diff --git a/doc/pages/documentation/current/idpcas.html b/doc/pages/documentation/current/idpcas.html index 6cd988aa8..e1eb1d4ad 100644 --- a/doc/pages/documentation/current/idpcas.html +++ b/doc/pages/documentation/current/idpcas.html @@ -43,20 +43,43 @@
+AS server +
LL::NG can be used as a CAS server. It can allow one to federate LL::NG with:
In the Manager, go in General Parameters
» Issuer modules
» CAS
and configure:
On
.^/cas/
unless you have change Apache portal configuration file.^/cas/
)$authenticationLevel > 2
-Then go in Options
to define:
+Then go in CAS Service
to define:
Options
to define:
CAS login
is not set, it uses General Parameters
» Logs
» REMOTE_USER
data, which is set to uid
by default
+If an access control policy other than none
is specified, applications that want to authenticate users through the CAS protocol have to be declared before LemonLDAP::NG accepts to issue service tickets for them.
+
+Go to CAS Applications
and then Add CAS Application
. Give a technical name (no spaces, no special characters), like “app-example”.
+
+You can then access the configuration of this application. +
+ +none
, this rule will be ignored
++You may add a list of attributes that will be transmitted in the validate response. Keys are the name of attribute in the CAS response, values are the name of session key. +
+ +
+The attributes defined here will completely replace any attributes you may have declared in the global CAS Service
configuration. In order to re-use the global configuration, simply set this section to an empty list.
+