The aim of the module is to provide authentication against the Yale CAS Authentication service, both by a user+password and a user+ticket combination, so it can be used for direct as well as proxied authentication.

Usage:

1. make
2. make install
3. cp conf/pam_cas.conf /etc/pam_cas.conf
4. edit /etc/pam_cas.conf
5. edit /etc/pam.d/.... (ssh/dovecot/etc)
6. change to something like:

auth 	   sufficient 	pam_unix.so nullok_secure
auth	   sufficient	pam_cas.so use_first_pass
auth	   required	pam_deny.so

Test! (Watch the syslog for authentication attempts)


Changelog:

- 26/Jan/2012: v0.3 Configuration file support added
- 25/Jan/2012: v0.2 CAS full user+pass combo login, and serviceValidate implemented
- 25/Jan/2012: v0.1 Initial code



Useful documentation on CAS:
- http://www.jasig.org/cas/protocol
- http://www.jasig.org/cas/cas2-architecture
- https://wiki.jasig.org/display/CAS/Proxy+CAS+Walkthrough


Credits:
- Config file loading is done by the inih simple C parser (http://code.google.com/p/inih/)
- CAS/PAM code was inspired by the Yale pam_cas module as well as the french esup-portail.org's version.


Contact: Attila Sukosd <[email protected]>
Date: Jan 25, 2012