Hi Jérôme, Thanks for sharing your work. I'd be surprised is there is not wide interest in the community about alternate auth protocols and how they might complement a centralized authentication system.
I intend to to go through the materials you've prepared and need to stand up a test installation for this purpose (perhaps others have created/can point to resources that expedite such and would like to share). Are you already using your work in production? (if so, a brief description of your uses would underscore the value for those interested). We and others can continue OAuth collaboration under CAS-1041 which has been quiet for awhile but I hope will pick up with your latest efforts. Regards, Brian On Tue, Jan 17, 2012 at 9:16 AM, jleleu <jerome.le...@sfr.com> wrote: > Hi, > > I think OAuth protocol has become a mainstream protocol and it would be a > great feature to add support for OAuth in CAS. > I'll make a first try in september 2011 with the JIRA CAS-1041. I reuse a > prototype I created to integrate OAuth in CAS server. > The idea was to delegate the authentication to Facebook, Yahoo... I didn't > get much success with it. > > That's why I pushed today the pull request #32, which is a more complete > and proper try to add support for OAuth protocol in CAS. > It's a complete module : cas-server-support-oauth. The module allows two > modes of OAuth support in CAS : > – CAS server can support OAuth protocol as an OAuth client : in this case, > CAS authentication can be delegated to an identity provider like Facebook, > GitHub, Google, LinkedIn, Twitter, Yahoo or even an another CAS server > using OAuth wrapper > – CAS server can support OAuth protocol as an OAuth server : in this case, > CAS uses the OAuth wrapper and acts as an OAuth server, communicating > through OAuth protocol version 2.0 with OAuth clients. > > I've made many tests and succeed in authenticating in Facebook, GitHub, > Google, LinkedIn, Twitter and Yahoo. I also test with two CAS servers, one > acting as an OAuth client and the other one acting as an OAuth server : the > first one delegates the authentication to the other one and after > authentication, you are authenticated in the first server, communication > happens only through OAuth protocol. > > To help understanding and integration, I write a complete documentation > which explains how to configure the two modes of support and how > technically they work. I attach it to this message. > > I hope that the CAS core developpers and the CAS community get interested > by this module and the OAuth support in CAS. > > Don't hesitate to ask me if you have any questions... > > Thanks. > Best regards, > Jérôme > > -- > You are currently subscribed to cas-dev@lists.jasig.org as: > brianxsav...@gmail.com > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-dev -- You are currently subscribed to cas-dev@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev
