- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎06-08-2015 04:56 AM
Hello! I am deploying Nuxeo for the first time and also this is first time I am setting up SSO which is jasig CAS server. I have downloaded the plugin, configured the descriptor and auth chain. Now is the question: should the LDAP or SQL directory be configured in the Nuxeo, to allow the system check the user permissions. I.e.: how can I login with the admin credentials if I am constantly redirected to CAS page?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎06-12-2015 09:32 AM
Hi,
Yes if you are using CAS/LDAP to handle authentication your need to configure Nuxeo to bind the same LDAP directory to provision user accounts.
https://doc.nuxeo.com/display/ADMINDOC/Using+a+LDAP+Directory
In order to use an LDAP account to log in as an administrator, you will need to configure this extension point:
<extension target="org.nuxeo.ecm.platform.usermanager.UserService" point="userManager">
<userManager>
<!-- ldap administrator uid -->
<defaultAdministratorId>12345</defaultAdministratorId>
<!-- admin group -->
<administratorsGroup>ecm-admin</administratorsGroup>
<defaultGroup>members</defaultGroup>
</userManager>
</extension>
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎06-12-2015 09:32 AM
Hi,
Yes if you are using CAS/LDAP to handle authentication your need to configure Nuxeo to bind the same LDAP directory to provision user accounts.
https://doc.nuxeo.com/display/ADMINDOC/Using+a+LDAP+Directory
In order to use an LDAP account to log in as an administrator, you will need to configure this extension point:
<extension target="org.nuxeo.ecm.platform.usermanager.UserService" point="userManager">
<userManager>
<!-- ldap administrator uid -->
<defaultAdministratorId>12345</defaultAdministratorId>
<!-- admin group -->
<administratorsGroup>ecm-admin</administratorsGroup>
<defaultGroup>members</defaultGroup>
</userManager>
</extension>
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎06-15-2015 10:00 AM
Thanks for the reply, but can I use only CAS server and Nuxeo internal user manager to perform authentication?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎06-15-2015 10:21 AM
What do you want to use CAS for then ? If what you mean is can I mix CAS authentication with other authentication methods the answer is yes, you can chain authentication methods and stack authentication modules as demonstrated in the documentation
