[LON-CAPA-admin] JA-SIG/Yale CAS with LON-CAPA

H.K. Ng hkng at fsu.edu
Thu Apr 2 07:02:27 EDT 2009 

Hi,

We have being using the JA-SIG CAS (aka Yale authentication) login 
for a few years in addition to the LDAP login. CAS is supported by 
LON-CAPA (thanks to Guy!) and after installing mod_cas, there isn't 
that much more to do except setting a few configuration parameters 
for the apache. The advantage of CAS login is that a user can move 
from one application to another w/o having to re-login. If you need 
more details let me know.

-hk



At 04:31 AM 4/2/2009, you wrote:
>Hi Mike,
>
>I don't know JA-SIG CAS, but some general comments which may be helpful:
>
>We are using the university's LDAP server to offer centralized
>authentication for LON-CAPA. All students re-use their already existing
>user account. However, LON-CAPA has its own user management and new
>users need a) to create their own LON-CAPA accounts, e.g. in the process
>of self-enrollment or b) are automatically provided with the account,
>e.g. by using auto-enrollment with the data from the registrar's office
>or by uploading classlists.
>
>Technically, the server script lonlocal.pm is adjusted so that the LDAP
>server is connected to authenticate all locally authenticated LON-CAPA
>users. No special login screen is needed (and doesn't make much sense
>with regard to what I explained above). Just set the user's
>authentication to locally.
>
>All this is confirmed to make many things much easier and works fine
>with only few special configuration needed.
>
>Stefan Bisitz
>
>
>On 31.03.2009, 14:13 -0700, Mike Stanger wrote:
> > We're considering integrating JA-SIG CAS (Central Authentication
> > System) with LON-CAPA.  I'm wondering what other schools' experience
> > has been with using CAS in LON-CAPA? Is there a 'right way' to go
> > about it?  My initial thought on how to put it in place is to protect
> > the entire space with mod_cas and grab the authenticated users from
> > apache's REMOTE-USER env var, completely overriding the initial login
> > page, which seems a bit kludgy.
> >
> >
> > Any comments from those have experimented with, or are currently
> > running LON-CAPA with CAS would be greatly appreciated.
> >
> >
> > Cheers,
> > Mike
> >
> >
> >
> >
> >
> >
> > +------------------------
> > |Mike Stanger
> > |Systems Consultant, ICAT
> > |SH1023 Simon Fraser University
> > |Burnaby, BC Canada V5A 1S6
> > |Phone: (778) 782-3361
> > |FAX: (778) 782-4242
> > |email: mstanger at sfu.ca
> > |http://www.sfu.ca/~mstanger
>
>
>_______________________________________________
>LON-CAPA-admin mailing list
>LON-CAPA-admin at mail.lon-capa.org
>http://mail.lon-capa.org/mailman/listinfo/lon-capa-admin

More information about the LON-CAPA-admin mailing list