Differences
This shows you the differences between two versions of the page.
— |
documentation:2.1:authcas [2019/04/10 22:22] (current) |
||
---|---|---|---|
Line 1: | Line 1: | ||
+ | ====== CAS====== | ||
+ | |||
+ | ^Authentication ^ Users ^ Password ^ | ||
+ | | ✔ | | | | ||
+ | |||
+ | ===== Presentation ===== | ||
+ | |||
+ | LL::NG can delegate authentication to a CAS server. This requires [[http:// | ||
+ | |||
+ | <note tip> | ||
+ | |||
+ | LL::NG can also request proxy tickets for its protected services. Proxy tickets will be collected at authentication phase and stored in user session under the form: | ||
+ | |||
+ | '' | ||
+ | |||
+ | They can then be forwarded to applications trough [[writingrulesand_headers# | ||
+ | |||
+ | <note tip>CAS authentication will automatically add a [[logoutforward|logout forward rule]] on CAS server logout URL in order to close CAS session on LL::NG logout.</ | ||
+ | |||
+ | ===== Configuration ===== | ||
+ | |||
+ | In Manager, go in '' | ||
+ | |||
+ | <note tip>You can then choose any other module for users and password.</ | ||
+ | |||
+ | <note important> | ||
+ | Browser implementations of formAction directive are inconsistent (e.g. Firefox doesn' | ||
+ | Administrators may have to modify formAction value with wildcard likes *. | ||
+ | |||
+ | In Manager, go in : | ||
+ | |||
+ | '' | ||
+ | </ | ||
+ | |||
+ | Then, go in '' | ||
+ | * **Authentication level**: authentication level for this module. | ||
+ | |||
+ | Then create the list of CAS servers in the manager. For each, set: | ||
+ | * **Server URL** // | ||
+ | * **Renew authentication** //(default: disabled)//: | ||
+ | * **Gateways authentication** //(default: disabled)//: | ||
+ | * **Display Name**: Name to display. Required if you have more than 1 CAS server declared | ||
+ | * **Icon**: Path to CAS Server icon. Used only if you have more than 1 CAS server declared | ||
+ | * **Order**: Number to sort CAS Servers display | ||
+ | * **Proxied services**: list of services for which a proxy ticket is requested: | ||
+ | * **Key**: Service ID | ||
+ | * **Value** Service URL (CAS service identifier) | ||
+ | |||
+ | <note tip>If no proxied services defined, CAS authentication will not activate the CAS proxy mode with this CAS server.</ | ||