CAS, Web services and Glassfish - Newbie question
Scott Battaglia
scott.battaglia at gmail.com
Wed Oct 1 18:51:59 EDT 2008
You should protect your remote web services with a CAS client such as the
JASIG CAS Client for Java or a more robust security library such as Spring
Security.
You'll want to pass your protected web services a CAS proxy ticket which the
web service can validate and receive the username as well as the url of the
application that made the remote call.
-Scott
-Scott Battaglia
PGP Public Key Id: 0x383733AA
LinkedIn: http://www.linkedin.com/in/scottbattaglia
On Wed, Oct 1, 2008 at 10:57 AM, Danilo Levantesi <
danilo.levantesi at gmail.com> wrote:
> Hi to all!
> I'm a totally newbie in CAS world, so please forgive me if my question is
> so
> trivial.
>
> My scenario is composed by many subsystems accessed by means of web
> services,
> using SOAP; moreover, I have many web application accessing those web
> services.
>
> I understood I can use CAS to provide SSO between web applications, and it
> works like a charm (the wiki guides were very useful!!!).
>
> The problem arises when these web application must access remote web
> services.
> Those web services (most of them implemented using EJBs 3.0) must be
> protected (the user must provide credentials), and at present it is done by
> means of basic http authentication. In this way the container can provide
> the
> principal to the web service (it is a key requirement).
>
> Here my misunderstood comes: how can I use CAS (if I can) to provide
> authentication to web services? I have a couple of obfuscated ideas, but I
> don't know if they are right, so I hope someone can help me.
>
> First of all: is it possible to achieve? And if it is, is SAML the correct
> keyword? In this case, can someone suggest me a guide and a starting point,
> because I couldn't find anything?
>
> And is Java Client 3.1.3 the correct library to use?
>
> Or have I to implement a custom Glassfish authentication module?
>
> Or am I totally wrong?
>
> Many thanks in advance
>
> Danilo
>
> _______________________________________________
> Yale CAS mailing list
> cas at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas/attachments/20081001/2c2f37ec/attachment.html
More information about the cas
mailing list