> I'm working with a specific smart card system that > does no local authentication, but simply sends 3 values over the network > (username/password/md5Sum of smartcard info) .
I'm only conceptually familiar with cryptographic smart cards that have a PKCS#11 interface. These absolutely will work with CAS. As for your particular cards, I have no idea. Integration of a device that requires data from both interactive (user types user/pass) and non-interactive (card) sources will be harder than most integration scenarios. The easy part of the integration would be a custom AuthenticationHandler. The hard part is customizing the login webflow to accommodate both types of credentials simultaneously. The current webflow supports either interactive credentials from the form or non-interactive credentials from the request, e.g. X.509 certificate sent by client. You'll need to combine the two. Also, getting the message digest from the card to CAS may be a pain point. M -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
