diff --git a/apps/jumpserver/conf.py b/apps/jumpserver/conf.py index a2e96966f..7a807dd5d 100644 --- a/apps/jumpserver/conf.py +++ b/apps/jumpserver/conf.py @@ -212,12 +212,12 @@ class Config(dict): # Cas 认证 'AUTH_CAS': False, 'CAS_SERVER_URL': "https://example.com/cas/", - 'CAS_ROOT_PROXIED_AS': '', + 'CAS_ROOT_PROXIED_AS': 'https://example.com', 'CAS_LOGOUT_COMPLETELY': True, 'CAS_VERSION': 3, 'CAS_USERNAME_ATTRIBUTE': 'uid', 'CAS_APPLY_ATTRIBUTES_TO_USER': False, - 'CAS_RENAME_ATTRIBUTES': {}, + 'CAS_RENAME_ATTRIBUTES': {'uid': 'username'}, 'CAS_CREATE_USER': True, 'AUTH_SSO': False, diff --git a/apps/settings/models.py b/apps/settings/models.py index 44867dc6b..d6dc601ee 100644 --- a/apps/settings/models.py +++ b/apps/settings/models.py @@ -117,6 +117,10 @@ class Setting(models.Model): # 设置内存值 setattr(settings, name, setting.cleaned_value) + @classmethod + def refresh_AUTH_CAS(cls): + cls.refresh_authentications('AUTH_CAS') + @classmethod def refresh_AUTH_LDAP(cls): cls.refresh_authentications('AUTH_LDAP') diff --git a/apps/settings/serializers/auth/cas.py b/apps/settings/serializers/auth/cas.py index 49a02505f..47cdfc58c 100644 --- a/apps/settings/serializers/auth/cas.py +++ b/apps/settings/serializers/auth/cas.py @@ -1,4 +1,4 @@ - +import json from django.utils.translation import ugettext_lazy as _ from rest_framework import serializers @@ -10,6 +10,7 @@ __all__ = [ class CASSettingSerializer(serializers.Serializer): AUTH_CAS = serializers.BooleanField(required=False, label=_('Enable CAS Auth')) CAS_SERVER_URL = serializers.CharField(required=False, max_length=1024, label=_('Server url')) + CAS_ROOT_PROXIED_AS = serializers.CharField(required=False, max_length=1024, label=_('Proxy server url')) CAS_LOGOUT_COMPLETELY = serializers.BooleanField(required=False, label=_('Logout completely')) CAS_VERSION = serializers.IntegerField(required=False, label=_('Version')) CAS_USERNAME_ATTRIBUTE = serializers.CharField(required=False, max_length=1024, label=_('Username attr'))