Using CAS underwater
Berg, Jan van den
Jan.vandenberg at getronics.com
Wed Nov 12 03:16:27 EST 2008
Well to be precise we need to support DigiD authentication. DigiD is a
government supported digital identification mechanism in the
Netherlands. From our web application we communicate with DigiD using
web services and we redirect the user to enter his/her credentials on
the DigiD website.(DigiD is a A-Select implementation). Afterwards the
user is send back to our website and we check the authentication level
of the user (again using web services) then the user has access to our
website. But now the website is split up into multiple web modules, and
we like CAS to handle the SSO part. But we cannot use CAS for the
authentication part because that's being handled by DigiD.
So I was hoping there is a way of doing some authentication underwater
(preferably using web services) and therefore skip the login webflow of
CAS, but still benefit for the SSO functionality.
I hope this was detailed enough,
With kind regards,
Jan van den Berg
-----Original Message-----
From: cas-bounces at tp.its.yale.edu [mailto:cas-bounces at tp.its.yale.edu]
On Behalf Of Scott Battaglia
Sent: 11 November 2008 18:42
To: Yale CAS mailing list
Subject: Re: Using CAS underwater
Can you describe it in more details? In CAS 3.3 we've attempted to
support the model of additional protocols (i.e. the SAML2 support for
Google Apps) and we're looking to extend this support in CAS4.
-Scott
-Scott Battaglia
PGP Public Key Id: 0x383733AA
LinkedIn: http://www.linkedin.com/in/scottbattaglia
On Tue, Nov 11, 2008 at 10:40 AM, Berg, Jan van den
<Jan.vandenberg at getronics.com> wrote:
> We've been using CAS for some projects now and we are very happy with
it.
> But now we have a project where we want to use SSO but the
authentication
> mechanism is very complex and (off course) not supported by CAS out of
the
> box. It's not a matter of adding one or two parameters to the
credentials,
> but we need to include a third party authentication mechanism.
>
> I've looked into the code of CAS and I don't think that I can easily
> integrate this into CAS, the other option would be to use CAS
underwater and
> to manage the authentication our self. We still want to use CAS
because of
> its SSO capabilities. But I've been looking at the "Using CAS without
the
> CAS login screen" posts but they either don't work for me (I'm using
CAS
> 3.3) or they don't seem suitable for our solution.
>
> My question therefore is; Can I easily integrate CAS on top of my own
> authentication module using release 3.3.0. For example get a login
ticket ,
> and send credentials via web service calls underwater after I'm done
> authentication an user?
>
> Any help is appreciated,
>
> With kind regards,
>
> Jan van den Berg
>
> _______________________________________________
> Yale CAS mailing list
> cas at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas
>
>
_______________________________________________
Yale CAS mailing list
cas at tp.its.yale.edu
http://tp.its.yale.edu/mailman/listinfo/cas
More information about the cas
mailing list