I have a Gitlab CE version 13 instance installed from source. I have it configured to authenticate against LDAP, but now I need it to authenticate against a CAS server. I’ve been reviewing the Gitlab integration documentation with CAS and I have several questions:
Is integration with CAS possible with Gitlab CE or is it only valid for Gitlab EE?
Do you only have to modify the conf/gitlab.yml file to set the CAS server parameters and enable the provider or do you have to do something else?
According to the docs here: CAS OmniAuth provider (deprecated) | GitLab it’s available for free. I did look in my gitlab.rb grepping for cas, and there are some entries in there for it (I use gitlab-ce omnibus). So I guess just configure and try it, should be easy enough to find out by following the documentation linked.
That said, the question is do you really want to? CAS is deprecated in Gitlab 15.3 (completely removed in 16.x) and Gitlab 13.x is end-of-life since at least 21 May 2021. For security reasons you should be upgrading to the latest release to ensure your installation doesn’t get compromised (unless you do not have public access to your server from the internet - then it won’t be as urgent but still a risk). So not really sure if you should use it especially since support for it is removed in later versions. Might be better to look at some other solution instead of CAS.
You are right, that from version 15 CAS will already be obsolete and with 16 it will disappear completely, so it makes no sense to integrate it with CAS in version 13 if later we will update to more recent versions. The other alternative that we have left is the integration with SAML that I do see that it has continuity in new versions.