[opencms-dev] OpenCms7.0.5-CAS3.2.1.1-LDAP module released
Pomegranate Software- Arash Kaffamanesh
arash.kaffamanesh at pomegranate.de
Thu Sep 18 20:33:15 CEST 2008
Hi Shi,
many thanks to you Shi and Olivier CHIROUZE to make it possible to have
this OpenCms Open Source LDAP Module!
Your announcement is here too:
http://www.pomegranate.de:9000/cms/forum/viewthread?thread=148
Kind Regards,
Arash
Shi Yusen wrote:
> Hi list,
>
> I'm glad to annonce the release of OpenCms7.0.5-CAS3.2.1.1-LDAP module.
>
> Thanks Olivier CHIROUZE from Volvo Information Technology contribute
> this release!
>
> Olivier developed the modules of this release in OpenCms7.0.5 and
> ActiveDirectory environment, and I tested it in OpenCms7.0.5, CAS3.2.1.1
> and OpenLDAP2.4.8.
>
>
> The new module contains 2 version:
> cn.langhua.opencms.ldap_1.0.4_opencms7.0.5_java1.4.zip for JDK 1.4
> cn.langhua.opencms.ldap_1.0.4_opencms7.0.5_java1.5.zip for JDK 1.5
>
>
> Source code and module download:
> SVN access:
> http://www.langhua.cn/langhua/modules/ldap/branch/
> username: anon
> password: anon
>
> ViewVC access:
> http://www.langhua.cn/viewvc/modules/ldap/branch/
>
>
> Other improvements made by Olivier CHIROUZE including:
> 1. A ant task to build the module zip file
> 2. Choose the version of Java you want to compile in build.xml
>
>
> Further Information:
> 1. This module uses the following processes to login:
> LDAP authz:
> User OpenCms LDAP
> | userid/password | |
> |--------------req------------->| userid |
> | |-----------req----------->|
> | |<----------res------------|
> | | user dn |
> | | user dn/password |
> | |-----------req----------->|
> | |<----------res------------|
> |<-------------res--------------| |
>
>
> CAS + LDAP authz:
> Client OpenCms CAS LDAP
> | a url | | |
> |----------req---------->|check permission | |
> | allowed? | |
> |<---------res-----------|yes | |
> | not allowd. guest? | |
> |<---------res-----------|not guest | |
> | a guest. has ticket? | |
> | | to /login | |
> | no ticket|---------req--------->| |
> |<-----------------res--------------------------| |
> | username/password | |
> |------------------req------------------------->| |
> | | |<-authz->|
> | | logged in? |
> |<-----------------res--------------------------|no |
> | | forward the url | |
> | |<--------res----------|yes |
> | a guest. has ticket? | |
> | yes| | |
> | has CmsUser? | |
> | no| read user info |
> | |---------------req------------->|
> | |<--------------res--------------|
> | store user info | |
> | the url | | |
> |<----------res----------|not a guest | |
>
>
> 2. Installation
> Use OpenCms module import tool to install this module.
> Use the following options to config this module.
> Replace the /system/login/index.html with one sample
> under /system/modules/cn.langhua.opencms.ldap/login/.
>
> 3. Configuration
> There are 12 parameters of this module, you can change them in OpenCms
> module management.
> Attribute: a expression to mapping the username to an LDAP attribute,
> such as uid=%u at langhua.cn or cn=Shi Yusen, default is uid=u%.
>
> AuthenType: the authen type of LDAP server, default value is simple.
>
> AuthenticationHandler: the handler to authen the user's login, can be
> cn.langhua.opencms.ldap.cas.CmsCasAuthenticationHandler or
> cn.langhua.opencms.ldap.openldap.CmsLdapAuthenticationHandler, default
> is the LDAP one.
>
> AutoUserRoleName: when a new user added according to the login server,
> the default role type of this user. If empty, the user will be only in
> the User group without any role.
>
> BaseDN: the base DN of LDAP server, such as dc=example,dc=com. No
> default value.
>
> CasLoginUri: the uri to CAS login, default is /login.
>
> CasUrl: the url to visit CAS server, default is
> https://localhost:8443/cas.
>
> CasValidateUri: the uri to CAS validate, default is /validate.
>
> Filter: the filter to login LDAP server, default is (objectclass=*).
>
> Scope: the scope to search LDAP, default is sub which means search
> subtree from the BaseDN.
>
> URL: the URL of the LDAP server, ldap://localhost:389.
>
> UseCmsLoginWhenLDAPFail: When LDAP connection or login failed, whether
> using OpenCms login instead. Default value is true.
>
> 4. Bug feedback
> http://www.langhua.cn/bugzilla, please use firefox to get the right UI
> language for you.
> Or send email to this list.
>
> 5. Trouble shooting
> You can change the configuration of this module in
> ${opencms.home}/WEB-INF/config/opencms-modules.xml.
>
> If you're using OpenLDAP, you have to add BaseDN parameter something
> like this:
> <param name="BaseDN">o=langhua,c=cn</param>
> If you want your OpenLDAP case sensitive, you can use caseExactmatch,
> for example:
> <param name="Attribute">uid:caseExactmatch:=%u</param>
>
> Enjoy it.
>
> Shi Yusen/Beijing Langhua Ltd.
>
>
>
> _______________________________________________
> This mail is sent to you from the opencms-dev mailing list
> To change your list options, or to unsubscribe from the list, please visit
> http://lists.opencms.org/mailman/listinfo/opencms-dev
>
>
More information about the opencms-dev
mailing list