[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Zimbra 8 and CAS Authentication



It has been my experience that with a single server installation you may have to change the Zimbra Web Client URL login from 

zmprov md domain.name  zimbraWebClientLoginURL https://HOSTNAME/zimbra/public/preauth.jsp

to 

zmprov md domain.name  zimbraWebClientLoginURL https://HOSTNAME/public/preauth.jsp

I hope that works.

Regards,
Pablo Garaitonandia
Penn State University
ITS, Administrative Information Services
(814) 865-6385
pablo@psu.edu


From: "Matt Mencel" <MR-Mencel@wiu.edu>
To: "zimbra-hied-admins" <zimbra-hied-admins@sfu.ca>
Sent: Monday, December 16, 2013 5:29:22 PM
Subject: Re: Zimbra 8 and CAS Authentication

Yep....it's the same CAS that is in use for the production Zimbra instance.


From: "Steve Elliott" <selliott@kennesaw.edu>
To: MR-Mencel@wiu.edu
Sent: Monday, December 16, 2013 4:27:12 PM
Subject: Re: Zimbra 8 and CAS Authentication

Crazy question but is the cas system running?  That looks like the cas server is not putting up its page


Sent via the Samsung Galaxy S™ III, an AT&T 4G LTE smartphone



-------- Original message --------
From: Matt Mencel <MR-Mencel@wiu.edu>
Date: 12/16/2013 5:08 PM (GMT-05:00)
To: zimbra-hied-admins <zimbra-hied-admins@sfu.ca>
Subject: Re: Zimbra 8 and CAS Authentication


Attached is the error.  Seems it cannot find the preauth file in the path I'm giving it.  But it's there and with the correct permissions.

$ ls -l ~/jetty/webapps/zimbra/public/preauth.jsp 
-rw-rw-r-- 1 zimbra zimbra 3767 Dec 16 15:36 /opt/zimbra/jetty/webapps/zimbra/public/preauth.jsp

Unless Zimbra 8 has changed where this file should be placed?  That's the only thing I can think is wrong at the moment.....





From: "Matt Mencel" <MR-Mencel@wiu.edu>
To: "zimbra-hied-admins" <zimbra-hied-admins@sfu.ca>
Sent: Monday, December 16, 2013 4:00:44 PM
Subject: Re: Zimbra 8 and CAS Authentication

Yes to the questions from Steve and Pablo...


# ls -l ~/jetty/common/lib/
-rw-rw-r-- 1 zimbra zimbra   87311 Dec 12 18:27 cas-client-core-3.2.1.jar

Plus the file at  ~/jetty/etc/zimbra.web.xml.in

I've walked through the documentation several times.  I've eliminated the proxy from the mix so I'm talking direct to the mailbox host.

All this is configured as well....

zmprov gdpak domain.name
in the preauth.jsp edit the  "public static final String DOMAIN_KEY = " to have your domain key
and edit the default login page location 
zmprov md domain.name  zimbraWebClientLoginURL https://HOSTNAME/zimbra/public/preauth.jsp

We currently have CAS working just fine in our production 7.2.X install.  I have to get this working in my test 8.0.6 instance before upgrading and am not having any luck today.

Matt



From: "Steve Elliott" <selliott@kennesaw.edu>
To: "Matt Mencel" <MR-Mencel@wiu.edu>
Sent: Monday, December 16, 2013 3:51:51 PM
Subject: Re: Zimbra 8 and CAS Authentication

You put the cas-client-core file on your system?   Made sure you referenced your systems proxy server in the zimbra.web.xml.in?   ((I'm using 7.2.5 so hope that still applies for 8))


From: "Matt Mencel" <MR-Mencel@wiu.edu>
To: "zimbra-hied-admins" <zimbra-hied-admins@sfu.ca>
Sent: Monday, December 16, 2013 4:40:09 PM
Subject: Zimbra 8 and CAS Authentication

Anyone familiar with using CAS authentication in Zimbra 8?  I've got it all configured but when I try to browse to the URL: 


https://HOSTNAME/zimbra/public/preauth.jsp


I get a 404 not found error.  The preauth.jsp file exists in ~/jetty/webapps/zimbra/public/.  It's owned by zimbra:zimbra and chmod'd 664.


Matt








[image/png:Screen Shot 2013-12-16 at 4.02.02 PM.png]