Best practice CAS - PHP - mod_auth_cas ?
Smith, Matthew J.
matt.smith at uconn.edu
Tue Oct 21 10:55:22 EDT 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I personally recommend always running Tomcat behind Apache, using
proxy_ajp (or mod_jk) with Tomcat's AJP port bound only to localhost,
due to the ease of configuring SSL at the Apache tier, and the plethora
of audit/security modules available for Apache.
Then you can use either mod_auth_cas or phpCas for your PHP code, and
mod_auth_cas or the JA-SIG CAS client for your Tomcat-hosted Java code.
HTH,
- -Matt
Arthur Erdös wrote:
> Hello all,
>
> what is the recommended way to integrate CAS SSO with PHP applications?
> Are there benefits in using mod_auth_cas? Or is it better to configure
> tomcat with SSL and redirect users to login via tomcat?
>
> Maybe anyone has some experiences with the differences?
>
> Thx 4 your suggestions :)
>
> Kind regards,
> Arthur
>
> _______________________________________________
> Yale CAS mailing list
> cas at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas
- --
Matthew J. Smith
University of Connecticut ITS
matt.smith at uconn.edu
PGP KeyID: 0xE9C5244E
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFI/e1aGP63pOnFJE4RAnQfAJ0VjxyZ+EGiaUk9cDI4XAZf4tKlXwCgkT1M
qkga6E6E27QzYNT9sf6OVEg=
=Dz+P
-----END PGP SIGNATURE-----
More information about the cas
mailing list