CAS is not LDAP. As CAS mentioned, I just put our OFBiz-CAS component's road map here:
We'll update our OFBiz-LDAP implement to support CAS protocal 2.0 (and PersonDirectory), separate it from the LDAP part(use /serviceValidate to get user's attributes, not get it from LDAP) and authz/authn in April (next week exactly). And as we have designed a new CAS login page which may be released with CAS 4.0 in this year, we'll not use the redirect-to-cas-login-page style, we will put an iframe into OFBiz login page. See a sample design here: New CAS iframe: http://www.langhua.cn/viewvc/svn/pics/CAS/trunk/pic/jasig_styleC.jpg?view=markup The iframe part will be this version of CAS login: http://www.langhua.cn/viewvc/svn/pics/CAS/trunk/pic/jasig11.jpg?view=markup When CAS 4.0 comes out, we'll update OFBiz-CAS to support OpenID and SAML 2.0. This is the road map of OFBiz-CAS component in 2009. Enjoy it, Shi Jinghai/Langhua Opensource Foundations You're mountains, we're a valley. 在 2009-03-31二的 10:19 +0200,Jacques Le Roux写道: > Quick answer : have you had a look at > http://docs.ofbiz.org/display/OFBIZ/FAQ+-+Tips+-+Tricks+-+Cookbook+-+HowTo#FAQ-Tips-Tricks-Cookbook-HowTo-CAS > ? > > Jacques > > From: "Vince M. Clark" <[email protected]> > > It appears as though the ldap integration expects username/pw entries in > > the directory are created through an ldap client, not > > OFBiz. If this is correct that means you would have to > > > > 1. create a username/pw in the ldap directory. > > 2. create the exact same user login in OFBiz. > > 3. Upon first login the pw in the directory would over write the pw in > > OFBiz. > > > > Do I understand this correctly? > > > > I would like to have any user login that is added in OFBiz to be created in > > the directory. Also when a user changes their pw in > > OFBiz it would be updated in the directory. As far as I can tell the > > current implementation doesn't support that. > > > > If not, can anyone recommend a web based ldap client that gives users the > > ability to change a pw? I don't want them to have the > > ability to administer the directory, just manage their own pw, and maybe > > other profile information. > > > >
