Sandor, Be aware that even tho the page Scott mentions says that you don't need bind credentials if you use the FastBind handler - that's only partly true.
There are three connections in a full authentication (assuming you use FastBind. Presumably four if you don't.) : 1) auth the user's credentials. This one is indeed made without needing a bind account. 2) look up the principal (as specified in the credentialsToPrincipalResolver) 3) look up the attributes (as specified in the attributeRepository) using the principal that was found in step 2. The second and third connections are made anonymously (does your AD allow anonymous search?) if you have not provided a bind account. I mention this because I banged my head against it for quite a while before figuring out what was going on. Ann ------ G. Ann Campbell Systems Engineer Shaw Industries "Scott Battaglia" <[EMAIL PROTECTED]> Sent by: [EMAIL PROTECTED] 08/14/2008 07:31 AM Please respond to Yale CAS mailing list <[email protected]> To "Yale CAS mailing list" <[email protected]> cc Subject Re: CAS LDAP Auth This should help: http://www.ja-sig.org/wiki/display/CASUM/LDAP (it also shows up as the 8th item in a Google search, which is kind of low...anyone here a SEO-type person? ;-)) On Thu, Aug 14, 2008 at 5:21 AM, Sandor Nemeth < [EMAIL PROTECTED]> wrote: Hy all, I'm pretty new to CAS and I'm looking forward to gather some information about connection CAS and a MS Active Directory Server. I googled for now a couple of hours, but I could not receive any solution about my problem. How can I ( if I can ) configure an LDAP Server in CAS? Or if I'm not, where should I configure it? I found users in some mailing list archives, but there are links pointing to 404 pages. I suppose, there was a solution to my problem, but I cannot go on as I'm not able to find the new location of these pages. Regards, Sandor Nemeth _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas ********************************************************** Privileged and/or confidential information may be contained in this message. If you are not the addressee indicated in this message (or are not responsible for delivery of this message to that person) , you may not copy or deliver this message to anyone. In such case, you should destroy this message and notify the sender by reply e-mail. If you or your employer do not consent to Internet e-mail for messages of this kind, please advise the sender. Shaw Industries does not provide or endorse any opinions, conclusions or other information in this message that do not relate to the official business of the company or its subsidiaries. **********************************************************
_______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
