-
Notifications
You must be signed in to change notification settings - Fork 6
/
README
39 lines (25 loc) · 1.16 KB
/
README
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
The aim of the module is to provide authentication against the Yale CAS Authentication service, both by a user+password and a user+ticket combination, so it can be used for direct as well as proxied authentication.
Usage:
1. make
2. make install
3. cp conf/pam_cas.conf /etc/pam_cas.conf
4. edit /etc/pam_cas.conf
5. edit /etc/pam.d/.... (ssh/dovecot/etc)
6. change to something like:
auth sufficient pam_unix.so nullok_secure
auth sufficient pam_cas.so use_first_pass
auth required pam_deny.so
Test! (Watch the syslog for authentication attempts)
Changelog:
- 26/Jan/2012: v0.3 Configuration file support added
- 25/Jan/2012: v0.2 CAS full user+pass combo login, and serviceValidate implemented
- 25/Jan/2012: v0.1 Initial code
Useful documentation on CAS:
- http://www.jasig.org/cas/protocol
- http://www.jasig.org/cas/cas2-architecture
- https://wiki.jasig.org/display/CAS/Proxy+CAS+Walkthrough
Credits:
- Config file loading is done by the inih simple C parser (http://code.google.com/p/inih/)
- CAS/PAM code was inspired by the Yale pam_cas module as well as the french esup-portail.org's version.
Contact: Attila Sukosd <[email protected]>
Date: Jan 25, 2012