Single Sign On¶
Server¶
For Single Sign On (SSO) we use Central Authentication Service (CAS).
As a CAS server we use rubycas-server which is running on Herman. This server is configured to use our LDAP database to verify the user credentials.
There is currently no init script, i.e. the cas server needs to be started manually. In order to do so execute rubycas-server &
. If you need to stop the server you need to do this with kill
.
Search for the configuration in /etc/rubycas-server/config.yml
.
There is a theme in the colors of the Pirate Party Switzerland available at the GitHub account of Corvus. This Theme is currently installed at /usr/lib/ruby/gems/1.8/gems/rubycas-server-1.1.1/public/themes/
which wont survive an update. The correct place would be /etc/rubycas-server/public/themes/
. rubycas-server only picks up this custom theme at the correct location, when the variable public_dir
is set in the config file.
Clients¶
Redmine¶
Redmine uses the module redmine_cas in order to make use of the cas server. This module uses the client library which is written by the same developers as the server. Unfortunately the installed version of this module does not handle things very well. The issue was that there were too many redirects. In order to make things work I changed the module to not execute the redirect which Redmine passes along with the service URL the the CAS server. Probably a newer version of this module does not have this Problem anymore.
Drupal¶
Used the modules http://drupal.org/project/cas and http://drupal.org/project/cas_attributes.