On Sun, Apr 26, 2015 at 6:09 AM, Joshua Vecsei <j.vec...@gmx.de> wrote:
> Hello, > > thank you! I will try this today. > I think it is still a bit strange, that Shibboleth can say they support > authorization ( http://en.wikipedia.org/wiki/Shibboleth_%28Internet2%29 > ) and CAS does not. Even if they to the same thing -> just supporthing > the service providers for making their own decissions about > authorization based on the returned attributes ( roles/permissions ). > Frankly speaking... AuthZ is little hard / manual in SAML. :-) > > > > > Am 25.04.2015 um 16:32 schrieb Zico: > > Joshua, > > > > You may try Gluu Server SSO system. It's open source and shibboleth, > > CAS, OpenID Connect are also included there. They have community edition > > rpm/deb, which you can try to install in your own VM. > > http://www.gluu.org/docs/articles/gluu-server-ce/ > > > > On Sat, Apr 25, 2015 at 6:56 AM, Joshua Vecsei <j.vec...@gmx.de > > <mailto:j.vec...@gmx.de>> wrote: > > > > Hello, > > > > I am working on a document to compare different Single Sign-On > systems. > > At the moment I am trying to find out what the pros and cons about > > the CAS Authorization is, which means just sending additional > > attributes, like permissions, to the service provider after logging > > in, and shibboleths way to request the permissions after logging in. > > As far as i understood shibboleth just does the same thing, just > > sending attributes to the service provider as the SP requests them. > > > > Why is this 'better' than using the CAS additional attributes to > > authorize people, also regarding security issues? I am a little bit > > confused about the correct definition of a SSO system that provides > > authorization. > > > > Thanks in advance. > > > > Regards > > Joshua > > > > > > > > > > -- > > You are currently subscribed to cas-dev@lists.jasig.org > > <mailto:cas-dev@lists.jasig.org> as: mailz...@gmail.com > > <mailto:mailz...@gmail.com> > > To unsubscribe, change settings or access archives, see > > http://www.ja-sig.org/wiki/display/JSG/cas-dev > > > > > > > > > > -- > > Best, > > Zico > > > > -- > > You are currently subscribed to cas-dev@lists.jasig.org <mailto: > cas-dev@lists.jasig.org> as: j.vec...@gmx.de > > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-dev > > > > -- > You are currently subscribed to cas-dev@lists.jasig.org as: > mailz...@gmail.com > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-dev > -- Best, Zico -- You are currently subscribed to cas-dev@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev
