Apereo CAS is an enterprise single sign on open source product. You can use it to do many things like to make a enterprise application portal on mobile app, web and software. Today I will make an example to tell you how to configure Apereo CAS with windows active directory(AD).

I use war overlay method to overlay CAS web. You can download maven overlay project on this link https://github.com/apereo/cas-overlay-template. Then you can import the project into eclipse. Finally, make sure your properties file (application.properties) have follow configuration. It tested on version 5.1.4.

# LDAP Auth

cas.authn.ldap[0].type=AD

# Change to your AD domain control server ip

cas.authn.ldap[0].ldapUrl=ldap://192.168.0.33

cas.authn.ldap[0].useSsl=false

cas.authn.ldap[0].useStartTls=false

# Change to your AD domain

cas.authn.ldap[0].baseDn=dc=eas,dc=com

cas.authn.ldap[0].userFilter=sAMAccountName={user}

cas.authn.ldap[0].subtreeSearch=true

# Change to your AD account, group is users

cas.authn.ldap[0].bindDn=LDAPService@eas.com

cas.authn.ldap[0].bindCredential=abcd12341!

cas.authn.ldap[0].dnFormat=%s@eas.com

cas.authn.ldap[0].principalAttributeId=sAMAccountName

# Give an attribute list released from LDAP to CAS, could be used with attributeRepository.defaultAttributesToRelease to be visible on CAS P3 serviceValidate

cas.authn.ldap[0].principalAttributeList=sAMAccountName,sn,cn,givenName,displayName

cas.authn.ldap[0].validateOnCheckout=true

cas.authn.ldap[0].validatePeriodically=true

Make sure your pom.xml file have follow configuration.

         org.apereo.cas

         cas-server-support-ldap

         ${cas.version}