Hello,
I am working on a document to compare different Single Sign-On systems.
At the moment I am trying to find out what the pros and cons about the
CAS Authorization is, which means just sending additional attributes,
like permissions, to the service provider after logging in, and
shibboleths way to request the permissions after logging in.
As far as i understood shibboleth just does the same thing, just sending
attributes to the service provider as the SP requests them.
Why is this 'better' than using the CAS additional attributes to
authorize people, also regarding security issues? I am a little bit
confused about the correct definition of a SSO system that provides
authorization.
Thanks in advance.
Regards
Joshua
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-dev
