Has anyone had much experience with the Drupal CAS module? I'm attempting to use it for an SSO implementation by integrating it into a site that I am developing where there is a central CAS server that will manage the users for all other sites we have. This Central CAS server will have access to a central repository of user login informaiton.
The issue that I'm seeing is that there are a few specific users that I have that will be maintained by Drupal and when I attempt to Login as those users, it does not seem to authenticate me. Is this possible to have it set up this way? Am I barking up the wrong tree?
I'm the module maintainer, and can certainly help out here.
If you're using a module where just a few should be authenticated by cas, there's a couple of options here, but a couple of questions will be useful:
1.) have you precreated the drupal accounts for these people? You don't have to, but it'll be helpful for me to give advice.
2.) Are you looking for both drupal auth and cas auth to work?
Dave
-----Original Message----- From: support-bounces@drupal.org on behalf of Scott Matthews Sent: Thu 2/7/2008 09:15 To: support@drupal.org Cc: Shawn Hainsworth Subject: [support] Drupal CAS Configuration
Has anyone had much experience with the Drupal CAS module? I'm attempting to use it for an SSO implementation by integrating it into a site that I am developing where there is a central CAS server that will manage the users for all other sites we have. This Central CAS server will have access to a central repository of user login informaiton.
The issue that I'm seeing is that there are a few specific users that I have that will be maintained by Drupal and when I attempt to Login as those users, it does not seem to authenticate me. Is this possible to have it set up this way? Am I barking up the wrong tree?
Yes, I already have the accounts stored in Drupal for the people in question. As for CAS, since I'm still in development I'm using the basic functionality of the server for now where you can use any user and the password is the username.
Yes, to some degree I do want both to work (i.e. allowing the admin for Drupal to login without CAS authentication while other arbitrary users are validated from CAS.
Scott Matthews Senior Developer Optaros, Inc. smatthews@optaros.com
On Feb 7, 2008, at 12:52 PM, Metzler, David wrote:
I'm the module maintainer, and can certainly help out here.
If you're using a module where just a few should be authenticated by cas, there's a couple of options here, but a couple of questions will be useful:
1.) have you precreated the drupal accounts for these people? You don't have to, but it'll be helpful for me to give advice.
2.) Are you looking for both drupal auth and cas auth to work?
Dave
-----Original Message----- From: support-bounces@drupal.org on behalf of Scott Matthews Sent: Thu 2/7/2008 09:15 To: support@drupal.org Cc: Shawn Hainsworth Subject: [support] Drupal CAS Configuration
Has anyone had much experience with the Drupal CAS module? I'm attempting to use it for an SSO implementation by integrating it into a site that I am developing where there is a central CAS server that will manage the users for all other sites we have. This Central CAS server will have access to a central repository of user login informaiton.
The issue that I'm seeing is that there are a few specific users that I have that will be maintained by Drupal and when I attempt to Login as those users, it does not seem to authenticate me. Is this possible to have it set up this way? Am I barking up the wrong tree? -- [ Drupal support list | http://lists.drupal.org/ ]
<winmail.dat>-- [ Drupal support list | http://lists.drupal.org/ ]
Ok, in that case it's important to set the "If CAS is not the user repository, should cas highjack users with the same name?" check box in the user accounts configuration for CAS.
It's not on by default and may explain what you're seeing here.
Dave
-----Original Message----- From: support-bounces@drupal.org on behalf of Scott Matthews Sent: Thu 2/7/2008 10:00 To: support@drupal.org Cc: Ron Trevarrow; Shawn Hainsworth Subject: Re: [support] Drupal CAS Configuration
Yes, I already have the accounts stored in Drupal for the people in question. As for CAS, since I'm still in development I'm using the basic functionality of the server for now where you can use any user and the password is the username.
Yes, to some degree I do want both to work (i.e. allowing the admin for Drupal to login without CAS authentication while other arbitrary users are validated from CAS.
Scott Matthews Senior Developer Optaros, Inc. smatthews@optaros.com
On Feb 7, 2008, at 12:52 PM, Metzler, David wrote:
I'm the module maintainer, and can certainly help out here.
If you're using a module where just a few should be authenticated by cas, there's a couple of options here, but a couple of questions will be useful:
1.) have you precreated the drupal accounts for these people? You don't have to, but it'll be helpful for me to give advice.
2.) Are you looking for both drupal auth and cas auth to work?
Dave
-----Original Message----- From: support-bounces@drupal.org on behalf of Scott Matthews Sent: Thu 2/7/2008 09:15 To: support@drupal.org Cc: Shawn Hainsworth Subject: [support] Drupal CAS Configuration
Has anyone had much experience with the Drupal CAS module? I'm attempting to use it for an SSO implementation by integrating it into a site that I am developing where there is a central CAS server that will manage the users for all other sites we have. This Central CAS server will have access to a central repository of user login informaiton.
The issue that I'm seeing is that there are a few specific users that I have that will be maintained by Drupal and when I attempt to Login as those users, it does not seem to authenticate me. Is this possible to have it set up this way? Am I barking up the wrong tree? -- [ Drupal support list | http://lists.drupal.org/ ]
<winmail.dat>-- [ Drupal support list | http://lists.drupal.org/ ]
Okay... So basically it would set Drupal to be the central repository, even though I have like 2 people, but if for some reason the user is in cas then it will validate?
Scott Matthews Senior Developer Optaros, Inc. smatthews@optaros.com
On Feb 7, 2008, at 1:02 PM, Metzler, David wrote:
Ok, in that case it's important to set the "If CAS is not the user repository, should cas highjack users with the same name?" check box in the user accounts configuration for CAS.
It's not on by default and may explain what you're seeing here.
Dave
-----Original Message----- From: support-bounces@drupal.org on behalf of Scott Matthews Sent: Thu 2/7/2008 10:00 To: support@drupal.org Cc: Ron Trevarrow; Shawn Hainsworth Subject: Re: [support] Drupal CAS Configuration
Yes, I already have the accounts stored in Drupal for the people in question. As for CAS, since I'm still in development I'm using the basic functionality of the server for now where you can use any user and the password is the username.
Yes, to some degree I do want both to work (i.e. allowing the admin for Drupal to login without CAS authentication while other arbitrary users are validated from CAS.
Scott Matthews Senior Developer Optaros, Inc. smatthews@optaros.com
On Feb 7, 2008, at 12:52 PM, Metzler, David wrote:
I'm the module maintainer, and can certainly help out here.
If you're using a module where just a few should be authenticated by cas, there's a couple of options here, but a couple of questions will be useful:
1.) have you precreated the drupal accounts for these people? You don't have to, but it'll be helpful for me to give advice.
2.) Are you looking for both drupal auth and cas auth to work?
Dave
-----Original Message----- From: support-bounces@drupal.org on behalf of Scott Matthews Sent: Thu 2/7/2008 09:15 To: support@drupal.org Cc: Shawn Hainsworth Subject: [support] Drupal CAS Configuration
Has anyone had much experience with the Drupal CAS module? I'm attempting to use it for an SSO implementation by integrating it into a site that I am developing where there is a central CAS server that will manage the users for all other sites we have. This Central CAS server will have access to a central repository of user login informaiton.
The issue that I'm seeing is that there are a few specific users that I have that will be maintained by Drupal and when I attempt to Login as those users, it does not seem to authenticate me. Is this possible to have it set up this way? Am I barking up the wrong tree? -- [ Drupal support list | http://lists.drupal.org/ ]
<winmail.dat>-- [ Drupal support list | http://lists.drupal.org/ ]
-- [ Drupal support list | http://lists.drupal.org/ ]
<winmail.dat>-- [ Drupal support list | http://lists.drupal.org/ ]
I should've also mentioned that you correctly point out the settings page is incorrect. The option really should read
If Drupal is not the user repository ..... hijack
I can't believe I ( and no one else ) noticed this yet.
Dave
-----Original Message----- From: support-bounces@drupal.org [mailto:support-bounces@drupal.org] On Behalf Of Scott Matthews Sent: Thursday, February 07, 2008 10:09 AM To: support@drupal.org Cc: Shawn Hainsworth Subject: Re: [support] Drupal CAS Configuration
Okay... So basically it would set Drupal to be the central repository, even though I have like 2 people, but if for some reason the user is in cas then it will validate?
Scott Matthews Senior Developer Optaros, Inc. smatthews@optaros.com
On Feb 7, 2008, at 1:02 PM, Metzler, David wrote:
Ok, in that case it's important to set the "If CAS is not the user repository, should cas highjack users with the same name?" check box in the user accounts configuration for CAS.
It's not on by default and may explain what you're seeing here.
Dave
-----Original Message----- From: support-bounces@drupal.org on behalf of Scott Matthews Sent: Thu 2/7/2008 10:00 To: support@drupal.org Cc: Ron Trevarrow; Shawn Hainsworth Subject: Re: [support] Drupal CAS Configuration
Yes, I already have the accounts stored in Drupal for the people in question. As for CAS, since I'm still in development I'm using the basic functionality of the server for now where you can use any user and the password is the username.
Yes, to some degree I do want both to work (i.e. allowing the admin for Drupal to login without CAS authentication while other arbitrary users are validated from CAS.
Scott Matthews Senior Developer Optaros, Inc. smatthews@optaros.com
On Feb 7, 2008, at 12:52 PM, Metzler, David wrote:
I'm the module maintainer, and can certainly help out here.
If you're using a module where just a few should be authenticated by cas, there's a couple of options here, but a couple of questions will be useful:
1.) have you precreated the drupal accounts for these people? You don't have to, but it'll be helpful for me to give advice.
2.) Are you looking for both drupal auth and cas auth to work?
Dave
-----Original Message----- From: support-bounces@drupal.org on behalf of Scott Matthews Sent: Thu 2/7/2008 09:15 To: support@drupal.org Cc: Shawn Hainsworth Subject: [support] Drupal CAS Configuration
Has anyone had much experience with the Drupal CAS module? I'm attempting to use it for an SSO implementation by integrating it into a site that I am developing where there is a central CAS server that will manage the users for all other sites we have. This Central CAS server will have access to a central repository of user login informaiton.
The issue that I'm seeing is that there are a few specific users
that I have that will be maintained by Drupal and when I attempt to Login as those users, it does not seem to authenticate me. Is this possible to have it set up this way? Am I barking up the wrong tree? -- [ Drupal support list | http://lists.drupal.org/ ]
<winmail.dat>-- [ Drupal support list | http://lists.drupal.org/ ]
-- [ Drupal support list | http://lists.drupal.org/ ]
<winmail.dat>-- [ Drupal support list | http://lists.drupal.org/ ]
-
Metzler, David -
Scott Matthews