Hi all, In addition, we have a pending RFE:
"Support SSO mechanisms" http://restlet.tigris.org/issues/show_bug.cgi?id=693 There is an indirect pointer there to another CAS implementation from Alex Horn. I might be a good idea to provide a dedicated Restlet extension for CAS. Anyone willing to lead this? Best regards, Jerome Louvel -- Restlet ~ Founder and Lead developer ~ http://www.restlet.org Noelios Technologies ~ Co-founder ~ http://www.noelios.com -----Message d'origine----- De : Rhett Sutphin [mailto:rh...@detailedbalance.net] Envoyé : mardi 10 novembre 2009 15:07 À : discuss@restlet.tigris.org Objet : Re: CAS authentication in Restlet server Hi Arjohn, On Nov 10, 2009, at 5:31 AM, Arjohn Kampman wrote: > Hi Rhett, > > Many thanks for these pointers and your suggestions. The code looks > nice > and clean. Thanks. > The license for this code looks very BSD-like, is that > correct? That's correct. You're free to take and adapt it if you like with no limits on redistribution of any derived code. > I noticed that this code is based on acegi. Is this easier/better than > using the CAS client code directly? If you're just using Restlet, maybe not. This application contains both a Spring MVC webapp and a Restlet-based RESTful API, so I adapted the Acegi bits from the webapp to work with Restlet, too. Acegi's CAS integration seems like a pretty thin wrapper around the jasig client. Rhett > > Arjohn > > Rhett Sutphin wrote: >> I have done this for my Restlet-based API. I can point you to the >> code[1], but since the application is a redistributable webapp which >> supports several authentication plugins, the implementation is >> probably more indirect than you need. Also, please note that my >> experience is with Restlet 1.1 only so far -- I haven't tried to >> update this application to 2.0. >> >> If I were adding support for just CAS, I would define a new challenge >> scheme (call it something like cas_proxy_ticket) and define a Guard >> and AuthenticationHelper pair which handle this scheme. This would >> mean that a client would need to acquire a proxy ticket and then >> include it in the HTTP request as the Authentication header, >> something >> like >> >> Authentication: cas_proxy_ticket PT-123456789 >> >> Rhett > > -- > Arjohn Kampman, Senior Software Engineer > Aduna - Semantic Power > www.aduna-software.com > > ------------------------------------------------------ > http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=24161 09 ------------------------------------------------------ http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=24161 51 ------------------------------------------------------ http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=2416500