Hi Andy,
Thank you! May I confirm with you if I am understanding things?
What I am wanting to do with CAS is use it for SSO authentication into our
school luminis portal and the additional resource links we provide to students
from within the portal. That way, they will not be prompted to login to those
additional resources once they have already logged into the portal. I had been
thinking about also setting up Shibboleth in addition to CAS for a more secure
SSO authentication.
So for:
1.) I've got this based on what you said, but will CAS need to connect via port
389 at all or just strictly 636 to the LDAPS?
2.) This possible database server - would that be Active Directory (AD)? While
we have the luminis portal LDAP - we use Active Directory LDAP as our means of
authentication currently into our luminis portal.
3.) What about port 8447 - I don't know the difference between the two but I've
heard someone mention that one before for HTTPS type access.
Would this be the same for other resources besides D2L like AdvisorTrac?
4.) This is where I think someone mentioned port 8447 or 8090.
Thank you very much for responding! This helps a great deal.
Constance
Dalton State College
Portal Administrator
-----------------------------------
Some of the answers depend how you deploy CAS. From the context you have
given, here is what I would guess:
1. CAS server will need to access your RODC via LDAPS (port 636) to
validate authentication credentials and possibly retrieve attributes for
the user.
2. CAS server may need to access a database server to track allowed
services, attributes to release, maintain sessions, etc. This depends on
your CAS deployment choices.
3. D2L will need to connect to your CAS server via HTTPS (usually port
443) to validate the Service Ticket given to them by the user's browser.
4. Your users will need to connect to the CAS server via HTTPS to interact
with CAS.
Andy
--
You are currently subscribed to cas-user@lists.jasig.org as:
cmor...@daltonstate.edu
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
--
You are currently subscribed to cas-user@lists.jasig.org as:
arch...@mail-archive.com
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
