[cas-dev] Mimic Tomcat Container Authentication

Uday Kari ukari at pdc.org
Wed Apr 18 21:38:50 EDT 2007 

Yale CAS Gurus,

 

I am looking for a good reference in the wiki or mailing lists to
achieve the following subjective strategy question:  

 

"How do I CAS-ify my tomcat deployed client application (or configure
the Yale CAS Server, although I doubt it) so as to fool the client
application to perceive the login exactly as if it were coming in as a
tomcat container login (basic non-SSL is the preferred mode, but I
believe we can handle form-based-SSL which would be the natural thing to
do with Yale CAS)?"  

 

More explanation:  I am delighted to report that I have succeeded in
doing SSO with "normal" tomcat servlet applications, even across
multiple tomcat instances (and self-generated certificates).  However,
some of our applications feature a "servlet connector" that throws a
login challenge (or simply hangs!) if the session (or request -- not
sure which - still working this) is not populated EXACTLY as if the
secure request came in through a tomcat login.  For a tomcat driven (or
equivalent container driven login), the servlet connector finds
everything it needs from the environment (again I don't know the exact
mechanism, nor do I care for the purpose of this question).  

 

More specifically, I am having to do SSO into an ArcIMS application
using its servlet connector.  Please see www.esri.com
<http://www.esri.com/>  if any of you are GIS gurus as well for details
on ArcIMS.  I am not a GIS geek...and hence the "service-oriented"
strategy...that is I don't care what exactly ESRI does as long as I can
have Yale CAS provide a login that "looks like" a tomcat login to the
client application (and I don't care for knowing what exactly tomcat
does either).  

 

Did you guys address something like this?  If yes, please enlighten me.
If not, consider this a feature request.  :-) 

 

Regards,

 

Uday Kari

 

 

 

 

 

 

 

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas-dev/attachments/20070418/8be6e337/attachment.html

More information about the cas-dev mailing list