La liste d'utilisateurs n'est pas rendue car vous ne possédez pas les droits d'accès nécessaires pour afficher les profils utilisateur.
Historique de la page
This page shows how the esup-helpdesk application can be deployed with CAS, Shibboleth and application authentications.
Shibboleth
Frontal server
The Shibboleth authentication is performed by a frontal Apache proxy server with mod_shib (e.g. frontal.domain.edu). The frontal This server proxies all the requests to an application server , served by Tomcat (e.g. application.domain.edu), served by Tomcat and on which the esup-helpdesk application is installed.
| Bloc de code |
|---|
<VirtualHost frontal.domain.edu:80> |
...
ServerName frontal.domain.edu VirtualDocumentRoot /data/webapps/ |
...
frontal.domain.edu ProxyPass /esup-helpdesk ajp:// |
...
application. |
...
domain. |
...
edu:8080/ |
...
esup- |
...
helpdesk min=0 max=100 smax=50 ttl=10 timeout=60 |
...
- ProxyPass /germes http://frontalhttp.univ-rennes1.fr/cgi-bin/printenv.pl
#directive ci-dessous necessaire, sinon /shibboleth est envoye vers ginkgo
Proxypass /shibboleth !
ProxyPass / ajp://ginkgo.univ-rennes1.fr:9597/ min=0 max=100 smax=50 ttl=10 timeout=60 route=ori-oai-webdav-shib
ProxyErrorOverride On
ErrorDocument 403 "Vous n'êtes pas autorisé à accéder à la ressource."
...
Proxypass /shibboleth !
ProxyErrorOverride On
ErrorDocument 403 "You are not allowed!"
<Location ~ "/esup-helpdesk/stylesheets/shibboleth.faces">
AuthType shibboleth
ShibRequireSession On
require valid-user
</Location>
</VirtualHost>
|
CAS
Application server until version 3.29.11
The configuration of esup-helpdesk on the application server is:
| Bloc de code | ||
|---|---|---|
| ||
quick-start=true
tomcat.host=frontal.domain.edu
tomcat.ajp-port=8080
tomcat.cas-port=80
tomcat.path=/esup-helpdesk |
| Bloc de code | ||
|---|---|---|
| ||
auth.useCas=true
auth.useShibboleth=true
auth.useApplication=true
cas.url=https://cas.domain.edu
app.servletUrl=http://frontal.domain.edu/esup-helpdesk |
Application server from version 3.30
The configuration of esup-helpdesk on the application server is:
| Bloc de code | ||
|---|---|---|
| ||
<filter>
<description>
The CAS filter, used to authenticate users.
</description>
<display-name>CASFilter</display-name>
<filter-name>CAS Filter</filter-name>
<filter-class>
edu.yale.its.tp.cas.client.filter.CASFilter
</filter-class>
<init-param>
<param-name>
edu.yale.its.tp.cas.client.filter.loginUrl
</param-name>
<param-value>
https://cas.domain.edu/login
</param-value>
</init-param>
<init-param>
<param-name>
edu.yale.its.tp.cas.client.filter.validateUrl
</param-name>
<param-value>
https://cas.domain.edu/serviceValidate
</param-value>
</init-param>
<init-param>
<param-name>
edu.yale.its.tp.cas.client.filter.serverName
</param-name>
<param-value>helpdesk.domain.edu</param-value>
</init-param>
<init-param>
<param-name>
edu.yale.its.tp.cas.client.filter.wrapRequest
</param-name>
<param-value>true</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CAS Filter</filter-name>
<url-pattern>/stylesheets/cas.faces</url-pattern>
</filter-mapping> |
| Bloc de code | ||
|---|---|---|
| ||
auth.useCas=true
auth.useShibboleth=true
auth.useApplication=true
cas.url=https://cas.domain.edu
app.servletUrl=http://helpdesk.domain.edu |
Vue d'ensemble
Gestion des contenus