diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2023-05-11 00:13:10 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2023-05-11 00:13:10 +0300 |
commit | d9710d79c52bc73438022e79c79cfe3ab35b084b (patch) | |
tree | 4ccba377283753036ad28a75d061f7ee61afa806 /doc/integration/cas.md | |
parent | 20a86e7f6fd58882025b1c85b21e891d75220da5 (diff) |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'doc/integration/cas.md')
-rw-r--r-- | doc/integration/cas.md | 76 |
1 files changed, 3 insertions, 73 deletions
diff --git a/doc/integration/cas.md b/doc/integration/cas.md index bfeabde8a36..d2a29161a53 100644 --- a/doc/integration/cas.md +++ b/doc/integration/cas.md @@ -8,76 +8,6 @@ redirect_to: '../administration/auth/index.md' # CAS OmniAuth provider (removed) **(FREE SELF)** -WARNING: -This feature was -[deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/369127) in GitLab -15.3 and [removed](https://gitlab.com/gitlab-org/gitlab/-/issues/369128) in 16.0. - -To enable the CAS OmniAuth provider you must register your application with your -CAS instance. This requires the service URL GitLab supplies to CAS. It should be -something like: `https://gitlab.example.com:443/users/auth/cas3/callback?url`. -Handling for Single Logout (SLO) is enabled by default, so you only have to -configure CAS for back-channel logout. - -1. On your GitLab server, open the configuration file. - - For Omnibus package: - - ```shell - sudo editor /etc/gitlab/gitlab.rb - ``` - - For installations from source: - - ```shell - cd /home/git/gitlab - - sudo -u git -H editor config/gitlab.yml - ``` - -1. Configure the [common settings](omniauth.md#configure-common-settings) - to add `cas3` as a single sign-on provider. This enables Just-In-Time - account provisioning for users who do not have an existing GitLab account. - -1. Add the provider configuration: - - For Omnibus package: - - ```ruby - gitlab_rails['omniauth_providers'] = [ - { - name: "cas3", - label: "Provider name", # optional label for login button, defaults to "Cas3" - args: { - url: "CAS_SERVER", - login_url: "/CAS_PATH/login", - service_validate_url: "/CAS_PATH/p3/serviceValidate", - logout_url: "/CAS_PATH/logout" - } - } - ] - ``` - - For installations from source: - - ```yaml - - { name: 'cas3', - label: 'Provider name', # optional label for login button, defaults to "Cas3" - args: { - url: 'CAS_SERVER', - login_url: '/CAS_PATH/login', - service_validate_url: '/CAS_PATH/p3/serviceValidate', - logout_url: '/CAS_PATH/logout' } } - ``` - -1. Change 'CAS_PATH' to the root of your CAS instance (such as `cas`). - -1. If your CAS instance does not use default TGC lifetimes, update the `cas3.session_duration` to at least the current TGC maximum lifetime. To explicitly disable SLO, regardless of CAS settings, set this to 0. - -1. Save the configuration file. - -1. For the changes to take effect: - - If you installed via Omnibus, [reconfigure GitLab](../administration/restart_gitlab.md#omnibus-gitlab-reconfigure). - - If you installed from source, [restart GitLab](../administration/restart_gitlab.md#installations-from-source). - -On the sign in page there should now be a CAS tab in the sign in form. +This feature was [deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/369127) +in GitLab 15.3 and [removed](https://gitlab.com/gitlab-org/gitlab/-/issues/369128) +in 16.0. |