[Building Sakai] CAS alongside LDAP: any foreseeable problems?
Steve Swinsburg
steve.swinsburg at gmail.com
Tue May 3 17:40:43 PDT 2011
Hi Mike,
No issues with duplicates, once CAS gives the authenticated eid, it maps to the same uuid internally.
The only issue I've seen with CAS is that if a link to a resource is provided and user follows that and is unauthenticated, they will be taken to CAS auth. This can be a problem if you have external users who cannot authenticate via CAS. A solution for this is an intermediate page where the use can choose their authentication source.
cheers,
Steve
On 04/05/2011, at 9:45 AM, Michael Osterman wrote:
> We have been using LDAP auth for many years, and are now looking at enabling CAS so we can get people straight in from our portal (LifeRay). We want to retain the standard "xlogin" method as well, not just for accounts local to Sakai, but for also to continue support for LDAP auth like our users are used to with the login box in the upper right-hand corner.
>
> We've got things set up on our test server as per Steve's excellent doc:
>
> https://confluence.sakaiproject.org/display/~steve.swinsburg/CASifying+Sakai
>
> I had to fiddle with site.vm to make it look like it used to (no portal link and a login box that posts to /portal/xlogin/), but it seems to work for users with eids whether they log in via CAS or LDAP via xlogin.
>
> My question is this: does anyone know of any issues that might be created with user accounts if they are logging in sometimes through CAS and other times through LDAP? It doesn't appear to be creating 2 entries, for example, but I wanted to double-check before we flip the switch.
>
> -Mike
>
>
> _______________________________________________
> sakai-dev mailing list
> sakai-dev at collab.sakaiproject.org
> http://collab.sakaiproject.org/mailman/listinfo/sakai-dev
>
> TO UNSUBSCRIBE: send email to sakai-dev-unsubscribe at collab.sakaiproject.org with a subject of "unsubscribe"
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://collab.sakaiproject.org/pipermail/sakai-dev/attachments/20110504/58a64c17/attachment.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3743 bytes
Desc: not available
Url : http://collab.sakaiproject.org/pipermail/sakai-dev/attachments/20110504/58a64c17/attachment.bin
More information about the sakai-dev
mailing list