Versions Compared

Old Version 2

changes.mady.by.user Shi Yusen

Saved on

compared with

New Version 3

changes.mady.by.user Shi Yusen

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
Attribute: a expression to mapping the username to an LDAP attribute, such as uid=%u@langhua.cn or cn=Shi Yusen, default is uid=u%.

AuthenType: the authen type of LDAP server, default value is simple.

AuthenticationHandler: the handler to authen the user's login, can be cn.langhua.opencms.ldap.cas.CmsCasAuthenticationHandler or cn.langhua.opencms.ldap.openldap.CmsLdapAuthenticationHandler, default is the LDAP one.

AutoUserRoleName: when a new user added according to the login server, the default role type of this user. If empty, the user will be only in the User group without any role.

BaseDN: the base DN of LDAP server, such as dc=example,dc=com. No default value.

CasLoginUri: the uri to CAS login, default is /login.

CasUrl: the url to visit CAS server, default is https://localhost:8443/cas.

CasValidateUri: the uri to CAS validate, default is /validate.

Filter: the filter to login LDAP server, default is (objectclass=*).

Scope: the scope to search LDAP, default is sub which means search subtree from the BaseDN.

URL: the URL of the LDAP server, ldap://localhost:389.

UseCmsLoginWhenLDAPFail: When LDAP connection or login failed, whether using OpenCms login instead. Default value is true.

 You have to config your CAS server to use LDAP as the above parameters configed.

...

 I use CAS 1.0 protocal to validate service ticket in the login procedure.

Code Block

              
 String ticket = CmsRequestUtil.getNotEmptyParameter(getRequest(), PARAM_TICKET);
        	CmsModule ldapModule = OpenCms.getModuleManager().getModule("cn.langhua.opencms.ldap");
        	if (ldapModule != null) {
        		String casUrl = ldapModule.getParameter("CasUrl", "https://localhost:8443/cas");
        		String loginUri = ldapModule.getParameter("CasLoginUri", "/login");
        		String validateUri = ldapModule.getParameter("CasValidateUri", "/validate");
        		String serviceUrl = getRequest().getRequestURL().toString();
        		String url = URLEncoder.encode(serviceUrl, "UTF-8");
        		if (ticket == null) {
            		getResponse().sendRedirect(casUrl + loginUri + "?service=" + url);
            	} else {
            		// there's a ticket, we should validate the ticket
            		URL validateURL = new URL(casUrl + validateUri + "?" + PARAM_TICKET + "=" + ticket + "&" + PARAM_SERVICE + "=" + url);
            		URLConnection conn = validateURL.openConnection();
        			InputStreamReader result = new InputStreamReader(conn.getInputStream(), "UTF-8");
        			BufferedReader reader = new BufferedReader(result);
        			String oneline = reader.readLine();
        			if (CmsStringUtil.isNotEmpty(oneline) && oneline.equals("yes")) {
    					// the ticket is true
    					m_username = reader.readLine().trim();
    					m_password = "cas_login";
    					m_actionLogin = "true";
            			reader.close();
            			result.close();
       				} else {
       					// the ticket is false, forward the request to cas login page
            			reader.close();
            			result.close();
                		getResponse().sendRedirect(casUrl + loginUri + "?service=" + url);
        			}
            	        }
        	}



/system/loing/index.html

Please  Please replace the /system/login/index.html with /system/modules/cn.langhua.opencms.ldap/login/index_cas.html, and then you'll use CAS login page to login your OpenCms.
 
  

How to get the module and the source code

 Download the module: http://sourceforge.net/project/showfiles.php?group_id=163225

 The source code: http://opencms-ldap.svn.sourceforge.net/viewvc/opencms-ldap/OpenCms-7.0.1-CAS-3.1-OpenLDAP/ 

 (End)