LDAP CAS plugin 1.1

LDAP CAS plugin is an LDAP authentication plugin that supports integration in a CAS (Central Authentication Service) environment
LDAP CAS plugin is an LDAP authentication plugin that supports integration in a CAS (Central Authentication Service) environment.

LDAP CAS plugin is a plugin for Fedora Directory Server (it should also work in Red Hat Directory Server, and probably in SUN's Directory Server) that allows authentication in a CAS SSO enviroment. In a LDAP bind operation, it accepts normal user passwords and CAS tickets (PT or ST), called credentials in the code sources.

INSTALLATION:

Review Makefile

Stop LDAP server

Do make

Copy libcas-plugin.so to [serverRoot]/lib/

Add the following entry for the server plug-in to

[serverRoot]/slapd-[serverID]/config/dse.ldif

(Change '/opt/ldapserver' with your Fedora DS [serverRoot])
(Change '/etc/security' with whatever fits you. If not present it defaults to '/etc/cas.conf')
(Change casMaxCachedUsers with an upper limit for your users)
(Change casMaxCachedTimeAcc with seconds while a cached credential is considered valid since last accessed)
(Change casMaxCachedTimeCrea with seconds while a cached credential is considered valid since it was created. Must be greater than casMaxCachedTimeAcc)

dn: cn=CAS Pass Through Auth,cn=plugins,cn=config
objectClass: top
objectClass: nsSlapdPlugin
objectClass: extensibleObject
objectClass: casConfig
cn: CAS Pass Through Auth
nsslapd-pluginPath: /opt/ldapserver/lib/libcas-plugin.so
nsslapd-pluginInitfunc: cas_passthruauth_init
nsslapd-pluginType: preoperation
nsslapd-pluginEnabled: on
nsslapd-pluginloadglobal: true
nsslapd-plugin-depends-on-type: database
casMissingSuffix: ALLOW
casExcludeSuffix: o=NetscapeRoot
casExcludeSuffix: cn=config
casService: fds
casConfFile: /etc/security/cas.conf
casMaxCachedTimeAcc: 1000
casMaxCachedTimeCrea: 7200
casIDAttr: uid
casNumCreds: 15
casMaxCachedUsers: 20000

Copy file cas-plugin.ldif to [serverRoot]/slapd-[serverID]/config/schema/66cas-plugin.ldif
(change '66' for a value suitable for you)
(the oids in the file are just samples; change them)

Edit 'cas.conf' with your system configuration. Copy it to a place suitable for you (the same as in dse.ldif).

Start LDAP server

This Program is distributed in the hope that it will be useful, but WITHOUT
ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

What's New in This Release:

Support for concurrent sessions in credentials cache module.

last updated on:
November 1st, 2007, 6:05 GMT
price:
FREE!
developed by:
Otruyo
homepage:
sourceforge.net
license type:
GPL (GNU General Public License) 
category:
ROOT \ System \ Networking

FREE!

In a hurry? Add it to your Download Basket!

user rating 17

2.5/5
 

0/5

Rate it!

Add your review!

SUBMIT