I haven't worked with OpenFire or JSJaC, but here's a possible way to handle it:
1. Before connecting with JSJaC, redirect the browser (or do an AJAX call) to request a Service Ticket ($CAS_SERVER/login?service= http://example.edu/XMPP_server) - the service URL doesn't matter, it just has to match the value used later 2. Connect with JSJaC - enter the user's username and send the ST you just requested as the password 3. The custom AuthProvider in OpenFire will need to validate the ST value ($CAS_SERVER/serviceValidate?service= http://example.edu/XMPP_server&ticket=ST-123456789abc) and compare the username in the CAS ticket with the username that was passed from the client. 4. If the ticket is valid and the usernames match, the user is authenticated. -Eric On Mon, May 10, 2010 at 5:06 PM, Jamie Johnson <jej2...@gmail.com> wrote: > It's been a while since I've sent this with no responses...does that > mean this is not something that anyone has attempted? > > On Mon, Mar 29, 2010 at 3:34 PM, Jamie Johnson <jej2...@gmail.com> wrote: > > I saw several threads on possibly casifying openfire (XMPP Server) but > > do not have a lot of experience with CAS to know where to start. > > First off let me start by describing my environment. I am using a > > JSJaC (JS API for XMPP collaboration) javascript tool for logging > > into the server. The tool is hosted in an environment where the user > > is authenticated against CAS before the tool is displayed. At this > > point what I am hoping to be able to accomplish is use the existing > > information on the client to call a custom implemented AuthProvider in > > Openfire to do the validation of the user against CAS. Does anyone > > have a good place where I can begin the process of learning what needs > > to be done to accomplish this? Will I need proxying for this to work? > > Again any help is appreciated. > > > > -- > You are currently subscribed to cas-user@lists.jasig.org as: > epie...@usf.edu > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- Eric Pierce Identity Management Architect Information Technology University of South Florida (813) 974-8868 -- epie...@usf.edu -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
