33c867b70d
Many code blocks are 4spaced, and they render in GitLab without coloring as a result, even though they are fenced with a language label. If in a list, other items will render as being in a code block too, even if not meant to. This fixes all these issues, and cleans up minor white space issues in install and integration docs
2.1 KiB
CAS OmniAuth Provider
To enable the CAS OmniAuth provider you must register your application with your CAS instance. This requires the service URL GitLab will supply to CAS. It should be something like: https://gitlab.example.com:443/users/auth/cas3/callback?url. By default handling for SLO is enabled, you only need to configure CAS for backchannel logout.
-
On your GitLab server, open the configuration file.
For omnibus package:
sudo editor /etc/gitlab/gitlab.rbFor installations from source:
cd /home/git/gitlab sudo -u git -H editor config/gitlab.yml -
See Initial OmniAuth Configuration for initial settings.
-
Add the provider configuration:
For omnibus package:
gitlab_rails['omniauth_providers'] = [ { "name"=> "cas3", "label"=> "cas", "args"=> { "url"=> 'CAS_SERVER', "login_url"=> '/CAS_PATH/login', "service_validate_url"=> '/CAS_PATH/p3/serviceValidate', "logout_url"=> '/CAS_PATH/logout' } } ]For installations from source:
- { name: 'cas3', label: 'cas', args: { url: 'CAS_SERVER', login_url: '/CAS_PATH/login', service_validate_url: '/CAS_PATH/p3/serviceValidate', logout_url: '/CAS_PATH/logout'} } -
Change 'CAS_PATH' to the root of your CAS instance (ie.
cas). -
If your CAS instance does not use default TGC lifetimes, update the
cas3.session_durationto at least the current TGC maximum lifetime. To explicitly disable SLO, regardless of CAS settings, set this to 0. -
Save the configuration file.
-
Reconfigure or restart GitLab for the changes to take effect if you installed GitLab via Omnibus or from source respectively.
On the sign in page there should now be a CAS tab in the sign in form.