gitlab-org--gitlab-foss/doc/integration/cas.md

67 lines
2.1 KiB
Markdown
Raw Normal View History

2015-11-11 23:25:31 -05:00
# CAS OmniAuth Provider
2015-12-21 11:37:55 -05:00
To enable the CAS OmniAuth provider you must register your application with your CAS instance. This requires the service URL GitLab will supply to CAS. It should be something like: `https://gitlab.example.com:443/users/auth/cas3/callback?url`. By default handling for SLO is enabled, you only need to configure CAS for backchannel logout.
2015-11-11 23:25:31 -05:00
1. On your GitLab server, open the configuration file.
2015-11-11 23:25:31 -05:00
For Omnibus package:
2015-11-11 23:25:31 -05:00
```sh
sudo editor /etc/gitlab/gitlab.rb
```
2015-11-11 23:25:31 -05:00
For installations from source:
2015-11-11 23:25:31 -05:00
```sh
cd /home/git/gitlab
2015-11-11 23:25:31 -05:00
sudo -u git -H editor config/gitlab.yml
```
2015-11-11 23:25:31 -05:00
1. See [Initial OmniAuth Configuration](omniauth.md#initial-omniauth-configuration) for initial settings.
2015-11-11 23:25:31 -05:00
1. Add the provider configuration:
2015-11-11 23:25:31 -05:00
For Omnibus package:
2015-11-11 23:25:31 -05:00
```ruby
gitlab_rails['omniauth_providers'] = [
{
"name"=> "cas3",
"label"=> "cas",
"args"=> {
"url"=> 'CAS_SERVER',
"login_url"=> '/CAS_PATH/login',
"service_validate_url"=> '/CAS_PATH/p3/serviceValidate',
"logout_url"=> '/CAS_PATH/logout'
}
}
]
```
2015-11-11 23:25:31 -05:00
For installations from source:
2015-11-11 23:25:31 -05:00
```
- { name: 'cas3',
label: 'cas',
args: {
url: 'CAS_SERVER',
login_url: '/CAS_PATH/login',
service_validate_url: '/CAS_PATH/p3/serviceValidate',
logout_url: '/CAS_PATH/logout'} }
```
2015-11-11 23:25:31 -05:00
1. Change 'CAS_PATH' to the root of your CAS instance (ie. `cas`).
2015-11-11 23:25:31 -05:00
1. If your CAS instance does not use default TGC lifetimes, update the `cas3.session_duration` to at least the current TGC maximum lifetime. To explicitly disable SLO, regardless of CAS settings, set this to 0.
2015-11-11 23:25:31 -05:00
1. Save the configuration file.
2015-11-11 23:25:31 -05:00
1. [Reconfigure][] or [restart GitLab][] for the changes to take effect if you
installed GitLab via Omnibus or from source respectively.
2015-11-11 23:25:31 -05:00
2015-12-21 11:37:55 -05:00
On the sign in page there should now be a CAS tab in the sign in form.
[reconfigure]: ../administration/restart_gitlab.md#omnibus-gitlab-reconfigure
[restart GitLab]: ../administration/restart_gitlab.md#installations-from-source