Skip to end of metadata
Go to start of metadata
Table of Contents

Requirements

1. OpenCms is authenticated by CAS + LDAP.

2. OpenCms is authorized by CAS + LDAP.

3. Support OpenCms OU.

4. CAS will search  LDAP for groups and roles when validating, not authenticating.

5. Validation URI can be customised, not /serviceValidate only.

6. Easy to extend the module to support CAS + DATABASE.

Environments

Tested in Fedora 10, OpenJDK 1.6.0, Tomcat 5.5.27, OpenCms7.0.5, CAS3.3.1, OpenLDAP 2.4.12.

Login Procedure


Module Parameters

 Module parameters for authentication handler:

 Module parameters for authorization handler:

Add a new validate servlet to CAS

Here I use /authzValidate as the new validate servlet uri for an example.

1. Add /authzValidate in $(cas_server)/WEB-INF/web.xml

2. Modify $(cas_server)/WEB-INF/cas-servlet.xml

3. Modify $(cas_server)/WEB-INF/spring-configuration/applicationContext.xml






4.Modify $(cas_server)/WEB-INF/deployerConfigContext.xml

5. Modify $(cas_server)/WEB-INF/view/jsp/protocol/2.0/casServiceValidationSuccess.jsp

6. Sample of /authzValidate response

How to get the module and the source code

The source code of cn.langhua.cas is here.

Source code of OpenCms-LDAP module:

SVN:

http://www.langhua.cn/langhua/modules/ldap/

Username:anon

Password:anon

ViewVC:

http://www.langhua.cn/viewvc/svn/modules/ldap/

Shi Yusen/Beijing Langhua Ltd.

http://langhua.org/
http://langhua.biz/
http://www.langhua.cn/

  • No labels