[horde] Horde Imp CAS Authentication
Laura McCord
mccordl at southwestern.edu
Thu Nov 3 15:09:51 UTC 2011
Dom,
Is that what imapproxy is used for? Or, is that something different?
Laura
On 11/3/11 10:06 AM, LALOT Dominique wrote:
>
>
> 2011/11/3 Laura McCord <mccordl at southwestern.edu
> <mailto:mccordl at southwestern.edu>>
>
> Xavier,
>
> Thanks for the reply. I set the parameter to be blank and I
> bypassed the error message. I haven't configured our imap mail
> server yet. I was planning on installing the pam_cas module. Right
> now, I am figuring the reason why I am getting the too many
> redirects error is because it's trying to get a response from the
> imap server but since I don't have the pam_cas module installed it
> keeps trying to validate but it's getting no response. Hopefully I
> can get that module installed soon.
>
> Thanks,
> Laura
>
>
> Don't forget then to cache the credential on the imap server if you
> don't want to ask for a proxy ticket each time you click on a mail.
> Dom
>
>
>
> On 11/2/11 12:37 PM, Xavier Montagutelli wrote:
>
> Hi Laura,
>
> On Thursday 27 October 2011 19:54:07 Laura McCord wrote:
>
> Xavier,
>
> I have a question about the conf.php file. I am stuck on
> the SSL CA
> Cert. Do I put the path of my horde server .crt file or do
> I put in the
> path to my CAS server certificates? And if it's the cas
> server does
> that mean the path to cacerts?
>
> I received the following error:
>
> "could not open URL .... (CURL error #77: Problem with the
> SSL CA cert
> (path? access rights?)) [Client.php:2595]"
>
> (I was on vacation the past days)
>
> $conf['auth']['params']['cas_cacert'] indicates the path,
> local to your horde
> server, to a file containing the certificate of the CA having
> issued the
> certificate of the CAS server. Or the certificate of the root
> authority if
> intermediate CA are in the chain.
>
> i.e. if the certificate of your CAS server is ultimately
> signed by "GTE
> CyberTrust Global root", you should be able to indicate
> "/etc/ssl/certs/GTE_CyberTrust_Global_Root.pem" if you are
> under Debian.
>
> This parameter is directly passed to the phpCAS library
> (phpCAS::setCasServerCACert). I suppose the file can be a
> bundle of known
> certificates.
>
> In practice, you can also try to put the complete chain (AC 1
> -> AC 2 -> root
> AC) in the file, if intermediate authorities are involved.
>
> If you have problems with it, in a step by step approach, you
> can also leave
> it blank : no verification of the CAS server certificate will
> be made.
>
> HTH,
>
>
> Thanks,
> Laura
>
> On 10/26/11 6:50 AM, Xavier Montagutelli wrote:
>
> On Tuesday 25 October 2011 12:03:58 Maciej Uhlig wrote:
>
> W dniu 2011-10-25 10:48, Jan Schneider pisze:
>
> Zitat von Laura
> McCord<mccordl at southwestern.edu
> <mailto:mccordl at southwestern.edu>>:
>
> Hi,
>
> I am trying to perform Horde WebMail
> authentication using CAS. I was
> wondering if this documentation is still
> relevant that is found here
> (Horde 3):
> http://wiki.horde.org/CASAuthHowTo
> http://www.esup-portail.org/display/PROJHORDE/Installation+de+Horde-we
> bm ail
>
> Not for Horde 4.
>
> As far as I can see the second link above points
> to installation with
> Horde 4 information too.
>
> MU
>
> We have developed a new driver to authenticate users
> against a CAS
> server. The driver is still in a "rough" shape, but it
> is useable. I am
> afraid I can't afford spending more time on this
> project right now, I
> hope it will be enough for you.
>
> The documentation is in english if you retrieve the
> whole SVN project
> http://subversion.cru.fr/esup-horde/trunk
>
> Feel free to post on this list or directly to me if
> you need help.
>
> HTH,
>
>
>
> --
> Horde mailing list
> Frequently Asked Questions: http://horde.org/faq/
> To unsubscribe, mail: horde-unsubscribe at lists.horde.org
> <mailto:horde-unsubscribe at lists.horde.org>
>
>
>
>
> --
> Dominique LALOT
> Ingénieur Systèmes et Réseaux
> http://annuaire.univmed.fr/showuser.php?uid=lalot
More information about the horde
mailing list