[cas-dev] Trusting another CAS server?

Scott Battaglia scott.battaglia at gmail.com
Thu Nov 2 08:53:27 EST 2006 

Earl,

Setting up multiple authentication paths requires modifying the login flow
(you would need to configure in the "trusted" NonInteractive Login) as well
as configuring the appropriate
AuthenticationHandler/CredentialsToPrincipalResolver.  You would then need
to place the CAS Client validate filter in front of the CAS server and
enable the HttpServletRequest wrapping.

I am working on a more native solution that will utilize the CAS Client v3.0
:
http://www.ja-sig.org/issues/browse/CAS-425

-Scott

On 10/31/06, Earl Fogel <earl.fogel at usask.ca> wrote:
>
> Scott,
>
> Thanks, that almost makes sense.
>
> How do I set up multiple authentication paths with CAS?
>
> How do I make a CAS server authenticate as a CAS client?
>
> Is there any documentation on this?
>
> Thanks,
>
> Earl
> -
> On Mon, 30 Oct 2006, Scott Battaglia wrote:
>
> > Earl,
> >
> > You can configure one of the CAS servers with the CAS client (to
> validate
> > tickets) and then the CAS server to support "trusted" users (i.e. those
> > obtained through request.getRemoteUser()).  This works best if a CAS
> > 3.0server is the client to the Luminous server because the CAS 3
> > server can
> > support multiple authentication paths.
> >
> > -Scott
> >
> > On 10/30/06, Earl Fogel <earl.fogel at usask.ca> wrote:
> >>
> >> Hi,
> >>
> >> Is it possible to setup a CAS 3.0.x server to trust a Luminis CAS
> server?
> >>
> >> Our campus portal runs the Sungard SCT Luminis software.  Luminis can
> be
> >> configured to give out a CAS ticket whenever someone logs in to the
> >> portal.
> >>
> >> We'd like people to be able to log into our campus CAS server OR to
> >> Luminis and then single-sign on to various CASified services.
> >>
> >> Is this possible?  How?
> >>
> >> Earl Fogel
> >> Information Technology Services  phone: (306) 966-4861
> >> University of Saskatchewan       email: earl.fogel at usask.ca
> >> _______________________________________________
> >> cas-dev mailing list
> >> cas-dev at tp.its.yale.edu
> >> http://tp.its.yale.edu/mailman/listinfo/cas-dev
> >>
> >
> _______________________________________________
> cas-dev mailing list
> cas-dev at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas-dev/attachments/20061102/5f1a88e2/attachment.html

More information about the cas-dev mailing list