Feature #2356
SSO Authentication (CAS Jasig)
| Status: | New | Start date: | 2008-12-18 | |
|---|---|---|---|---|
| Priority: | Normal | Due date: | ||
| Assignee: | - | % Done: | 0% |
|
| Category: | Accounts / authentication | |||
| Target version: | - | |||
| Resolution: |
Description
It should be very interesting to integration SSO authentication to permit user to be automaticaly identified if they are already authenticated against an SSO solution. CAS Jasig is a good solution, a ruby on rails client is available : http://www.ja-sig.org/wiki/display/CASC/Ruby+on+Rails+CAS+Client.
So that, user will be identified but SSO can just give back the username. So it can't replace ldap at all, but can be used with ldap : SSO give the username and ldap is used to retrieve information like givenname and email addresse.
redmine-add-cas-support.patch - Patch to add CAS support
(5.8 kB)
redmine-add-cas-support2.patch
(6.9 kB)
Related issues
History
#1 Updated by Stephanie Collett over 3 years ago
An additional possibility is using OpenID as single sign on solution. It can work with LDAP as well.
#2 Updated by Sergio Rubio over 2 years ago
See this patch:
#3 Updated by Eric Gerlach about 2 years ago
- File redmine-add-cas-support.patch added
Attached is a patch which provides CAS functionality, along with settings to boot. Allows both forced and optional CAS login. Don't know if it's up to code standards, but it's a start, and I'm willing to work on it further. Developed on the Debian version, but applied cleanly to HEAD. Haven't tested it on HEAD, though.
#4 Updated by Eric Gerlach about 2 years ago
- File redmine-add-cas-support2.patch added
Whoops. Previous patch I attached had bugs on head. This patch applies cleanly, and should work perfectly. I'm also working on a few improvements to the logout process, but that requires changes to rubycas-client first.
#5 Updated by Toshi MARUYAMA about 1 year ago
- Category set to Accounts / authentication