Hello,
I have a requirement to integrate CAS signon with the windows signon such that
a user that logs into the windows workstation doesn't need to login via CAS
again. Specifically, I need to use NTLM only (I realize the issues related to
that). Looking through the wiki and I found
http://www.ja-sig.org/wiki/display/CASUM/SPNEGO. I have a few questions-
1. What version of CAS is required for NTLM support?
2. I am having a bit of trouble figuring out what part of the document is
applicable for just NTLM authentication. The document talks a lot about setting
up the Active Directory, modifying the encryption algorithm and creating the
Keytab file. Can I skip all this since it seems to pertain to Kerberos? This is
what I think needs to change for NTLM support-
a) Set up Login webflow (add 2 new states and update 2 others)
b) Add corresponding beans to cas-servlet.xml
c) Modify deployerConfigContext.xml
d) jcifsConfig Bean is required I guess. What do I do with the Kerberos related
properties?
e) login.conf? Required?
Can someone please confirm?
3. Is it possible to set up CAS such that NTLM authentication is used if
available and if not, then it falls back to the usual means of authentication?
Thank you for your time.
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
