/*
  This is the JAAS configuration file used by CAS.
  
  A JAAS configuration file is a grouping of LoginModules defined in the
  following manner:
  <LoginModuleClass> <Flag> <ModuleOptions>;
  
  LoginModuleClass - fully qualified class name of the LoginModule class
  Flag             - indicates whether the requirement level for the modules; 
                     allowed values: required, requisite, sufficient, optional
  ModuleOptions    - a space delimited list of name="value" options
  
  For complete documentation on the format of this file see:
  http://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/login/Configuration.html
  
  For LoginModules available within the Sun JVM see:
  http://java.sun.com/j2se/1.5.0/docs/guide/security/jaas/tutorials/LoginConfigFile.html
  
  Warning: Do NOT use Sun's JNDI LoginModule to authentication against an LDAP
  directory, use the LdapLoginModule that ships with Shibboleth and is
  demonstrated below.

  Note, the application identifier MUST be CAS
*/


CAS {

// Example LDAP authentication
// See: https://spaces.internet2.edu/display/SHIB2/IdPAuthUserPass
   edu.vt.middleware.ldap.jaas.LdapLoginModule required
      host="ldap.example.org"
      port="389"
      ssl="false"
      tls="false"
      base="ou=people,dc=example,dc=org"
      subtreeSearch="true"
      userField="uid"
      serviceUser="cn=administrator,dc=example,dc=org"
      serviceCredential="password";

// Example Kerberos authentication, requires Sun's JVM
// See: https://spaces.internet2.edu/display/SHIB2/IdPAuthUserPass
/*
   com.sun.security.auth.module.Krb5LoginModule required
      keyTab="/path/to/idp/keytab/file";
*/

};