Hi Andy, Thank you! May I confirm with you if I am understanding things? What I am wanting to do with CAS is use it for SSO authentication into our school luminis portal and the additional resource links we provide to students from within the portal. That way, they will not be prompted to login to those additional resources once they have already logged into the portal. I had been thinking about also setting up Shibboleth in addition to CAS for a more secure SSO authentication.
So for: 1.) I've got this based on what you said, but will CAS need to connect via port 389 at all or just strictly 636 to the LDAPS? 2.) This possible database server - would that be Active Directory (AD)? While we have the luminis portal LDAP - we use Active Directory LDAP as our means of authentication currently into our luminis portal. 3.) What about port 8447 - I don't know the difference between the two but I've heard someone mention that one before for HTTPS type access. Would this be the same for other resources besides D2L like AdvisorTrac? 4.) This is where I think someone mentioned port 8447 or 8090. Thank you very much for responding! This helps a great deal. Constance Dalton State College Portal Administrator ----------------------------------- Some of the answers depend how you deploy CAS. From the context you have given, here is what I would guess: 1. CAS server will need to access your RODC via LDAPS (port 636) to validate authentication credentials and possibly retrieve attributes for the user. 2. CAS server may need to access a database server to track allowed services, attributes to release, maintain sessions, etc. This depends on your CAS deployment choices. 3. D2L will need to connect to your CAS server via HTTPS (usually port 443) to validate the Service Ticket given to them by the user's browser. 4. Your users will need to connect to the CAS server via HTTPS to interact with CAS. Andy -- You are currently subscribed to cas-user@lists.jasig.org as: cmor...@daltonstate.edu To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user