Re: [Acegisecurity-developer] CasPasswordHandler bean setup woes

Tue, 21 Feb 2006 14:45:11 -0800 

Ben, Scott,

> I think it would be good to have a 3.x-series compatible
> AuthenticationHandler, so that people wanting to try out CAS who already
> have an Acegi Security authentication environment configured can do so
> without trying to configure one of the CAS-included handlers.

Indeed.  I think this is more valuable than just for trying out. 
There should be an adaptor to allow one to use Acegi as the
authentication provider backing a CAS AuthenticationHandler. It's not
efficient to have to have a CAS AuthenticationHandler implementation
AND an Acegi AuthenticationHandler implementation for every
authentication technology under the sun -- it seems to me in some
cases we could get away with just delegating to the Acegi
implementation.  I'll start a thread on cas-dev about this.

> Also, I am presuming that given CAS 3.0.4 is
> now stable we could probably move the old CAS 2.x PasswordHandler to the
> sandbox and change our project JAR dependency to 3.x. Any thoughts?

I'd prefer the CAS 2 PasswordHandler to Acegi adaptor stick around for
a while longer.  There are still deployments of CAS 2 out there who
could decide to upgrade authentication handlers to be backed by Acegi
without upgrading their whole CAS instance to CAS 3.  This supports
incrementally adopting declarative configuration of the authentication
module without necessarily adopting pre-1.0 WebFlows, etc.

CAS 3 is ready for prime time and people should eagerly adopt it. 
However, I think the stepping stone is worth keeping around for a
while longer.

Andrew


-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems?  Stop!  Download the new AJAX search engine that makes
searching your log files as easy as surfing the  web.  DOWNLOAD SPLUNK!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid3432&bid#0486&dat1642
_______________________________________________
Home: http://acegisecurity.org
Acegisecurity-developer mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer

Reply via email to