Download & Extend
CAS » Issues

Use Drupal roles returned by CAS Server

Posted by jpcurley25 on June 11, 2011 at 6:13pm
Project:CAS
Version:6.x-3.x-dev
Component:CAS
Category:feature request
Priority:normal
Assigned:Unassigned
Status:active

Issue Summary

It appears that this is not possible as of yet for drupal CAS, but I thought I'd check in to be sure because it seems like a potentially useful feature to implement if cannot currently be done.

I have all my users and user roles stored on example.com which is both my drupal home page as well as my CAS server. (Is that wrong to do? My single SSL certificate is bound to example.com rather than cas.example.com... is there a setup workaround or helpful link describing one?)

site.example.com is running as a CAS client on a separate IP address using example.com as its CAS server

I have three different user types on my CAS server, and I plan on adding more later. When a CAS login occurs, is it possible for the CAS client that receives the user ticket to recognize which local user type a CAS user belongs to?

Better yet, is it possible to have user types passed between CAS sites with a CAS login rather than determining their roles locally and declaring all incoming logins as uniform "CAS users"?

Thanks for any input or advice! I am still relatively new to drupal.

~Jason

Login or register to post comments

Comments

#1

Posted by metzlerd on June 13, 2011 at 3:02pm

Not currently. Others have asked for this, and I've basically decided that we need to provide cas attribute support for the cas server module which might make this possible in the future. Patches for this are welcome, but it will likely be late summer before I get around to working on this.

#2

Posted by bfroehle on June 13, 2011 at 6:03pm

Like David, I agree that this would be great to see, however I'm not going to have time in the next few months to devote to it.

#3

Posted by bfroehle on July 1, 2011 at 3:51am

Basic attribute support for CAS Server is underway in #1181310-7: Let cas_server module send attributes.

#4

Posted by jpcurley25 on July 2, 2011 at 4:08pm

Fantastic!

#5

Posted by bfroehle on August 26, 2011 at 10:56pm
Status:active» postponed

I'm marking this as postponed until #1181310: Let cas_server module send attributes is resolved.

#6

Posted by bfroehle on October 27, 2011 at 7:05pm

Marked #1262766: Share user avatar data between instances as a duplicate.

#7

Posted by bfroehle on April 9, 2012 at 6:41pm
Title:Pass user roles on CAS login» Use Drupal roles returned by CAS Server
Version:6.x-3.0» 6.x-3.x-dev
Category:support request» feature request
Status:postponed» active

Rudimentary CAS Server attributes (including Drupal role support) is now in the 6.x-3.x-dev version of the module. Changing this issue status accordingly.

You may also want to consider using the CAS Attributes module which recently gained this support in #1400466: Combine cas attributes roles module.