+1! OAuth has come up often in uMobile discussions, and I think we'll soon need the ability to use CAS as an OAuth server.
- Jen On Jan 20, 2012, at 11:24 AM, Andrew Petro wrote: > Jérôme, > > Thanks for posting pull request #32. I wanted to share this bit of > encouragement: > > I spoke just this week with a potential CAS adopter who needs the integration > to accept login via Facebook. If the opportunity goes beyond talking to > actual doing, at the least I'll be looking at and appreciating your having > shared your solution. > > And I do think these OAuth features should be included in CAS server. I like > your having factored this as a module, a path to making this functionality > modularly adoptable in CAS server implementations. > > Thanks for engaging and sharing your work. > > Kind regards, > > Andrew > > > > > On Jan 17, 2012, at 9:16 AM, jleleu wrote: > >> Hi, >> >> I think OAuth protocol has become a mainstream protocol and it would be a >> great feature to add support for OAuth in CAS. >> I'll make a first try in september 2011 with the JIRA CAS-1041. I reuse a >> prototype I created to integrate OAuth in CAS server. >> The idea was to delegate the authentication to Facebook, Yahoo... I didn't >> get much success with it. >> >> That's why I pushed today the pull request #32, which is a more complete and >> proper try to add support for OAuth protocol in CAS. >> It's a complete module : cas-server-support-oauth. The module allows two >> modes of OAuth support in CAS : >> – CAS server can support OAuth protocol as an OAuth client : in this case, >> CAS authentication can be delegated to an identity provider like Facebook, >> GitHub, Google, LinkedIn, Twitter, Yahoo or even an another CAS server using >> OAuth wrapper >> – CAS server can support OAuth protocol as an OAuth server : in this case, >> CAS uses the OAuth wrapper and acts as an OAuth server, communicating >> through OAuth protocol version 2.0 with OAuth clients. >> >> I've made many tests and succeed in authenticating in Facebook, GitHub, >> Google, LinkedIn, Twitter and Yahoo. I also test with two CAS servers, one >> acting as an OAuth client and the other one acting as an OAuth server : the >> first one delegates the authentication to the other one and after >> authentication, you are authenticated in the first server, communication >> happens only through OAuth protocol. >> >> To help understanding and integration, I write a complete documentation >> which explains how to configure the two modes of support and how technically >> they work. I attach it to this message. >> >> I hope that the CAS core developpers and the CAS community get interested by >> this module and the OAuth support in CAS. >> >> Don't hesitate to ask me if you have any questions... >> >> Thanks. >> Best regards, >> Jérôme >> > > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-dev > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev
