diff --git a/core/config.class.inc.php b/core/config.class.inc.php
index fda3f9c98..abd480efc 100644
--- a/core/config.class.inc.php
+++ b/core/config.class.inc.php
@@ -400,6 +400,15 @@ class Config
 			'source_of_value' => '',
 			'show_in_conf_sample' => true,
 		),
+		'cas_update_profiles' => array(
+			'type' => 'bool',
+			'description' => 'Whether or not to update the profiles of an existing user from the CAS information',
+			// examples... not used (nor 'description')
+			'default' => 0,
+			'value' => 0,
+			'source_of_value' => '',
+			'show_in_conf_sample' => true,
+		),
 		'cas_profile_pattern' => array(
 			'type' => 'string',
 			'description' => 'A regular expression pattern to extract the name of the iTop profile from the name of an LDAP/CAS group',
@@ -409,6 +418,15 @@ class Config
 			'source_of_value' => '',
 			'show_in_conf_sample' => true,
 		),
+		'cas_default_profiles' => array(
+			'type' => 'string',
+			'description' => 'A semi-colon separated list of iTop Profiles to use when creating a new user if no profile is retrieved from CAS',
+			// examples... not used (nor 'description')
+			'default' => 'Portal user',
+			'value' => 'Portal user',
+			'source_of_value' => '',
+			'show_in_conf_sample' => true,
+		),
 		'cas_debug' => array(
 			'type' => 'bool',
 			'description' => 'Activate the CAS debug',
diff --git a/core/userrights.class.inc.php b/core/userrights.class.inc.php
index f25baa098..fe40a1334 100644
--- a/core/userrights.class.inc.php
+++ b/core/userrights.class.inc.php
@@ -1066,7 +1066,24 @@ class CAS_SelfRegister implements iSelfRegister
 					phpCAS::log("Info: user if a member of the group: ".$sGroupName);
 					$sGroupName = trim(iconv('UTF-8', 'ASCII//TRANSLIT', $sGroupName)); // Remove accents and spaces as well
 					$aFilteredGroupNames[] = $sGroupName;
-					if (in_array($sGroupName, $aCASMemberships))
+					$bIsMember = false;
+					foreach($aCASMemberships as $sCASPattern)
+					{
+						if (self::IsPattern($sCASPattern))
+						{
+							if (preg_match($sCASPattern, $sGroupName))
+							{
+								$bIsMember = true;
+								break;
+							}
+						}
+						else if ($sPattern == $sGroupName)
+						{
+							$bIsMember = true;
+							break;
+						}
+					}
+					if ($bIsMember)
 					{
 						$bCASUserSynchro = MetaModel::GetConfig()->Get('cas_user_synchro');
 						if ($bCASUserSynchro)
@@ -1125,7 +1142,8 @@ class CAS_SelfRegister implements iSelfRegister
 	 */
 	public static function UpdateUser(User $oUser, $sLoginMode, $sAuthentication)
 	{
-		if (($sLoginMode == 'cas') && (phpCAS::hasAttribute('memberOf')))
+		$bCASUpdateProfiles = MetaModel::GetConfig()->Get('cas_update_profiles');
+		if (($sLoginMode == 'cas') && $bCASUpdateProfiles && (phpCAS::hasAttribute('memberOf')))
 		{
 			$aMemberOf = phpCAS::getAttribute('memberOf');
 			if (!is_array($aMemberOf)) $aMemberOf = array($aMemberOf); // Just one entry, turn it into an array
@@ -1249,8 +1267,28 @@ class CAS_SelfRegister implements iSelfRegister
 		}
 		if (count($aProfiles) == 0)
 		{
-			phpCAS::log("Error: no group name matches the pattern: '$sPattern'. The user '$sEmail' has no profiles in iTop, and therefore cannot be created.");
-			return false;
+			phpCAS::log("Info: The user '".$oUser->GetName()."' has no profiles retrieved from CAS. Default profile(s) will be used.");
+
+			// Second attempt: check if there is/are valid default profile(s)
+			$sCASDefaultProfiles = MetaModel::GetConfig()->Get('cas_default_profiles');
+			$aCASDefaultProfiles = explode(';', $sCASDefaultProfiles);
+			foreach($aCASDefaultProfiles as $sDefaultProfileName)
+			{
+				if (array_key_exists(strtolower($sDefaultProfileName), $aAllProfiles))
+				{
+					$aProfiles[] = $aAllProfiles[strtolower($sDefaultProfileName)];
+				}
+				else
+				{
+					phpCAS::log("Warning: the default profile {$sDefaultProfileName} is not a valid iTop profile. Ignored.");
+				}
+			}
+			
+			if (count($aProfiles) == 0)
+			{
+				phpCAS::log("Error: The user '".$oUser->GetName()."' has no profiles in iTop, and therefore cannot be created.");
+				return false;
+			}
 		}
 		
 		// Now synchronize the profiles
@@ -1263,7 +1301,7 @@ class CAS_SelfRegister implements iSelfRegister
 			$oProfilesSet->AddObject($oLink);
 		}
 		$oUser->Set('profile_list', $oProfilesSet);
-		phpCAS::log("Info: the user $sEmail (id=".$oUser->GetKey().") now has the following profiles: '".implode("', '", $aProfiles)."'.");
+		phpCAS::log("Info: the user '".$oUser->GetName()."' (id=".$oUser->GetKey().") now has the following profiles: '".implode("', '", $aProfiles)."'.");
 		return true;
 	}
 	/**