[cas-dev] Sharing Cas JBoss Client?
Eric Pugh
epugh at opensourceconnections.com
Mon Nov 12 12:15:26 EST 2007
Scott,
I am guessing since I don't see anything here: http://developer.ja-
sig.org/source/browse/jasigsvn/cas-clients/java-client/trunk that
you haven't committed your changes yet? Let me know if I can help
on the integration/upgrade stuff.
Thanks!
Eric
On Nov 6, 2007, at 10:47 AM, Scott Battaglia wrote:
> Eric,
>
> Sorry for the delayed response. Please feel free to attach it to a
> JIRA issue and I will review it for inclusion in the CAS client
> (updating it to the most recent version). If you're interested in
> maintaining it on a permanent basis, we can grant you Subversion
> access ;-) [that's not a requirement for submitting it though].
>
> Thanks for your contribution!
> -Scott
>
> On 11/1/07, Eric Pugh <epugh at opensourceconnections.com > wrote:
> Hi all,
>
> I've developed, against the Java Cas Client 3.0.0-final a integration
> module for JBoss that adds a new web authenticator to the ususal FORM
> and BASIC called CAS.
>
> The code is built using Maven, and follows the same structure as the
> cas-client-core project. What is the best way for me to share it and
> submit it for inclusion? Open a ticket or put up a wiki page?
>
> Here is a summary from the readme that I wrote:
>
> 1. INTRODUCTION
>
> This module is designed to support CAS as an authentication mechanism
> for JBoss based web applications. Most users
> wrap their web app in some Servlet Filters that provide the CAS
> authentication mechanism. The filter populates the
> user Principal, and then the webapp can make decisions based on that.
> However, the "filter" approach is a bit clumsy
> since we already have defined in the <auth-method/> paremeter of
> web.xml the ability to specify how to authenticate a webapp:
>
> From the specification: "Legal values are "BASIC","DIGEST", "FORM",
> "CLIENT-CERT", or a vendor-specific authentication scheme."
>
> So this code adds a new vendor-specific authentication scheme to
> JBoss: CAS.
>
> Additionally, using the filter approach means that the authenticatin
> information never reaches the EJB layer, so if you are using
> principals and roles in your EJB's, then the filter won't work.
>
>
>
> Thanks,
>
> Eric
>
> -----------------------------------------------------
> Eric Pugh | Principal | OpenSource Connections, LLC | 434.466.1467 |
> http://www.opensourceconnections.com
>
>
>
> _______________________________________________
> cas-dev mailing list
> cas-dev at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas-dev
>
>
>
> --
> -Scott Battaglia
>
> LinkedIn: http://www.linkedin.com/in/scottbattaglia
> _______________________________________________
> cas-dev mailing list
> cas-dev at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas-dev
-----------------------------------------------------
Eric Pugh | Principal | OpenSource Connections, LLC | 434.466.1467 |
http://www.opensourceconnections.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas-dev/attachments/20071112/34ea6c99/attachment.html
More information about the cas-dev
mailing list