fusionforge-plugin-authcas
--------------------------

This is the external CAS authentication plugin for FusionForge. It is
meant to be used in conjunction with the AuthLDAP plugin : CAS
validates lognames (SSO perceived by the user) while LDAP retrieves
her attributes.

ATTENTION : if used with DB users (without LDAP), nothing guarantees
that users logging in through CAS will be owners of the FusionForge
accounts with the same login. This could leak to account hijacking.

Installation:

- files from include/ go to /usr/share/gforge/plugins/authcas/include/
- files from www/ go to /usr/share/gforge/www/plugins/authcas/

Setup:

- customise /etc/fusionforge/config.ini.d/authcas.ini to match your
LDAP installation (server, base DN, and mapping)
- /usr/share/gforge/bin/register-plugin authcas "CAS external
authentication"

Voilà, you can now log into FusionForge with your existing CAS
session.  Your account will be created the first time you log in
(which means you can't add someone to a group before his/her first
login).

In case of trouble integrating with your CAS server, it is recommended
to uncomment the phpCAS::setDebug() line in the plugin's
post-login.php script, and check the phpCAS logs in /tmp.

Don't forget to check that the example_simple.php shipped with your
the phpCAS library works for your server with the corresponding
settings (compare the post-login.php code with the one in
simple_example.php, check the /tmp logs with setDebug on, etc.).

 -- Olivier Berger <obergix@debian.org>, Fri, 15 Jun 2012 17:45:23 +0200

External requirement:

* phpCAS from https://wiki.jasig.org/display/CASC/phpCAS
	Tested with 1.3.1

Local Variables:
mode: readme-debian
End: