Hyland Community
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Alfresco Authentication with CAS?

kjordan2001
Champ in-the-making
Champ in-the-making

‎07-12-2006 10:57 AM

I'm setting up a Single Sign-on system for my company and we need a content management system that can easily be integrated with our CAS system which in turn may authenticate against Kerberos or LDAP (unknown which we will use, but we have both installed but not fully configured yet for all our users).  We first tried KnowledgeTree since it was written in PHP as most of our apps will be, but it couldn't use CAS without quite a bit of hacking.  That led me to Alfresco which supposedly is easier to integrate since it supports Acegi which I read can use CAS, but I haven't found any HOWTOs on the wiki yet on how to do this.  I saw a Single Signon HOWTO with NTLM, but while we do have an AD server at the moment we're trying to go all Linux.
Labels:
0 Kudos
5 REPLIES 5

kjordan2001
Champ in-the-making
Champ in-the-making

‎07-13-2006 04:14 PM

Anyone gotten Alfresco working with CAS in any form?
0 Kudos

andy
Champ on-the-rise
Champ on-the-rise

‎07-14-2006 06:30 AM

Hi

I do not recall anyone trying this.

Upgrading acegi to 1.0  is on the to do list.

It looks like you could authenticate direct with JAAS & Kerberos, or LDAP.


Alternatively, you should be able to configure authentication to use the acegi CAS support. In a similar way to how we use the acegi DAO stuff.
Take a look at authentication-services-context.xml

Regards

Andy
0 Kudos

kjordan2001
Champ in-the-making
Champ in-the-making

‎07-14-2006 12:12 PM

Hi

I do not recall anyone trying this.

Upgrading acegi to 1.0  is on the to do list.

It looks like you could authenticate direct with JAAS & Kerberos, or LDAP.


Alternatively, you should be able to configure authentication to use the acegi CAS support. In a similar way to how we use the acegi DAO stuff.
Take a look at authentication-services-context.xml

Regards

Andy
I plan on setting it up like in this HOWTO.  Will this be compatible with how Alfresco does stuff?  And I suppose my most important concern is getting users who have been authenticated but haven't logged in before added to the user list or somehow syncing with our LDAP server since that will contain all the users as well (since we may have a hundred or more users and we don't want to add them manually).
0 Kudos

kjordan2001
Champ in-the-making
Champ in-the-making

‎07-17-2006 01:09 PM

Anyone know if hacking it like that will work?
0 Kudos

andy
Champ on-the-rise
Champ on-the-rise

‎07-19-2006 02:18 PM

Hi

You can schedule groups and users to be pulled from an LDAP user so that alfrecso is in sync with your LDAP server. You could authenticate direct to LDAP or via CAS. I see no reason why you should not be able to validate a user+password using CAS and the acegi based alfresco authenticator.

There is no point in having CAS unless it gives you single sign on.
What clients understand it and how would web calls etc pull out the credentials? You would have to write something here using the NTLM single sign on filter code as an example.

You may also want to implement your own ticket component.

Are there any dependacies in the acegi version for CAS support?

Regards

Andy
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2025 Khoros, LLC
Top