Skip to content
A pam module for the Yale CAS authentication
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
conf
Makefile
README
cas.c
cas.h
config.c
config.h
ini.c
ini.h
pam_cas.c
test-pt.c
test.c
url.c
url.h

README

The aim of the module is to provide authentication against the Yale CAS Authentication service, both by a user+password and a user+ticket combination, so it can be used for direct as well as proxied authentication.

Usage:

1. make
2. make install
3. cp conf/pam_cas.conf /etc/pam_cas.conf
4. edit /etc/pam_cas.conf
5. edit /etc/pam.d/.... (ssh/dovecot/etc)
6. change to something like:

auth 	   sufficient 	pam_unix.so nullok_secure
auth	   sufficient	pam_cas.so use_first_pass
auth	   required	pam_deny.so

Test! (Watch the syslog for authentication attempts)


Changelog:

- 26/Jan/2012: v0.3 Configuration file support added
- 25/Jan/2012: v0.2 CAS full user+pass combo login, and serviceValidate implemented
- 25/Jan/2012: v0.1 Initial code



Useful documentation on CAS:
- http://www.jasig.org/cas/protocol
- http://www.jasig.org/cas/cas2-architecture
- https://wiki.jasig.org/display/CAS/Proxy+CAS+Walkthrough


Credits:
- Config file loading is done by the inih simple C parser (http://code.google.com/p/inih/)
- CAS/PAM code was inspired by the Yale pam_cas module as well as the french esup-portail.org's version.


Contact: Attila Sukosd <attila@cc.dtu.dk>
Date: Jan 25, 2012
You can’t perform that action at this time.