Apereo CAS 6.0.0 AD configuration

Auther：

Marvin

Create date

2019/03/23

Apereo CAS is an enterprise single sign on open source product. You can use it to do many things like to make a enterprise application portal on mobile app, web and software. I make an example to help you configure Apereo CAS with windows active directory(AD). It tested on version 6.0.0.

# LDAP Auth

cas.authn.ldap[0].type=AD

cas.authn.ldap[0].ldapUrl=ldap://192.168.0.1

cas.authn.ldap[0].useSsl=false

cas.authn.ldap[0].useStartTls=false

# cas.authn.ldap[0].connectTimeout=5000

cas.authn.ldap[0].searchFilter=sAMAccountName={user}

cas.authn.ldap[0].baseDn=dc=sample,dc=com

cas.authn.ldap[0].allowMissingPrincipalAttributeValue=true

cas.authn.ldap[0].subtreeSearch=true

# cas.authn.ldap[0].usePasswordPolicy=true

cas.authn.ldap[0].bindDn=LDAPService@sample.com

cas.authn.ldap[0].bindCredential=Happygo1!

# cas.authn.ldap[0].poolPassivator=NONE|CLOSE|BIND

# cas.authn.ldap[0].enhanceWithEntryResolver=true

cas.authn.ldap[0].dnFormat=%s@sample.com

cas.authn.ldap[0].principalAttributeId=sAMAccountName

# cas.authn.ldap[0].principalAttributePassword

# Give an attribute list released from LDAP to CAS, could be used with attributeRepository.defaultAttributesToRelease to be visible on CAS P3 serviceValidate

cas.authn.ldap[0].principalAttributeList=sAMAccountName,sn,cn,givenName,displayName,memberOf

cas.authn.ldap[0].allowMultiplePrincipalAttributeValues=true

# cas.authn.ldap[0].additionalAttributes=

# cas.authn.ldap[0].credentialCriteria=

Make sure your pom.xml file have follow configuration.

<groupId>org.apereo.cas</groupId>

<artifactId>cas-server-support-ldap</artifactId>

<version>${cas.version}</version>

</dependency>

You can reference our cas-overlay project at https://github.com/MarvinHsu/cas-overlay to see whole setting.

HSU Enterprise Application Stack(HSU EAS) is made by Marvin. You can download from Git Hub. It was made by using main stream Java technology, include Prime Faces(JSF), Spring Boot, Spring Data JPA, Hibernate(JPA) and Spring Security. The goal of EAS is increase productivity, compare with using Java script to develop, it can increase 20%~30% productivity. HSU Common is common library, HSU EAS is main application, HSU EASS is schedule component. I suggest to work with Docker, Kubernates, Openshift an Tanzu. Default account and password is admin and abcd1234

HSU Common Git Hub link

HSU EAS Git Hub link

HSU EASS Git Hub link

HSU EAS Manual link

Support AP Server

AP Server

Tomcat

Jetty

Support Data Base

Data Base

Version

MySQL

5.5+

Oracle

10g+

SQL Server

2008+

DB2

9.7+

PostgreSQL

9.6+

HSU Enterprise Application Stack Portal Suite(HSU EAS Portal Suite) is made by Marvin. You can download from Git Hub. It was made by using main stream Java technology, include Prime Faces(JSF), Spring Boot, Spring Data JPA, Hibernate(JPA) and Apereo CAS. The goal of EAS Portal Suite provide centralized authorization management and applications portal. HSU Common is common library, HSU EASPortal is main portal, HSU EASPortalM is management module, HSU JavaJSFTemplate is demo jsf template java project, HSU EASS is schedule component. I suggest to work with Docker, Kubernates, Openshift an Tanzu. Default account and password is admin and abcd12341!

HSU Common Git Hub link

cas-overlay Git Hub link

HSU EASPortal Git Hub link

HSU EASPortalM Git Hub link