Hello.
I was using otrs 3.3 with Jasig CAS 4.0 for login Agents and Customers, it was all ok, but now I've upgrade to otrs 5.0.14 and with the same code I can't login.
I attach the CAS.pm file and the Config.pm were I put the vars neccesaries in CAS.pm.
Has otrs 5 disable SSO option?
Thanks a lot.
Regards.
OTRS 5.0.14 CAS integration
Moderator: crythias
-
abarreda
- Znuny newbie
- Posts: 7
- Joined: 16 Nov 2016, 10:59
- Znuny Version: 5.0.14
- Real Name: Alejandro
- Company: Indra Sistemas
OTRS 5.0.14 CAS integration
You do not have the required permissions to view the files attached to this post.
Last edited by abarreda on 17 Nov 2016, 14:09, edited 1 time in total.
-
root
- Administrator
- Posts: 4253
- Joined: 18 Dec 2007, 12:23
- Znuny Version: Znuny and Znuny LTS
- Real Name: Roy Kaldung
- Company: Znuny
- Contact:
Re: OTRS 5.0.14 CAS integration
Thank you for your database password. Please remove confential data from all uploaded files.
Back to your question: I've never seen this CAS.pm before and it looks very custom. You have the possibility to migrate this to OTRS 5 on your own (or pay someone for it). I recommend using the mod_auth_cas Module for Apache httpd and configuring OTRS for HTTPBasicAuth. That means you delegate the whole authentication to your webserver and OTRS just grabs the name of the authenticated user from the request variable. It's the same way one configure it for Kerberos SSO.
Back to your question: I've never seen this CAS.pm before and it looks very custom. You have the possibility to migrate this to OTRS 5 on your own (or pay someone for it). I recommend using the mod_auth_cas Module for Apache httpd and configuring OTRS for HTTPBasicAuth. That means you delegate the whole authentication to your webserver and OTRS just grabs the name of the authenticated user from the request variable. It's the same way one configure it for Kerberos SSO.
Znuny and Znuny LTS running on CentOS / RHEL / Debian / SLES / MySQL / PostgreSQL / Oracle / OpenLDAP / Active Directory / SSO
Use a test system - always.
Do you need professional services? Check out https://www.znuny.com/
Do you want to contribute or want to know where it goes ?
Use a test system - always.
Do you need professional services? Check out https://www.znuny.com/
Do you want to contribute or want to know where it goes ?
-
abarreda
- Znuny newbie
- Posts: 7
- Joined: 16 Nov 2016, 10:59
- Znuny Version: 5.0.14
- Real Name: Alejandro
- Company: Indra Sistemas
Re: OTRS 5.0.14 CAS integration
Any tutorial about configure mod_auth_cas with otrs?
I've put this values in auth_cas.conf:
CASCookiePath /var/cache/apache2/mod_auth_cas/
CASLoginURL https://10.22.1.10/icas
CASValidateURL https://10.22.1.10/icas/serviceValidate
CASCertificatePath /opt/certs/indrarailCA.crt
<Directory "/opt/otrs/bin/cgi-bin/">
AuthType CAS
Require valid-user
</Directory>
And in Config.pm this line:
$Self->{'AuthModule'} = 'Kernel::System::Auth::HTTPBasicAuth';
It doesn't redirect to CAS like the other code CAS.pm does and the result is a failure session start.
I've put this values in auth_cas.conf:
CASCookiePath /var/cache/apache2/mod_auth_cas/
CASLoginURL https://10.22.1.10/icas
CASValidateURL https://10.22.1.10/icas/serviceValidate
CASCertificatePath /opt/certs/indrarailCA.crt
<Directory "/opt/otrs/bin/cgi-bin/">
AuthType CAS
Require valid-user
</Directory>
And in Config.pm this line:
$Self->{'AuthModule'} = 'Kernel::System::Auth::HTTPBasicAuth';
It doesn't redirect to CAS like the other code CAS.pm does and the result is a failure session start.
-
root
- Administrator
- Posts: 4253
- Joined: 18 Dec 2007, 12:23
- Znuny Version: Znuny and Znuny LTS
- Real Name: Roy Kaldung
- Company: Znuny
- Contact:
Re: OTRS 5.0.14 CAS integration
Looks like this is the latest manual: https://github.com/Jasig/mod_auth_cas/b ... ter/README But the configuration of the CAS module is not really OTRS related. Sessions could be everything. OTRS session, CAS session. Without any logs, helping won't be possible.
Try to get assistance via Github Issues (repo above).
Try to get assistance via Github Issues (repo above).
Znuny and Znuny LTS running on CentOS / RHEL / Debian / SLES / MySQL / PostgreSQL / Oracle / OpenLDAP / Active Directory / SSO
Use a test system - always.
Do you need professional services? Check out https://www.znuny.com/
Do you want to contribute or want to know where it goes ?
Use a test system - always.
Do you need professional services? Check out https://www.znuny.com/
Do you want to contribute or want to know where it goes ?
-
abarreda
- Znuny newbie
- Posts: 7
- Joined: 16 Nov 2016, 10:59
- Znuny Version: 5.0.14
- Real Name: Alejandro
- Company: Indra Sistemas
Re: OTRS 5.0.14 CAS integration
Hello.
I finally do the login with CAS.
I upload the file.
If you use you have to put this values in Config.pm:
$Self->{'AuthModule'} = 'Kernel::System::Auth::CAS';
$Self->{'Auth::AuthModule::CAS::CAFile'} = 'Directory of CA file in pem format';
$Self->{'Auth::AuthModule::CAS::ServiceUrl'} ='Otrs url';
$Self->{'Auth::AuthModule::CAS::CASUrl'} = 'CAS server url';
Thanks for all, and I expect this will be used for everybody with my problem.
I finally do the login with CAS.
I upload the file.
If you use you have to put this values in Config.pm:
$Self->{'AuthModule'} = 'Kernel::System::Auth::CAS';
$Self->{'Auth::AuthModule::CAS::CAFile'} = 'Directory of CA file in pem format';
$Self->{'Auth::AuthModule::CAS::ServiceUrl'} ='Otrs url';
$Self->{'Auth::AuthModule::CAS::CASUrl'} = 'CAS server url';
Thanks for all, and I expect this will be used for everybody with my problem.
You do not have the required permissions to view the files attached to this post.