu have to be familiar with SSL/TLS client authentication. > - If no certificate, login against the ldap server. That's possible. You have to tweak login-webflow.xml to achieve this. > But after login, how can I know what can acces this user ? For example > user1 has acces to webmail and wiki but user 2 has only acces to webmail > ... You should probably use the Services Manager to implement such application-level access control: http://www.ja-sig.org/wiki/display/CASUM/Services+Management Ciao, Michael. _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
