O.K. This is all a bit of a beginners question so be gentle with me.First let me say I am not really familiar with CAS, Tomcat or even Java. I seem to have (had) a working CAS server with the default simple authenticator set-up and I am trying to make it work with our LDAP server. So I have been following the LDAP Authentication Handler
instructions to set up my CAS instance to authenticate using our OpenLDAP server and am getting a little confused.
Our organisation has bought a product that supports CAS for central authentication and we are trying to produce an Intranet with SSO that accesses this product. Thus, we are looking at using CAS as our SSO technology. We already have OpenLDAP installed (although this is another area of non-expertise on my part - just don't ask why I've got this job at all!) and it is set up to be suitable for use by the FastBindLdapAdaptor, i.e. authenticate by binding to LDAP using the users credentials. Now, I see that I should have an AuthenticatedLdapContextSource bean configured but this has parameters (property) such as userName and Password. Given that these values should come from the CAS login screen what should I put here? These are all very basic questions but ones that I can't seem to figure out. Some of the mailing list archives mention similar things and then seem to say that you put the "correct" values in for userName & password. However, I think these relate to the alternative LDAP accessors where the directory is browsed either anonymously or not for the user in question before performing the authentication. Maybe I have got the wrong end of the stick altogether but I thought that using the bind directly to LDAP ought to be the simplest form of LDAP authentication. However, when username & password are mentioned I get confused. The configuration file (and some posts) mention the UsernamePasswordCredentialsToPrincipalResolver and a produced SimplePrincipal instance. Should I be making use of these and if so how? Sorry for the very basic nature of these questions but it isn't obvious to me what I should be trying to do. Thanks -- Matthew Jones Interactive Data Managed Solutions Ltd ----------------------------------------------------------------------- Registered in England Company Number 3691868 Registered Office: Suite 1101 Eagle Tower | Montpellier Drive | Cheltenham | Gloucestershire | GL50 1TA Tel: +44 (0)1242 694133 | Fax: +44 (0)1242 694109 [EMAIL PROTECTED] http://www.interactivedata-ms.com/694133
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
