Greg: please note that we do NOT use CAS for authentication at our institution. WebAuth, Kerberos, Shibboleth, LDAp yes. CAS no.
For now, my concern is using LDAP for Authentication. As far as authorization, LDAP is fine, and I have that working in MH. Now, on to particulars On Oct 26, 2012, at 12:44 PM, Greg Logan <[email protected]> wrote: > Ok, you're really close, but not quite there. Your change to the ldap > bundle should work (we needed to do something similar here), but there > are at least five files which need mangling first. Take a look at the > code in the review for most of it. You'll need to manually apply the > changes since they haven't made it into 1.4 or trunk yet. > Right. As I said, I did that > 1) etc/System.properties: You'll need to enable the appropriate jars. done > 2) etc/Config.properties: Don't forget to uncomment that line! done > 3) modules/matterhorn-runmtime-dependencies/pom.xml: Adds a few > missing libraries, don't forget to rebuild this before running Matterhorn. OK, didn't do that, but the missing lines were all CAS oriented, so I didn't care about them. No matter -- I made the changes, and low and behold, Matterhorn built cleanly without -DskipTests . Go figure > 4) etc/security/mh_default_org.xml: Copying and pasting the patched > version of etc/security_sample_cas.xml overtop is correct, but you also > need to edit a couple of lines as well. Grep the file for *berkeley* > (two entries) and *localhost* (one entry). Change the berkeley > references to point at your CAS server, and the localhost entry to your > org.opencastproject.server.url value. WE HAVE NO CAS SERVER > 5) etc/factories/org.opencastproject.userdirectory.ldap.properties: > This file controls the LDAP server settings that Matterhorn connects to. > Things need to be set correctly, although the correct settings here are > a bit murkier. USask uses something similar to the configuration at the > bottom of > http://opencast.jira.com/wiki/display/MH/University+of+Saskatchewan+CAS+and+LDAP+integration > (starting with "To integrate LDAP"). Yes, this works fine. LDAP authentication does not work. > > I hope to get these changes into trunk in the next few days, but if > you're working with release candidates then they obviously won't appear > until RC4! > > G > > On 12-10-23 02:00 PM, Wesley Alan Wright wrote: >> I have 1.4RC3 up and running, and I am at the point where I am ready to >> integrate with our LDAP server. I had some hope that LDAP Authentication >> might work, based on this: >> >> http://opencast.jira.com/browse/MH-8577 >> >> >> As per above, I tried to "Review at >> http://opencast.jira.com/source/cru/CR-MH-483, specifically the >> system.properties file" . That page suggests that the MH-8577 updates didn't >> make the 1.4RC3 release. No matter, I manually edited system.properties, >> restarted Matterhorn, but no joy. No LDAP authentication. LDAP Authorization >> is OK, especially after adding this line >> >> role = role.replaceAll(" ", "_"); >> to >> /opt/matterhorn/trunk/modules/matterhorn-userdirectory-ldap/src/main/java/org/opencastproject/userdirectory/ldap/LdapUserProviderInstance.java >> >> I'm guessing something clever needs to be added to mh_default_org.xml, along >> the lines of section "18.4.5 Spring Bean Configuration" found here >> >> >> http://static.springsource.org/spring-security/site/docs/3.0.x/reference/ldap.html >> >> Just for fun, I pasted above into mh_default_org.xml, with predictable >> results >> >> Where do I go from here? >> >> On Sep 12, 2012, at 7:57 PM, Greg Logan (Commented) (JIRA) >> <[email protected]> wrote: >> >>> >>> [ >>> http://opencast.jira.com/browse/MH-8577?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=31736#comment-31736 >>> ] >>> >>> Greg Logan commented on MH-8577: >>> -------------------------------- >>> >>> Assigning over to me. I got this working over the last few days so I'll >>> update things once I get a chance. >>> >>>> LDAP Authentication >>>> ------------------- >>>> >>>> Key: MH-8577 >>>> URL: http://opencast.jira.com/browse/MH-8577 >>>> Project: Matterhorn Project >>>> Issue Type: Bug >>>> Components: Architecture & Services >>>> Affects Versions: 1.3 >>>> Reporter: Hank Magnuski >>>> Assignee: Greg Logan >>>> Priority: Critical >>>> Fix For: 1.4 >>>> >>>> >>> >>> >>> -- >>> This message is automatically generated by JIRA. >>> If you think it was sent incorrectly, please contact your JIRA >>> administrators: >>> http://opencast.jira.com/secure/ContactAdministrators!default.jspa >>> For more information on JIRA, see: http://www.atlassian.com/software/jira >>> >>> >>> _______________________________________________ >>> Matterhorn mailing list >>> [email protected] >>> http://lists.opencastproject.org/mailman/listinfo/matterhorn >>> >>> >>> To unsubscribe please email >>> [email protected] >>> _______________________________________________ >> >> ----------------------------------------------------------------------- >> | Wesley Alan Wright <mailto:[email protected]> | >> | Center for Teaching and Learning __0__ | >> | Room 407 Lafayette Building / \ | \ | >> | University of Vermont \77 | >> | Burlington, Vermont 05405-0160 USA. \\ http://www.uvm.edu/skivt-l | >> | Voice: 802-656-1254 vv | >> | aim:goim?screenname=maddogskideath http://www.uvm.edu/~waw/ | >> ----------------------------------------------------------------------- >> >> >> >> >> >> _______________________________________________ >> Matterhorn-users mailing list >> [email protected] >> http://lists.opencastproject.org/mailman/listinfo/matterhorn-users >> > > > _______________________________________________ > Matterhorn-users mailing list > [email protected] > http://lists.opencastproject.org/mailman/listinfo/matterhorn-users ----------------------------------------------------------------------- | Wesley Alan Wright <mailto:[email protected]> | | Center for Teaching and Learning __0__ | | Room 407 Lafayette Building / \ | \ | | University of Vermont \77 | | Burlington, Vermont 05405-0160 USA. \\ http://www.uvm.edu/skivt-l | | Voice: 802-656-1254 vv | | aim:goim?screenname=maddogskideath http://www.uvm.edu/~waw/ | ----------------------------------------------------------------------- _______________________________________________ Matterhorn-users mailing list [email protected] http://lists.opencastproject.org/mailman/listinfo/matterhorn-users
