36 lines
1.1 KiB
Plaintext
36 lines
1.1 KiB
Plaintext
# sample pam_cas config
|
|
|
|
# host from CAS server. mandatory
|
|
host %%authWebName
|
|
|
|
# port from CAS server. Default to 80 or 443, depends from ssl instruction
|
|
port 443
|
|
|
|
# uri to validate ticket. Default to /proxyValidate
|
|
uriValidate /proxyValidate
|
|
|
|
# https or no. values on or off. Default to on.
|
|
ssl on
|
|
|
|
# debug (on) or no (off). debug in syslog, level LOG_DEBUG. Default to off
|
|
debug off
|
|
|
|
# proxy or proxies who deliver Proxy Ticket.
|
|
# If no proxy, pam_cas doesn't control it
|
|
# It may be several proxy instructions
|
|
#proxy https://%%authWebName/proxycas/casimap.php
|
|
#proxy https://imp.its.yale.edu/cas/casProxy.php
|
|
#proxy https://uportal1.its.yale.edu/CasProxyServlet
|
|
#proxy https://uportal2.its.yale.edu/CasProxyServlet
|
|
|
|
# trusted_ca. mandatory if ssl on.
|
|
# It a file in pem format. It can contents several certificates
|
|
# If the CAS server certificate is auto-signed, the file must content the certificate
|
|
# If the certificate is trusted by an Certificate Autority, The file must content
|
|
# certificate from high level CA
|
|
%if not %%is_empty(%%getVar('ssoCALocation', ''))
|
|
trusted_ca %%ssoCALocation
|
|
%else
|
|
trusted_ca /etc/ssl/certs/ca.crt
|
|
%end if
|