availability of clear-text password proxying for CAS
Peter Kharchenko
pkharchenko at unicon.net
Sat Sep 6 00:15:53 EDT 2008
Dear members of the CAS community,
We would like to announce availability of a CAS extension that allows to
proxy clear-text passwords to select services. These extensions were
designed for Sacramento State and they are making it available to the
rest of the community.
While enabling single sign-on through standard CAS protocols is
certainly the preferred approach, some third-party applications can not
be modified to accommodate such workflow, and require an actual password
to be provided to them. The developed ClearPass extension provides a
secure way to hand-off the clear-text password information to a limited
set of CAS-enabled applications, so that the password can be utilized
for authentication with a downstream legacy service. This allows, for
instance, to enable single sign-on of uPortal users into a MS Exchange
server that would not be able to process CAS proxy tickets.
The implementation is described on the JA-SIG wiki
(http://www.ja-sig.org/wiki/x/BIDc), and the code is available in the
JA-SIG SVN repository.
thank you,
-peter.
More information about the cas
mailing list