CAS V7.0 + MFA GOOGLE AUTHENTICATOR + LDAP
34 views
Skip to first unread message
Issaka Rabo Moutari
Jul 4, 2024, 6:58:27 AMJul 4
to cas-...@apereo.org
Bonjour a tous,
Nous voulons utiliser le mfa google auth + LDAP mais je n'arrive pas à adopter ma config cas.properties et users.ldif pour stocker les codes.
svp : explique moi comment faire
users.ldif =============================================
dn: ou=users,dc=example,dc=fr
objectClass: organizationalUnit
ou: users
dn: cn=John Doe,ou=users,dc=example,dc=fr
objectClass: inetOrgPerson
objectClass: extensibleObject
sn: Doe
givenName: John
cn: John Doe
displayName: John Doe
uid: jdoe
userPassword: {CLEARTEXT}password123
mail: jd...@example.fr
dn: cn=Jane Smith,ou=users,dc=example,dc=fr
objectClass: inetOrgPerson
objectClass: extensibleObject
sn: Smith
givenName: Jane
cn: Jane Smith
displayName: Jane Smith
uid: jsmith
userPassword: {CLEARTEXT}password123
mail: jsm...@example.fr
objectClass: organizationalUnit
ou: users
dn: cn=John Doe,ou=users,dc=example,dc=fr
objectClass: inetOrgPerson
objectClass: extensibleObject
sn: Doe
givenName: John
cn: John Doe
displayName: John Doe
uid: jdoe
userPassword: {CLEARTEXT}password123
mail: jd...@example.fr
dn: cn=Jane Smith,ou=users,dc=example,dc=fr
objectClass: inetOrgPerson
objectClass: extensibleObject
sn: Smith
givenName: Jane
cn: Jane Smith
displayName: Jane Smith
uid: jsmith
userPassword: {CLEARTEXT}password123
mail: jsm...@example.fr
========== cas.properties: ===============
# LDAP Configuration
cas.authn.ldap[0].type=AUTHENTICATED
cas.authn.ldap[0].principal-attributeList=id,mail
cas.authn.ldap[0].ldap-url=ldap://localhost:389
cas.authn.ldap[0].search-filter=(uid={user})
cas.authn.ldap[0].bind-dn=cn=admin,dc=example,dc=fr
cas.authn.ldap[0].bind-credential=xxxxxxx
cas.authn.ldap[0].base-dn=ou=users,dc=example,dc=fr
cas.authn.ldap[0].subtree-search=true
# Google Authenticator Configuration
cas.authn.mfa.triggers.global.global-provider-id=gauth
# Google Authenticator LDAP Configuration
cas.authn.mfa.gauth.ldap.account-attribute-name=casGAuthRecord
cas.authn.mfa.gauth.ldap.base-dn=ou=users,dc=example,dc=fr
cas.authn.mfa.gauth.ldap.bind-credential=xxxxxx
cas.authn.mfa.gauth.ldap.bind-dn=cn=admin,dc=example,dc=fr
cas.authn.mfa.gauth.ldap.ldap-url=ldap://localhost:389
cas.authn.mfa.gauth.ldap.search-filter=(uid={user})
cas.authn.ldap[0].type=AUTHENTICATED
cas.authn.ldap[0].principal-attributeList=id,mail
cas.authn.ldap[0].ldap-url=ldap://localhost:389
cas.authn.ldap[0].search-filter=(uid={user})
cas.authn.ldap[0].bind-dn=cn=admin,dc=example,dc=fr
cas.authn.ldap[0].bind-credential=xxxxxxx
cas.authn.ldap[0].base-dn=ou=users,dc=example,dc=fr
cas.authn.ldap[0].subtree-search=true
# Google Authenticator Configuration
cas.authn.mfa.triggers.global.global-provider-id=gauth
# Google Authenticator LDAP Configuration
cas.authn.mfa.gauth.ldap.account-attribute-name=casGAuthRecord
cas.authn.mfa.gauth.ldap.base-dn=ou=users,dc=example,dc=fr
cas.authn.mfa.gauth.ldap.bind-credential=xxxxxx
cas.authn.mfa.gauth.ldap.bind-dn=cn=admin,dc=example,dc=fr
cas.authn.mfa.gauth.ldap.ldap-url=ldap://localhost:389
cas.authn.mfa.gauth.ldap.search-filter=(uid={user})
Reply all
Reply to author
Forward
0 new messages