User Tools

Site Tools


57North ID

57North ID combines an LDAP server with a user management portal and a CAS IdP to become a single, centralised point for user identity within 57North. All 57North services should authenticate against it, which they can do in a handful of ways:

  • CAS single sign-on, intended for web-based services
  • LDAP username/password sign-on, intended for local services such as 57North-managed desktops
  • SSH public keys, for SSH-based network services

It supports two types of accounts - member and guest. The intention is that every user signs up as a guest, and HackHub will manage promoting them to members according to 57North's membership procedures.

The CAS server is at, and follows [ JASIG's CAS protocol version 3.0], minus proxy tokens as they are currently unimplemented. There are a variety of clients available for most languages and frameworks, or if you have an XML parser and an HTTP client library it can be implemented in about ten lines of code. The server requires an admin (currently Shell) to whitelist CAS clients by URL. It supports two endpoints - for member-only services, and for services which all users with a 57North ID can access, such as a wiki or other public service.

The LDAP server will be accessible at

via TLS, as soon as I can be convinced it's secure enough. Users are under



The code for the CAS server and portal is hosted at, and runs on 'finzean', as does the LDAP server.

Enabled Services

The following services are enabled to use 57North ID for authentication:

How to Configure ID

  1. Follow Hackhub
  2. apt install nodejs redis
  3. adduser 57n-id - ensure 57n-id has no password, has a /home/57n-id and a shell of /bin/sh
  4. su -l 57n-id
    1. cd 57n-id && npm install
    2. create /home/57n-id/57n-id/ldap-password.txt containing the ldap password
projects/57_north_id.txt · Last modified: 2020/07/07 20:48 (external edit)