Pleasure. In your future setup, all interactions would be exclusively limited to MailChimp and CAS/OAuth. Shib/CAS should not get in your way.
As far as the setup goes, that's true if I am reading your statement correctly. CAS acting as an OAuth provider allows applications to talk OAuth to CAS. It makes CAS act as a social provider like Facebook. All configuration is handled inside CAS, but the language that is used between CAS and the app would be the OAuth protocol rather than the CAS protocol. CAS acting as an OAuth proxy is the opposite of that. It's where you delegate authentication requests from CAS to outside providers like Facebook, and CAS would translate the response back to CAS protocol for the CAS-client app. (Typically, you'd provide a link on the CAS login page that points folks to a supported Social Provider, etc and takes there and back) It's similar to what the shib/cas plugin does, but the authentication is handled elsewhere. From: Ben Branch [mailto:bbra...@uco.edu] Sent: Tuesday, June 23, 2015 2:10 PM To: cas-user@lists.jasig.org Subject: RE: [cas-user] MailChimp + CAS + OAuth 2.0 Misagh, Thank you for your reply. I didn't think the Shibboleth side of things would come into play, but I just wanted to make sure that I wasn't going to run into any configuration issues with using the CAS-Shib plugin along with enabling OAuth support. Just for more clarification, I take it that CAS setup as an OAuth provider allows it to directly use the OAuth authentication handler whereas the OAuth Proxy basically delegates OAuth authentication to the CAS, similarly to what the CAS-Shib plugin does? Ben Branch UNIX/Linux Administrator University of Central Oklahoma ITIL Foundation v3, Network+, RHCE 100 N. University Drive, Box 122 Edmond, OK 73034 D: 405.974.2649 | M: 405.550.6804 | bbranch@uco. <mailto:bbranch@uco.> edu | www.uco.edu <http://www.uco.edu/> "I am wiser than this man, for neither of us appears to know anything great and good; but he fancies he knows something, although he knows nothing; whereas I, as I do not know anything, so I do not fancy I do. In this trifling particular, then, I appear to be wiser than he, because I do not fancy I know what I do not know." - Socrates From: Misagh Moayyed [mailto:mmoay...@unicon.net] Sent: Tuesday, June 23, 2015 3:15 PM To: cas-user@lists.jasig.org <mailto:cas-user@lists.jasig.org> Subject: RE: [cas-user] MailChimp + CAS + OAuth 2.0 So when you say OAuth AuthN with CAS, do you mean to have CAS act as an OAuth provider or OAuth proxy? Either scenario would work, (and I have done a couple of times) but I am not sure where Shibboleth comes into play, if Mailchimp is solely interacting with CAS and its OAuth endpoints, (which are configurable I believe) From: Ben Branch [mailto:bbra...@uco.edu] Sent: Tuesday, June 23, 2015 12:02 PM To: cas-user@lists.jasig.org <mailto:cas-user@lists.jasig.org> Subject: [cas-user] MailChimp + CAS + OAuth 2.0 All, Currently we have a project that is looking to utilize MailChimp as a way to send out mass communications. Part of the project requirements is that the product must support either CAS or Shibboleth. Just to fill you in a little, here is my current configuration: 2 x CAS Nodes (v3.5.2 + User-Session Replication and EhCache Ticket Replication between nodes) 1 x MySQL Node for storing Services. What we are looking at doing is possibly implementing OAuth Authentication within CAS to support our MailChimp project. Has anyone had any experiencing with using CAS + Unicon CAS-Shib Authenticator + OAuth? Additionally, has anyone just done CAS + OAuth with MailChimp? From reading the documentation, it appears that OAuth would use a different end-point (https://cas.example.com/cas/oauth2.0) whereas my Shibboleth services get redirected back to /Authn/Cas. I mention this, because it would seem that if we had multiple services with different protocols going to the same end point, that could lead to some potential issues with how to handle the incoming user. Any suggestions or comments are greatly appreciated. Ben Branch UNIX/Linux Administrator University of Central Oklahoma ITIL Foundation v3, Network+, RHCE 100 N. University Drive, Box 122 Edmond, OK 73034 D: 405.974.2649 | M: 405.550.6804 | bbranch@uco. <mailto:bbranch@uco.> edu | www.uco.edu <http://www.uco.edu/> "I am wiser than this man, for neither of us appears to know anything great and good; but he fancies he knows something, although he knows nothing; whereas I, as I do not know anything, so I do not fancy I do. In this trifling particular, then, I appear to be wiser than he, because I do not fancy I know what I do not know." - Socrates -- You are currently subscribed to cas-user@lists.jasig.org <mailto:cas-user@lists.jasig.org> as: mmoay...@unicon.net <mailto:mmoay...@unicon.net> To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org <mailto:cas-user@lists.jasig.org> as: bbra...@uco.edu <mailto:bbra...@uco.edu> To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org <mailto:cas-user@lists.jasig.org> as: mmoay...@unicon.net <mailto:mmoay...@unicon.net> To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
