[cas-dev] JA-SIG CAS Client for Java and Authorization classes
Andrew R Feller
afelle1 at lsu.edu
Thu Sep 13 15:17:55 EDT 2007
We are managing authorization in Tomcat via j_security_check by creating
the necessary Subject / Principal objects once CAS authentication has
been determined to take place. At that point, we rely upon the Java EE
security model and can communicate with EJBs that aren't CAS protected.
Our $0.02,
Andrew R Feller, Analyst
Subversion Administrator
University Information Systems
Louisiana State University
afelle1 at lsu.edu
(office) 225.578.3737
________________________________
From: cas-dev-bounces at tp.its.yale.edu
[mailto:cas-dev-bounces at tp.its.yale.edu] On Behalf Of Scott Battaglia
Sent: Thursday, September 13, 2007 1:57 PM
To: CAS Developers Mailing List
Subject: [cas-dev] JA-SIG CAS Client for Java and Authorization classes
All,
I'm currently working on updating the JA-SIG CAS Client for Java to
include the latest CAS 3.1 features (SAML support, Logout support [with
Andrew Feller's help], etc.). One thing I'm also working on is simple
web.xml configuration with the option of more advanced Spring-based XML
configuration (for those who want more options).
At this point I realized we have the very simple authorization example
filters. Anyone actually use these? Should they stick around? Moved
to the wiki as an example of simple authorization? I'm trying to
minimize the number of filter options in order to ease configuration.
Thanks
-Scott
--
-Scott Battaglia
LinkedIn: http://www.linkedin.com/in/scottbattaglia
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas-dev/attachments/20070913/501a345e/attachment.html
More information about the cas-dev
mailing list