[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: CAS'ifying Zimbra



selliott@kennesaw.edu wrote:
> We can get CAS to work just fine on our Zimbra test system. Our issue
> is we have a fair amount of accounts on our system/domain that only
> respond to a local password as they are not attached to a person.
> 
> We have a person trying to come up with creative ways to allow one of
> these accounts owners to bypass the CAS aspect and get to the normal
> Zimbra login screen.
> 
> Wanted to see if anyone out there might have dealt with this issue
> before and their solution.

You can modify the Zimbra login page to collect the username/password and then hash the password however you hash your passwords in your identity database. Assuming that your CAS server uses the same identity database, those accounts will eventually (if they're being used) work with CAS too. 

Question about your CAS set up. I imagine that if I were one of your users and I had a valid CAS ticket then I could go to your Zimbra webmail page and not have to login since my CAS ticket would be recognized. Is this also the case for your IMAP users? I'm thinking about how to integrate Zimbra into a portal and display the first 10 messages. If Zimbra IMAP doesn't recognize CAS tickets then I might have to use pull those messages using REST or configure CAS ClearPass. 

Thanks,
  John