Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision | |||
documentation:latest:idpcas [2019/02/07 19:21] cmaudoux [Enabling CAS] |
documentation:latest:idpcas [2019/04/30 20:20] (current) |
||
---|---|---|---|
Line 1: | Line 1: | ||
- | AS server ====== | + | ====== CAS server ====== |
===== Presentation ===== | ===== Presentation ===== | ||
Line 28: | Line 28: | ||
Then go in ''CAS Service'' to define: | Then go in ''CAS Service'' to define: | ||
- | * **CAS login**: the session key transmitted to CAS client as the main identifier (CAS Principal) | + | * **CAS login**: the session key transmitted to CAS client as the main identifier (CAS Principal). This setting can be overriden per-application. |
* **CAS attributes**: list of attributes that will be transmitted by default in the validate response. Keys are the name of attribute in the CAS response, values are the name of session key. | * **CAS attributes**: list of attributes that will be transmitted by default in the validate response. Keys are the name of attribute in the CAS response, values are the name of session key. | ||
* **Access control policy**: define if access control should be done on CAS service. Three options: | * **Access control policy**: define if access control should be done on CAS service. Three options: | ||
Line 49: | Line 49: | ||
* **Service URL** : the service (user-facing) URL of the CAS-enabled application. | * **Service URL** : the service (user-facing) URL of the CAS-enabled application. | ||
+ | * **User attribute** : session field that will be used as main identifier. | ||
* **Rule** : The access control rule to enforce on this application. If left blank, access will be allowed for everyone. | * **Rule** : The access control rule to enforce on this application. If left blank, access will be allowed for everyone. | ||