Overview
An organization is the basic unit of Casdoor, which manages users and applications. If a user signs in to an organization, then they can access all applications belonging to the organization without signing in again.
In the configuration of applications and providers, choosing an organization is important, as it determines whether a user can access the application using specific providers.
We can also set up LDAP in Casdoor. For more details, please see the LDAP documentation.
Casdoor provides multiple password storage algorithms that can be selected on the organization edit page.
| Name | Algorithm | Description | Scenario |
|---|---|---|---|
| plain | - | The password will be stored in cleartext. (default) | - |
| salt | SHA-256 | SHA-256 is a patented cryptographic hash function that outputs a value that is 256 bits long. | - |
| md5-salt | MD5 | The MD5 message-digest algorithm is a cryptographically broken but still widely used hash function producing a 128-bit hash value. | Discuz! |
| bcrypt | bcrypt | bcrypt is a password-hashing function and is used to hash and salt passwords securely. | Spring Boot, WordPress |
| pbkdf2-salt | SHA-256 and PBKDF2 | PBKDF2 is a simple cryptographic key derivation function that is resistant to dictionary attacks and rainbow table attacks. It was originally implemented in Casdoor for the Keycloak syncer. Select this option if you are importing users using the Keycloak syncer. | Keycloak |
In addition to logging into Casdoor via an application (which redirects to Casdoor for SSO), a Casdoor user can also choose to directly log into Casdoor via the organization's login page: /login/<organization_name>, e.g., https://door.casdoor.com/login/casbin in the demo site.