Joseph,
At University of Geneva we plan to use CAS with J2EE ADF/JSF application
developped with Oracle jdeveloper.
Following that requirement, of course our app server is the Oracle
WebLogic Server 10g (10.3).
As mentionned we expect to use JAAS to manage the user's authorizations
paradigm.
Do you think your development (JBoss authentication valve with a
CasLoginModule) could be adapted in the medium term to our needs ?
Do you have an opinion on the solution JAAS using CAS with SecurityFilter ?
Thanks
Joseph Valerio a écrit :
Philippe,
I do not know what your time frame is for deployment, but I am
currently working on a jboss-cas integration using a JBoss
authentication valve with a CasLoginModule. Valves are JBoss
specific, but give us the ability to authenticate into Jaas for a
specified realm. We are currently using it to integrate CAS into 3rd
party J2EE apps running on JBoss that have NO notion of CAS. The down
side is that it has been a very long road due to implementation
details, and it is still very young. I am currently working on
implementing proxy CAS with this architecture to take advantage of its
features, as well as documenting how to use it. I have been in
communications with Scott Bataglia about contributing this work back
to JA-Sig, but it will take some time, as I still have to port it off
the old Yale based javaCasClient to the jasigClient.
If you are interested and don't have proxy needs, I can give you what
I have with instructions on how to implement it.
- Joe
PS: This approach was inspired by the JBoss Portal CAS Valve
implementation.
--
Joseph Valerio
Senior Systems Programmer
Yale University
Technology & Planning
Information Technology Services
phone: 203-432-1196
email: [email protected]
smail: 25 Science Park, New Haven, CT 06511
_____________________________________
From: Philippe Demierre [[email protected]]
Sent: Friday, February 06, 2009 4:39 AM
To: [email protected]
Subject: [cas-user] JAAS using CAS with SecurityFilter
Dear All,
We ask for your experiences and invaluable advices.
In order to use java J2EE web applications with CAS (for authentication) we are
evaluating many solutions to use CAS with JAAS for authorization.
The first solution we are evaluating is based on "Combining CASFilter with Tomcat
Realms using SecurityFilter" as read from JA-SIG web site :
http://www.ja-sig.org/wiki/pages/viewpageattachments.action?pageId=9543
As it is proposed, we have first downloaded the SecurityFilter java package
from the source forge site :
http://sourceforge.net/project/showfiles.php?group_id=59484.
(SecurityFilter is a Java Servlet Filter that mimics container managed
security.)
Then we have combined the CASFilter using the SecurityFilter using the two
provided files CASAuthenticator.java and AuthenticatorFactory.java from ja-sig
http://www.ja-sig.org/wiki/pages/viewpageattachments.action?pageId=9543
Finally we created a custom authorization class named
public class UniGeRealm that extends the SimpleSecurityRealmBase provided by
the package.
This custom class has to overwrite the isUserInRole(String username, String
rolename) SimpleSecurityRealmBase method.
This method has to query the username rolename against a roles based directory
and returns true in case of username/rolename matching.
It works...
We would like to know
Is this a reliable solution ?
How many institutions are using this solution to work with JAAS using CAS to
authenticate users?
Are there other solutions to use JAAS with CAS ?
Thank you in advance
Philippe Demierre
University of Geneva
IT Division, Software Development (DEVM)
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
--
_________________________________
Philippe Demierre
University of Geneva
IT Division, Software Development (DEVM)
24, rue du Général-Dufour
1211 GENEVE 4
SWITZERLAND
Tel : +4122 379 7552
Fax: +4122 379 7191
_________________________________
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
