Feature #2356

SSO Authentication (CAS Jasig)

Added by Matthieu MARC almost 9 years ago. Updated almost 5 years ago.

Status:NewStart date:2008-12-18
Priority:NormalDue date:
Assignee:-% Done:

0%

Category:Accounts / authentication
Target version:-
Resolution:

Description

It should be very interesting to integration SSO authentication to permit user to be automaticaly identified if they are already authenticated against an SSO solution. CAS Jasig is a good solution, a ruby on rails client is available : http://www.ja-sig.org/wiki/display/CASC/Ruby+on+Rails+CAS+Client.
So that, user will be identified but SSO can just give back the username. So it can't replace ldap at all, but can be used with ldap : SSO give the username and ldap is used to retrieve information like givenname and email addresse.

redmine-add-cas-support.patch Magnifier - Patch to add CAS support (5.82 KB) Eric Gerlach, 2010-04-23 06:09

redmine-add-cas-support2.patch Magnifier (6.89 KB) Eric Gerlach, 2010-04-23 18:53


Related issues

Related to Redmine - Feature #940: RADIUS authentication support New 2008-03-27
Related to Redmine - Feature #1131: Add support for alternate (non-LDAP) authentication Closed 2008-04-28
Related to Redmine - Feature #2965: CAS Authentication New 2009-03-13
Related to Redmine - Feature #12330: Integrate Kerberos Authentication New

History

#1 Updated by Stephanie Collett almost 9 years ago

An additional possibility is using OpenID as single sign on solution. It can work with LDAP as well.

http://www.openid-ldap.org/

#3 Updated by Eric Gerlach over 7 years ago

Attached is a patch which provides CAS functionality, along with settings to boot. Allows both forced and optional CAS login. Don't know if it's up to code standards, but it's a start, and I'm willing to work on it further. Developed on the Debian version, but applied cleanly to HEAD. Haven't tested it on HEAD, though.

#4 Updated by Eric Gerlach over 7 years ago

Whoops. Previous patch I attached had bugs on head. This patch applies cleanly, and should work perfectly. I'm also working on a few improvements to the logout process, but that requires changes to rubycas-client first.

#5 Updated by Toshi MARUYAMA over 6 years ago

  • Category set to Accounts / authentication

#6 Updated by Thomas B├ętrancourt over 5 years ago

How setup Redmine with CAS on the last stable version of redmine ? (2.0.3)

#7 Updated by Pawel Orzechowski almost 5 years ago

"Same question as Thomas", will this patch work with Redmine 2.x (esspecially 2.1)?

And next question is if this can be implemented as the plugin?

#8 Updated by Nick Tan almost 5 years ago

+1 to implement this plugin, quite useful in enterprise environment, and suitable for modern ALM systems

Also available in: Atom PDF