Commit 9f018b7e authored by pascal fautrero's avatar pascal fautrero
Browse files

Merge branch 'master' of gitlab.crdp.ac-versailles.fr:pascal.fautrero/cas-jasig-crdp

parents 99720623 82fd66fc
## CAS JASIG used by CRDP
Architecture is described in the chiliproject documentation
......@@ -308,7 +308,7 @@
</executions>
<configuration>
<messagesDirectory>${basedir}/src/main/webapp/WEB-INF/classes/</messagesDirectory>
<mainMessagesFile>messages_en.properties</mainMessagesFile>
<mainMessagesFile>messages_fr.properties</mainMessagesFile>
</configuration>
</plugin>
</plugins>
......
......@@ -19,7 +19,7 @@
##
# Services Management Web UI Security
server.name=https://websso.crdp.local:8443
server.name=https://websso.crdp.ac-versailles.fr
server.prefix=${server.name}/cas
cas.securityContext.serviceProperties.service=${server.prefix}/services/j_acegi_cas_security_check
# Names of roles allowed to access the CAS service manager
......
......@@ -39,23 +39,23 @@ screen.blocked.message=You've entered the wrong password for the user too many t
screen.confirmation.message=Click <a href="{0}">here</a> to go to the application.
#Generic Success Screen Messages
screen.success.header=Log In Successful
screen.success.success=You have successfully logged into the Central Authentication Service.
screen.success.security=For security reasons, please Log Out and Exit your web browser when you are done accessing services that require authentication!
screen.success.header=Connexion réussie
screen.success.success=Vous êtes désormais authentifié sur le SSO du CRDP de l'Académie de Versailles.
screen.success.security=Pour des raisons de sécurité, pensez à fermer votre navigateur après déconnexion.
#Logout Screen Messages
screen.logout.header=Logout successful
screen.logout.success=You have successfully logged out of the Central Authentication Service.
screen.logout.security=For security reasons, exit your web browser.
screen.logout.header=Déconnexion réussie
screen.logout.success=Vous n'êtes plus authentifié sur le SSO du CRDP de l'Académie de Versailles.
screen.logout.security=Pour des raisons de sécurité, fermez votre navigateur.
screen.logout.redirect=The service from which you arrived has supplied a <a href="{0}">link you may follow by clicking here</a>.
screen.service.sso.error.header=Re-Authentication Required to Access this Service
screen.service.sso.error.message=You attempted to access a service that requires authentication without re-authenticating. Please try <a href="{0}">authenticating again</a>.
error.invalid.loginticket=You cannot attempt to re-submit a form that has been submitted already.
required.username=Username is a required field.
required.password=Password is a required field.
error.authentication.credentials.bad=The credentials you provided cannot be determined to be authentic.
required.username=Vous devez saisir un login.
required.password=Vous devez saisir un mot de passe.
error.authentication.credentials.bad=Mot de passe ou login invalide.
error.authentication.credentials.unsupported=The credentials you provided are not supported by CAS.
INVALID_REQUEST_PROXY='pgt' and 'targetService' parameters are both required
......@@ -158,3 +158,5 @@ screen.warnpass.message.line2=You will be redirected to your <a href="{0}">appli
screen.oauth.confirm.header=Authorization
screen.oauth.confirm.message=Do you want to grant access to your complete profile to "{0}" ?
screen.oauth.confirm.allow=Allow
use.your.login=Utilisez vos identifiants du crdp de l'Académie de Versailles pour vous authentifier.
......@@ -127,7 +127,7 @@
<bean class="org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler"
p:filter="uid=%u"
p:searchBase="ou=people,dc=crdp,dc=local"
p:searchBase="ou=people,dc=crdp-versailles,dc=fr"
p:contextSource-ref="contextSource"
p:ignorePartialResultException="true"/>
......@@ -148,7 +148,7 @@
<!-- <sec:user name="@@THIS SHOULD BE REPLACED@@" password="notused" authorities="ROLE_ADMIN" />-->
<sec:user-service id="userDetailsService">
<sec:user name="toto" password="notused" authorities="ROLE_ADMIN" />
<sec:user name="pfautrero" password="notused" authorities="ROLE_ADMIN" />
</sec:user-service>
......@@ -194,13 +194,49 @@
<property name="serviceId" value="^https://websso.crdp.local:8443/cas/services/*" />
<property name="evaluationOrder" value="10000001" />
</bean> -->
<bean class="org.jasig.cas.services.RegisteredServiceImpl">
<bean class="org.jasig.cas.services.RegisteredServiceImpl">
<property name="id" value="0" />
<property name="name" value="HTTP and IMAP" />
<property name="description" value="Allows HTTP(S) and IMAP(S) protocols" />
<property name="serviceId" value="https://websso.crdp.local:8443/cas/services/**" />
<property name="evaluationOrder" value="10000001" />
</bean>
<property name="name" value="services manager" />
<property name="description" value="Access to services manager" />
<property name="serviceId" value="https://websso.crdp.ac-versailles.fr/cas/services/**" />
<property name="evaluationOrder" value="0" />
</bean>
<bean class="org.jasig.cas.services.RegisteredServiceImpl">
<property name="id" value="1" />
<property name="name" value="Athena" />
<property name="description" value="Access to elearning plateform" />
<property name="serviceId" value="http://athena.ac-versailles.fr/**" />
<property name="evaluationOrder" value="1" />
</bean>
<bean class="org.jasig.cas.services.RegisteredServiceImpl">
<property name="id" value="2" />
<property name="name" value="Profil Tice" />
<property name="description" value="Access to Profil Tice" />
<property name="serviceId" value="http://www.tice.ac-versailles.fr/profil-tice/**" />
<property name="evaluationOrder" value="2" />
</bean>
<bean class="org.jasig.cas.services.RegisteredServiceImpl">
<property name="id" value="3" />
<property name="name" value="Label Tice" />
<property name="description" value="Access to Label Tice" />
<property name="serviceId" value="http://www.labeltice.ac-versailles.fr/**" />
<property name="evaluationOrder" value="3" />
</bean>
<bean class="org.jasig.cas.services.RegisteredServiceImpl">
<property name="id" value="4" />
<property name="name" value="Label Tice" />
<property name="description" value="Access to Label Tice" />
<property name="serviceId" value="http://labeltice.ac-versailles.fr/**" />
<property name="evaluationOrder" value="4" />
</bean>
<bean class="org.jasig.cas.services.RegisteredServiceImpl">
<property name="id" value="5" />
<property name="name" value="Label Tice" />
<property name="description" value="Access to Label Tice" />
<property name="serviceId" value="http://www.labeltice.fr/**" />
<property name="evaluationOrder" value="5" />
</bean>
</list>
</property>
</bean>
......@@ -268,9 +304,9 @@
<bean id="contextSource" class="org.springframework.ldap.core.support.LdapContextSource">
<property name="pooled" value="false"/>
<property name="url" value="ldap://websso.crdp.local:389"/>
<property name="userDn" value="cn=admin,dc=crdp,dc=local"/>
<property name="password" value="crdp213"/>
<property name="url" value="ldaps://masterldap.in.vty.crdp.ac-versailles.fr:636"/>
<property name="userDn" value="uid=cas,ou=system,dc=crdp-versailles,dc=fr"/>
<property name="password" value="3!ExaL0MtuZ"/>
<property name="baseEnvironmentProperties">
<map>
<entry key="com.sun.jndi.ldap.connect.timeout" value="3000"/>
......
......@@ -75,7 +75,7 @@
<bean id="notAuthorizedEntryPoint" class="org.springframework.security.web.authentication.Http403ForbiddenEntryPoint" />
<bean id="casAuthenticationProvider" class="org.springframework.security.cas.authentication.CasAuthenticationProvider"
p:key="crdp213"
p:key="Fex55_v0!"
p:serviceProperties-ref="serviceProperties"
p:userDetailsService-ref="userDetailsService">
<property name="ticketValidator">
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment