Hi Shi Yusen,<br><br><span dir="ltr" id=":vx">Thank you for your great efforts to contribute to further this integration! I wish success and victory for all!</span><br><br><span dir="ltr" id=":xf">Regards</span>,<br><br>Deiverson<br>
SolutionCMS<br><a href="http://www.solutioncms.com">www.solutioncms.com</a><br><br><br><div class="gmail_quote"><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
Message: 2<br>
Date: Tue, 14 Apr 2009 06:30:38 +0800<br>
From: Shi Yusen <<a href="mailto:shiys@langhua.cn">shiys@langhua.cn</a>><br>
Subject: [opencms-dev] The module of OpenCms7.0.5-CAS3.3.1-LDAP has<br>
been released<br>
To: <a href="mailto:opencms-dev@opencms.org">opencms-dev@opencms.org</a><br>
Message-ID: <1239661838.7312.28.camel@localhost.localdomain><br>
Content-Type: text/plain<br>
<br>
Hi list,<br>
<br>
I'm glad to announce a new module release for OpenCms7.0.5, CAS 3.3.1<br>
and OpenLDAP.<br>
<br>
The module is tested in Fedora 10, Tomcat 5.5.27, MySQL 5.0.67, OpenCms<br>
7.0.5, CAS 3.3.1, OpenLDAP 2.4.12 and OpenJDK 1.6.0.<br>
<br>
<br>
What's new:<br>
1. Two new authorization handler are added in this release to support<br>
CAS or LDAP based authorization. The handlers can create/adjust a user's<br>
groups(OU)/roles by groupOfNames(groupsOfUniqueNames)/roleOccupant or<br>
alias.<br>
<br>
2. CAS 2.0 protocal is supported. And when using CAS handlers, OpenCms<br>
will not visit LDAP anymore. This change will make it possible for those<br>
who want to use a database for CAS authz/authn. The user's information<br>
will be got from the /serviceValidate (or your customized servlet) and<br>
attributes. The attributes can be put by PersonDirectory or its<br>
extension.<br>
<br>
CAS + LDAP authz & authn:<br>
Client OpenCms CAS LDAP<br>
| a url | | |<br>
|----------req---------->|check permission | |<br>
| allowed? | |<br>
|<---------res-----------|yes | |<br>
| not allowd. guest? | |<br>
|<---------res-----------|not guest | |<br>
| a guest. has ticket? | |<br>
| | to /login | |<br>
| no ticket|---------req--------->| |<br>
|<-----------------res--------------------------| |<br>
| username/password | |<br>
|------------------req------------------------->| |<br>
| | |<-authz->|<br>
| | logged in? |<br>
|<-----------------res--------------------------|no |<br>
| | forward the url | |<br>
| |<--------res----------|yes |<br>
| a guest. has ticket? | |<br>
| yes| | |<br>
| has CmsUser? | |<br>
| no| /serviceValidate | |<br>
| |----------req-------->| |<br>
| | |<-find-->|<br>
| |<---------res---------| |<br>
| store user info | |<br>
| the url | | |<br>
|<----------res----------|not a guest | |<br>
<br>
<br>
How to get it:<br>
You can get this module from Langhua SVN:<br>
<a href="http://www.langhua.cn/langhua/modules/ldap/branch/opencms7.0.5-cas3.3.1-ldap/" target="_blank">http://www.langhua.cn/langhua/modules/ldap/branch/opencms7.0.5-cas3.3.1-ldap/</a><br>
Username: anon<br>
Password: anon<br>
<br>
Or ViewVC:<br>
<a href="http://www.langhua.cn/viewvc/svn/modules/ldap/branch/opencms7.0.5-cas3.3.1-ldap/" target="_blank">http://www.langhua.cn/viewvc/svn/modules/ldap/branch/opencms7.0.5-cas3.3.1-ldap/</a><br>
<br>
<br>
Enjoy it,<br>
<br>
Shi Yusen/Beijing Langhua Ltd.<br>
</blockquote></div><br>