Documentation to connect Sympa with CAS protocol

2022-04-20 16:42:27 +02:00 · 2022-04-20 16:42:27 +02:00 · c73188edf6
parent bc9698c660
commit c73188edf6
2 changed files with 54 additions and 7 deletions
--- a/doc/sources/admin/applications.rst
+++ b/doc/sources/admin/applications.rst
@ -136,7 +136,7 @@ Application                                                       Configuration
 .. image:: applications/simplesamlphp_logo.png                    :doc:`simpleSAMLphp<applications/simplesamlphp>`                                       ✔
 .. image:: applications/spring_logo.png                           :doc:`Spring<applications/spring>`                   ✔
 .. image:: applications/symfony_logo.png                          :doc:`Symfony<applications/symfony>`                 ✔
-.. image:: applications/sympa_logo.png                            :doc:`Sympa<applications/sympa>`                     ✔
+.. image:: applications/sympa_logo.png                            :doc:`Sympa<applications/sympa>`                     ✔                             ✔
 .. image:: applications/tomcat_logo.png                           :doc:`Tomcat<applications/tomcat>`                   ✔
 .. image:: applications/wekan-logo.png                            :doc:`Wekan<applications/wekan>`                                           ✔
 .. image:: applications/wiki.js.svg                               :doc:`Wiki.js<applications/wikijs>`                                           ✔
--- a/doc/sources/admin/applications/sympa.rst
+++ b/doc/sources/admin/applications/sympa.rst
@ -8,9 +8,59 @@ Presentation

 `Sympa <http://www.sympa.org>`__ is a mailing list manager.

-To configure SSO with Sympa, use **Magic authentication**: a special SSO
-URL is protected by LL::NG, Sympa will display a button for users who
-wants to use this feature.
+To configure SSO with Sympa, you have the choice between:
+  * CAS
+  * **Magic authentication**: a special SSO URL is protected by LL::NG, Sympa will display a button for users who wants to use this feature.
+
+We recommend to use CAS.
+
+CAS
+---
+
+
+Sympa configuration
+~~~~~~~~~~~~~~~~~~~
+
+Edit the file "auth.conf", for example:
+
+::
+
+   vi /etc/sympa/auth.conf
+
+And fill it:
+
+::
+
+    cas
+        base_url                        https://auth.example.com/cas
+        non_blocking_redirection        on
+        auth_service_name               SSO
+        ldap_host                       ldap.example.com:389
+        ldap_get_email_by_uid_filter    (uid=[uid])
+        ldap_timeout                    7
+        ldap_suffix                     dc=example,dc=com
+        ldap_scope                      sub
+        ldap_email_attribute            mail
+
+Restart services:
+
+::
+
+    service sympa restart
+    service apache2 restart
+
+See also `official documentation <https://sympa-community.github.io/manual/customize/cas.html>`__
+
+LemonLDAP::NG configuration
+~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+Declare CAS application in the configuration, register the service URL.
+
+No attributes are needed.
+
+
+Magic authentication
+--------------------


 .. tip::
@ -19,9 +69,6 @@ wants to use this feature.
    removed since it works only with Sympa-5 which has been deprecated


-Configuration
-------------
-
 Sympa configuration
 ~~~~~~~~~~~~~~~~~~~