Skip to Content.
Sympa Menu

grouper-users - Re: [grouper-users] CAS authentication for Grouper

Subject: Grouper Users - Open Discussion List

List archive

Re: [grouper-users] CAS authentication for Grouper

Chronological Thread 
  • From: "GW Brown, Information Systems and Computing" <>
  • To: Baron Fujimoto <>
  • Cc:
  • Subject: Re: [grouper-users] CAS authentication for Grouper
  • Date: Mon, 17 Oct 2011 10:01:37 +0100

--On 14 October 2011 16:09 -1000 Baron Fujimoto

: What is your searchSubjectByIdentifier definition? I think this
: gives you the flexibility to set an arbitrary filter to map the
: REMOTE_USER to the appropriate LDAP attribute.

(&amp; (uid=%TERM%) (objectclass=uhEduPerson))

If I understand this correctly, then as long as %TERM% is being set to the
REMOTE_USER, it should be searching the right thing in LDAP. It appears
to work as expected in another deployment where I'm still using a
tomcat-users.xml conf file to define the grouper users and their
That is right, however, I think there is an error before you get to this stage - the CAS client library supplied with the contribution is very old and it looks like there may be a problem parsing the CAS response XML. This could happen if you were validating the ticket against a validator which returns SAML / multiple attributes. Currently only CAS 2 messages are understood.


GW Brown, IT Services

Archive powered by MHonArc 2.6.16.

Top of Page