Yes. We're making a customized version based on the cas module.
We basically do not want the user to have to forward to the login page.
So David, I tried your suggestion and what I'm seeing is:
I go to to the admin page not being authenticated and attempt to login as my admin when I submit, the resulting page is not the admin page with the options available to me but rather my site's home page with the url as ' http://%5Bdomain_name%5D/?destination=admin '
any Ideas?
On Feb 7, 2008, at 1:24 PM, Hainsworth, Shawn wrote:
I want to jump in here. The Drupal user might not always exist. There are cases where CAS will authenticate a user that Drupal does not yet have in its User table. I know the module allows for creating new users with a configurable set of default roles, and we will need to use this functionality.
Also, the security model for this application is different than Drupal's typical security model. Typically, Drupal protects resources based on roles. So, i f you attempt to access a specific resource, Drupal will check if that resource is protected, and then check if the user is authenticated, and what their role is. The Drupal-CAS module also allows a set of URL patterns to be defined which will require authentication.
We are not requiring authentication based on resource or URL path. Rather, any page on the site may be accessed anonymously. However, there are additional features that are available if you are logged in.
Therefore, we are modifying the module to perform a CAS gateway check at the beginning of the user's session. So, Drupal authentication will only be used for administrators and content creators. Users of the site will not use Drupal authentication. Rather, they will use the CAS gateway check at the beginning of their session.
s.
From: Scott Matthews [mailto:smatthews@optaros.com] Sent: Thu 2/7/2008 1:00 PM To: support@drupal.org Cc: Hainsworth, Shawn; Ron Trevarrow Subject: Re: [support] Drupal CAS Configuration
Yes, I already have the accounts stored in Drupal for the people in question. As for CAS, since I'm still in development I'm using the basic functionality of the server for now where you can use any user and the password is the username.
Yes, to some degree I do want both to work (i.e. allowing the admin for Drupal to login without CAS authentication while other arbitrary users are validated from CAS.
Scott Matthews Senior Developer Optaros, Inc. smatthews@optaros.com
On Feb 7, 2008, at 12:52 PM, Metzler, David wrote:
I'm the module maintainer, and can certainly help out here.
If you're using a module where just a few should be authenticated by cas, there's a couple of options here, but a couple of questions will be useful:
1.) have you precreated the drupal accounts for these people? You don't have to, but it'll be helpful for me to give advice.
2.) Are you looking for both drupal auth and cas auth to work?
Dave
-----Original Message----- From: support-bounces@drupal.org on behalf of Scott Matthews Sent: Thu 2/7/2008 09:15 To: support@drupal.org Cc: Shawn Hainsworth Subject: [support] Drupal CAS Configuration
Has anyone had much experience with the Drupal CAS module?I'm
attempting to use it for an SSO implementation by integrating it
into
a site that I am developing where there is a central CAS server that will manage the users for all other sites we have. This Central CAS server will have access to a central repository of user login informaiton.
The issue that I'm seeing is that there are a few specificusers that
I have that will be maintained by Drupal and when I attempt to Login as those users, it does not seem to authenticate me. Is this
possible
to have it set up this way? Am I barking up the wrong tree?
[ Drupal support list | http://lists.drupal.org/ ]
<winmail.dat>-- [ Drupal support list | http://lists.drupal.org/ ]