Monday, November 19, 2007
Thursday, September 13, 2007
- What is CAS?
- What is Single Sign On?
Single sign on is a session/user authentication process that allows a user to provide his or her credentials once in order to access multiple applications. The single sign on authenticates the user to access all the applications he or she has been authorized to access. It eliminates future authenticaton requests when the user switches applications during that particular session.
Web Single sign on works strictly with applications accessed with a web browser. The request to access a web resource is intercepted either by a component in the web server, or by the application itself. Unauthenticated users are diverted to an authenticaton service and returned only after a successful authentication.
- CAS 1 Architecture
Design and Implementation
- Server Deployment
I use Java version 1.5.0_09 and Tomcat 5.5.25
Generating a certificate
%JAVA_HOME%\bin\keytool -delete -alias tomcat -keypass changeit
%JAVA_HOME%\bin\keytool -genkey -alias tomcat -keypass changeit -keyalg RSA
%JAVA_HOME%\bin\keytool -export -alias tomcat -keypass changeit -file %FILE_NAME%
%JAVA_HOME%\bin\keytool -import -file server.crt -keypass changeit -keystore %JAVA_HOME%/jre/lib/security/cacerts
%JAVA_HOME%\bin\keytool -import -file server.crt -keypass changeit
affter Cenerating a certificate then config file server.xml in tomcat server
Dowloading My cas Server Demo cas
- Client Integration
There are many CAS client libraries to assist in CASifying applications, including CAS-ifying Apps , Gateway , Apache::AuthCAS , Java Client , JSP Client , uPortal Client , CAS Client for Java and acegi CAS Client .
I use Java CAS Client and Acegi CAS Client for Demo (+_+)
- Java CAS Client
Overview : The Yale Java CAS client includes Java objects for ticket validation and proxy ticket acquisition, servlets and filters implementing the client portion of the CAS protocol and suitable for "CASifying" a servlet path, a Java object for representing the results of a CAS authentication, and JSP tags for applying CAS authentication. This library is usable for implementing custom CAS functionality and for simply CASifying web applications by application of a filter, and forms the basis for Acegi and uPortal CAS support.
Downloading : he Java CAS client jar is available from ibiblio
Using the Java CAS client : config filter tag in file web.xml
Accessing the authenticated username from Java :
Downloading My Java CAS client Demo casJava
2. Acegi CAS Client
Downloading My Acegi CAS client Demo contacts