[cas-dev] Help with CAS-ifying the application

[patb23]

Hi,
Could anyone help me know whether I can CAS-ify the below mentioned scenario
& requirement? I am new to CAS and SSO. Based on the materials I read, I
came up with the 'Possible Approach'. Could you please let me know whether
it is doable?

Thanks

Scenario:

The department has a set of web-based application with each of them having
their own identity management using their own userids.These application in
turn talk to AS400 at OS400 apps by supplying these credentials. 

Requirement:
1. User logs in to his/her workstation by supplying NT userid/password.
2. On opening the browser user is taken to a portal page containing links to
these individual applications. 
3. The links are rewritten in such a way that user is not challenged at any
of these sites.

Possible approach:

1. Upon opening the browser(IE), user will be taken to the CAS
authentication page. User credential is read using a DLL (MSFT Sharepoint
kind of behavior)
	(If this is not possible, user can be presented with a login screen once)	
2. CAS authenticates using the NT domain access control and authenticates.
3. User will be redirected to a portal page containing rewritten urls for
these apps. 
 ex: http://myapp.mydomain.com?windowsntid=test&appName=myapp assuming the
CAS ticket is present (doubt: Can the ticket be shared across applications?)
4. Will utilise CredentialtoPrincipalMapping to lookup a DAO table that has
the following fields
NTUserId, AppName, App_User_id
5. Use PAM_CAS to authenticate the access to the app running in AS400 at OS400.
(doubt: I read that PAM is available only in Unix/Linux flavours. If so, how
can I use CAS from OS400/AS400 apps?)
-- 
View this message in context: http://www.nabble.com/Help-with-CAS-ifying-the-application-tp14294802p14294802.html
Sent from the CAS Dev mailing list archive at Nabble.com.