SSO Authentication (CAS Jasig)
|Category:||Accounts / authentication|
It should be very interesting to integration SSO authentication to permit user to be automaticaly identified if they are already authenticated against an SSO solution. CAS Jasig is a good solution, a ruby on rails client is available : http://www.ja-sig.org/wiki/display/CASC/Ruby+on+Rails+CAS+Client.
So that, user will be identified but SSO can just give back the username. So it can't replace ldap at all, but can be used with ldap : SSO give the username and ldap is used to retrieve information like givenname and email addresse.
#2 Updated by Sergio Rubio over 8 years ago
See this patch:
#3 Updated by Eric Gerlach over 8 years ago
- File redmine-add-cas-support.patch added
Attached is a patch which provides CAS functionality, along with settings to boot. Allows both forced and optional CAS login. Don't know if it's up to code standards, but it's a start, and I'm willing to work on it further. Developed on the Debian version, but applied cleanly to HEAD. Haven't tested it on HEAD, though.
#4 Updated by Eric Gerlach over 8 years ago
- File redmine-add-cas-support2.patch added
Whoops. Previous patch I attached had bugs on head. This patch applies cleanly, and should work perfectly. I'm also working on a few improvements to the logout process, but that requires changes to rubycas-client first.