Hello Ryan,
for a simple scenario you could combine something like
https://wiki.jasig.org/display/CASC/ASP.NET+Forms+Authentication
with a custom sts
http://msdn.microsoft.com/en-us/library/ff955607.aspx
This delivers good user experience for only one SP Web App.
You should clear the aspxauth session cookie immediatly after returning
the ws-federation response so that your custom sts redirects to CAS
every time.
This solution lacks integrated single sign out:
https://wiki.jasig.org/display/CASUM/Single+Sign+Out
WS-Federation Single Sign Out works on a cookies basis :
http://social.technet.microsoft.com/wiki/contents/articles/ad-fs-how-to-invoke-a-ws-federation-sign-out.aspx
you could provide the link to your Cas Servers logout page anyway (e.g.
redirect the sharepoint logout/signon as different user butons)
Keep in Mind also that for Office Integration the SP session cookie
needs to be persisted (UseSessionCookies = $false)
Sliding Sessions:
http://blogs.pointbridge.com/Blogs/nielsen_travis/Pages/Post.aspx?_ID=41
regards
--
MArkus
Am 12.11.2011 12:24, schrieb ryan:
Kaustubh<kaustubh_anwekar@...> writes:
Hi,
We have a requirement where we need to integrate Central Authentication
Service (CAS) with SharePoint
2010. We did find a pointer to integrate it with MOSS 2007
(http://eduyalesomauth.codeplex.com/),
however SharePoint 2010 claims based authentication is built on Windows
Identity Foundation (WIF),
hence this solution is not useful.
Helpful links found through google discuss of an inherent issue faced by
people when integrating CAS with
SharePoint 2010; SharePoint expects the user’s password when redirecting after
successful
authentication at the following line:
SPClaimsUtility.AuthenticateFormsUser(Request.Url, username, password);
(Details of this issue can be found here-
http://stackoverflow.com/questions/3428152/issues-using-external-
authentication-with-sharepoint-2010 )
We have few questions:
1. Any link / document which describes the exact steps to follow to
integrate CAS with SharePoint 2010
2. Any way out to overcome the above problem (need to pass a password)
3. Has Jasig / Yale come up with a solution on this?
4. Is there some way Jasig / Yale web service can pass the credentials
along with the Boolean value (Yes / No-
if user is authenticated), so we pass the user’s password in the above
redirect method?
Thanks in advance!
Hi Kaustubh,
Did you manage to ever accomplish this requirement?
I am a similar task I am trying to do.
Any help would be greatly appreciated.
Thanks! Ryan.
--
You are currently subscribed to cas-dev@lists.jasig.org as:
arch...@mail-archive.com
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-dev
