diff --git a/dicos/70_lemonldap_ng.xml b/dicos/70_lemonldap_ng.xml
index 5a226a1..30bea97 100644
--- a/dicos/70_lemonldap_ng.xml
+++ b/dicos/70_lemonldap_ng.xml
@@ -7,6 +7,9 @@
+
+
+
lemonldap-ng-fastcgi-server
80
@@ -38,6 +41,16 @@
+
+ cas
+
+
+ oui
+
+
+
+ non
+
Configuration DNS
@@ -71,6 +84,7 @@
non
lemon
+ lemonCAS
LemonLDAP
saLemon
diff --git a/tmpl/cas.inc.php.tmpl b/tmpl/cas.inc.php.tmpl
new file mode 100644
index 0000000..eb81961
--- /dev/null
+++ b/tmpl/cas.inc.php.tmpl
@@ -0,0 +1,27 @@
+
diff --git a/tmpl/eoleCASConfig.php.tmpl b/tmpl/eoleCASConfig.php.tmpl
new file mode 100644
index 0000000..d260ac4
--- /dev/null
+++ b/tmpl/eoleCASConfig.php.tmpl
@@ -0,0 +1,7 @@
+
diff --git a/tmpl/lmConf-1.js b/tmpl/lmConf-1.js
index 7617c34..1411344 100644
--- a/tmpl/lmConf-1.js
+++ b/tmpl/lmConf-1.js
@@ -25,7 +25,7 @@
"timeoutActivity": 0,
"oidcRPMetaDataExportedVars": {},
"issuerDBSAMLActivation": 0,
- "issuerDBCASPath": "^/cas/",
+ "issuerDBCASPath": "^/%%casFolder/",
"randomPasswordRegexp": "[A-Z]{3}[a-z]{5}.\\d{2}",
"samlIDPSSODescriptorSingleSignOnServiceSOAP": "urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/singleSignOnSOAP;",
"samlSPSSODescriptorSingleLogoutServiceHTTPPost": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/proxySingleLogout;#PORTAL#/saml/proxySingleLogoutReturn",
diff --git a/tmpl/pam_cas_auth.conf b/tmpl/pam_cas_auth.conf
new file mode 100644
index 0000000..7383d21
--- /dev/null
+++ b/tmpl/pam_cas_auth.conf
@@ -0,0 +1,35 @@
+# sample pam_cas config
+
+# host from CAS server. mandatory
+host %%authWebName
+
+# port from CAS server. Default to 80 or 443, depends from ssl instruction
+port 443
+
+# uri to validate ticket. Default to /proxyValidate
+uriValidate /proxyValidate
+
+# https or no. values on or off. Default to on.
+ssl on
+
+# debug (on) or no (off). debug in syslog, level LOG_DEBUG. Default to off
+debug off
+
+# proxy or proxies who deliver Proxy Ticket.
+# If no proxy, pam_cas doesn't control it
+# It may be several proxy instructions
+#proxy https://%%eolesso_adresse/proxycas/casimap.php
+#proxy https://imp.its.yale.edu/cas/casProxy.php
+#proxy https://uportal1.its.yale.edu/CasProxyServlet
+#proxy https://uportal2.its.yale.edu/CasProxyServlet
+
+# trusted_ca. mandatory if ssl on.
+# It a file in pem format. It can contents several certificates
+# If the CAS server certificate is auto-signed, the file must content the certificate
+# If the certificate is trusted by an Certificate Autority, The file must content
+# certificate from high level CA
+%if not %%is_empty(%%getVar('ssoCALocation', ''))
+trusted_ca %%eolessoCALocation
+%else
+trusted_ca /etc/ssl/certs/ca.crt
+%end if