...
3. Modify $(cas_server)/WEB-INF/spring-configuration/applicationContext.xml
...
Code Block |
---|
<!-- CentralAuthorizationService, please note, this is authz --> |
...
<bean id="centralAuthorizationService" class="cn.langhua.cas.LDAPAuthzCASImpl" |
...
p:ticketGrantingTicketExpirationPolicy-ref="grantingTicketExpirationPolicy" |
...
p:serviceTicketExpirationPolicy-ref="serviceTicketExpirationPolicy" |
...
p:authenticationManager-ref="authenticationManager" |
...
p:ticketGrantingTicketUniqueTicketIdGenerator-ref="ticketGrantingTicketUniqueIdGenerator" |
...
p:ticketRegistry-ref="ticketRegistry" |
...
p:servicesManager-ref="servicesManager" |
...
p:persistentIdGenerator-ref="persistentIdGenerator" |
...
p:uniqueTicketIdGeneratorsForService-ref="uniqueIdGeneratorsMap" |
...
p:attributeRepository-ref="attributeRepository" /> |
4.Modify $(cas_server)/WEB-INF/deployerConfigContext.xml
Code Block <bean id="attributeRepository" class="cn.langhua.cas.services.persondir.support.ldap.LdapPersonAttributeDaoExtension"> <property name="baseDN" value="o=langhua,c=cn" /> <!-- This query is used to find the entry for populating attributes. {0} will be replaced by the new Principal ID extracted from the ldap--> <property name="query" value="(uid:caseExactmatch:={0})" /> <property name="contextSource" ref="contextSource" /> <property name="groupSearchDN" value="ou=users,ou=opencms,ou=applications,o=langhua,c=cn" /> <property name="roleSearchDN" value="ou=roles,ou=opencms,ou=applications,o=langhua,c=cn" /> <property name="authorType" value="member" /> <property name="ldapAttributesToPortalAttributes"> <map> <!-- Mapping beetween LDAP entry's attributes (key) and Principal"s (value) --> <entry key="groups" value="groups" /> <entry key="roles" value="roles" /> <entry key="uid" value="uid" /> <entry value="title" key="title"/> <entry key="cn" value="Name"/> <entry key="sn" value="sn"/> </map> </property> </bean>
The source code of cn.langhua.cas is here.
How to get the module and the source code
SVN:
http://www.langhua.cn/langhua/modules/ldap/
Username:anon
Password:anon
ViewVC:
http://www.langhua.cn/viewvc/svn/modules/ldap/
Shi Yusen/Beijing Langhua Ltd.