CAS
authentication backend
Presentation
This backend allows you to use a CAS server as
primary SSO provider. This require the
AuthCAS Perl
module.
To work, your CAS server need to use HTTPS (CAS
cookies are only sent over SSL connections)
Configuration
Edit portal/index.pl and add those parameters in
constructor:
authentication => 'CAS',
CAS_url => 'https://cas.example.com',
#CAS_CAFile => '/etc/httpd/conf/ssl.crt/ca-bundle.crt',
CAS_loginUrl => 'http://auth.example.com',
CAS_validationUrl => 'http://auth.example.com',
Parameters explanations:
- CAS_url: this is the login URL on your CAS server. This has to use
HTTPS.
- CAS_CAFile: only use to verify CAS server certificate, not
mandatory.
- CAS_loginUrl: where CAS redirect the user after CAS authentication,
this is the portal.
- CAS_validationUrl: where the service ticket (ST) is checked, this is
the portal.
Of course the CAS user must exists in your UserDB backend. You can
rely just on CAS authentication by using the
Null UserDB
backend
See also