Thanks for your interest in Casa! Follow the instructions below to spin up an instance of Casa to offer end-users self-service 2FA and more for their account(s) in your Gluu Server.
View screenshots in the User Guide.
Installation via Linux Packages#
Starting with version 4.1, Casa is offered as one of the several components of the Gluu Server CE. To include Casa in your instance, just ensure to hit Y when prompted at installation time.
Account for 1GB of additional RAM than you use in a standard CE installation. See Gluu Server system requirements
It is required your installation was configured to use a FQDN for hostname, not an IP address
Apache and oxAuth are required components
Casa requires oxd 4.x to operate. Ideally you would use a ready-to-use external oxd server (its location is prompted upon installation); if you don't have such a server, one will be installed for you locally.
After installation, you can access the application at
For the first time the application will try to register an OpenID Connect client via oxd. If this operation fails due to network problems or SSL cert issues, login will not work. Please refer to the FAQ for troubleshooting.
To change the default URL path for Casa follow the steps listed here. It is advisable to apply this customization before credentials are enrolled.
Unlocking admin features#
Recall admin capabilities are disabled by default. To unlock admin features follow these steps:
- Navigate inside chroot to
- Create an empty file named
- Logout in case you have an open browser session
A word on security#
In a clustered or containerized deployment, admin features and user features should run on different nodes. It is responsibility of the administrator to enable admin features on a specific (small) set of nodes and make those publically inaccessible, for instance, by removing them from the load balancer.