Why I used Spring?

in mind ,I trust about Spring is pure MVC
if you not believe , can read at Spring MVC Web Framework versus Struts

Central Authentication Service (CAS)

• What is CAS?

CAS is authentication system originally created by Yale University to provide a trusted way for an application to authenticate a user. CAS became a JA-SIG project in December 2004

• What is Single Sign On?

Single sign on is a session/user authentication process that allows a user to provide his or her credentials once in order to access multiple applications. The single sign on authenticates the user to access all the applications he or she has been authorized to access. It eliminates future authenticaton requests when the user switches applications during that particular session.
Web Single sign on works strictly with applications accessed with a web browser. The request to access a web resource is intercepted either by a component in the web server, or by the application itself. Unauthenticated users are diverted to an authenticaton service and returned only after a successful authentication.

• CAS 1 Architecture

Design and Implementation

• Server Deployment

I use Java version 1.5.0_09 and Tomcat 5.5.25

Generating a certificate

%JAVA_HOME%\bin\keytool -delete -alias tomcat -keypass changeit
%JAVA_HOME%\bin\keytool -genkey -alias tomcat -keypass changeit -keyalg RSA
%JAVA_HOME%\bin\keytool -export -alias tomcat -keypass changeit -file %FILE_NAME%
%JAVA_HOME%\bin\keytool -import -file server.crt -keypass changeit -keystore %JAVA_HOME%/jre/lib/security/cacerts
%JAVA_HOME%\bin\keytool -import -file server.crt -keypass changeit

Server (Tomcat)

affter Cenerating a certificate then config file server.xml in tomcat server

Dowloading My cas Server Demo cas

• Client Integration

There are many CAS client libraries to assist in CASifying applications, including CAS-ifying Apps , Gateway , Apache::AuthCAS , Java Client , JSP Client , uPortal Client , CAS Client for Java and acegi CAS Client .

I use Java CAS Client and Acegi CAS Client for Demo (+_+)

1. Java CAS Client

Overview : The Yale Java CAS client includes Java objects for ticket validation and proxy ticket acquisition, servlets and filters implementing the client portion of the CAS protocol and suitable for "CASifying" a servlet path, a Java object for representing the results of a CAS authentication, and JSP tags for applying CAS authentication. This library is usable for implementing custom CAS functionality and for simply CASifying web applications by application of a filter, and forms the basis for Acegi and uPortal CAS support.

Downloading : he Java CAS client jar is available from ibiblio

Using the Java CAS client : config filter tag in file web.xml

CAS Filter edu.yale.its.tp.cas.client.filter.CASFilter edu.yale.its.tp.cas.client.filter.loginUrl https://secure.its.yale.edu/cas/login edu.yale.its.tp.cas.client.filter.validateUrl https://secure.its.yale.edu/cas/serviceValidate edu.yale.its.tp.cas.client.filter.serverName your server name and port (e.g., www.yale.edu:8080) CAS Filter /*

Accessing the authenticated username from Java :

session.getAttribute(CASFilter.CAS_FILTER_USER);

session.getAttribute("edu.yale.its.tp.cas.client.filter.user");

Downloading My Java CAS client Demo casJava

2. Acegi CAS Client

Downloading My Acegi CAS client Demo contacts

Resource Referent

JA-SIG Central Authentication Service

สถาปนา Blog

วันนี้เป็นวันแรกครับที่ผม สร้าง blog
จุดประสงค์ของการสร้าง blog ของผม คือ
1 เรือ่งของ technology
2 เรือ่งทั่วไป
3 เรื่องตัวของผมเอง(+_+)