To the list... ---------- Forwarded message ---------- From: [email protected] Date: Nov 26, 2016, 08:54 -0500 To: Joseph Pine <[email protected]> Subject: Re: [cas-user] SSO LTPA cookie
> The idea here is that you protect this LTPA generator REST resource by CAS, > so then CAS client in front of it delegates to CAS to do authentication > transaction by standard means and to make the authenticated principal > available to the generator where it grabs it, generates the LTPA, stuffs it > into a Cookie and redirects to a target LTPA-aware resource of choice where > it can be used, validated, etc. The entire idea here is to decouple the LTPA > generation business from CAS server as it does need to concern itself with > it, hence the name "ltpa bridge". If you think this design is "too complex", > you could of course complect the LTPA bits with the CAS server by modifying > its login flow, etc. DIY programming is required in that case. > > Hope it helps, > > > D. > > On Nov 26, 2016, 08:18 -0500, Joseph Pine <[email protected]>, wrote: > > Ok I've found that already. > > > > But is there a way to connect cas directly to a external LTPA cookie > > generator? > > > > I already have an LTPA generator, so I would like to ask the CAS to ask the > > generator and authenticate the valid user. > > > > Thanks. > > > > On Sat, Nov 26, 2016 at 1:43 PM, Dmitriy Kopylenko <[email protected] > > (mailto:[email protected])> wrote: > > > There exists this -> https://github.com/Unicon/ltpa-bridge It’s old and > > > unmaintained, but it should give you ideas… > > > > > > Cheers, > > > D. > > > > > > > > > From: Joseph <[email protected]> (mailto:[email protected]) > > > Reply: [email protected] (mailto:[email protected]) > > > <[email protected]> (mailto:[email protected]) > > > Date: November 26, 2016 at 6:34:39 AM > > > To: CAS Community <[email protected]> (mailto:[email protected]) > > > Subject: [cas-user] SSO LTPA cookie > > > > > > > Hello. > > > > > > > > I'm learning about the JASIG CAS server. > > > > > > > > We have a legacy IBM system implemented with our users. The system uses > > > > a LTPA cookie for the SSO. > > > > > > > > We now need a tomcat server on site that will connect to this existing > > > > system. > > > > > > > > There is a webshpere server with a page where the user logs in, and > > > > once successful, there is a link on that page that will direct the user > > > > to the tomcat server. So the tomcat needs to evaluate the token. > > > > > > > > There is also a need to evade this system when the user asks directly > > > > for the app hosted on tomcat. We are thinking about using the CAS > > > > server. > > > > > > > > So can the CAS server connect to a existing IBM LTPA authentication > > > > system and validate the user? > > > > > > > > What would be the best way to accomplish this? > > > > > > > > Thank you. -- > > > > - CAS gitter chatroom: https://gitter.im/apereo/cas > > > > - CAS mailing list guidelines: > > > > https://apereo.github.io/cas/Mailing-Lists.html > > > > - CAS documentation website: https://apereo.github.io/cas > > > > - CAS project website: https://github.com/apereo/cas > > > > --- > > > > You received this message because you are subscribed to the Google > > > > Groups "CAS Community" group. > > > > To unsubscribe from this group and stop receiving emails from it, send > > > > an email to [email protected] > > > > (mailto:[email protected]). > > > > To view this discussion on the web visit > > > > https://groups.google.com/a/apereo.org/d/msgid/cas-user/7ba760c2-d0ba-4801-bc57-4c6de76f015a%40apereo.org > > > > > > > > (https://groups.google.com/a/apereo.org/d/msgid/cas-user/7ba760c2-d0ba-4801-bc57-4c6de76f015a%40apereo.org?utm_medium=email&utm_source=footer). > > -- - CAS gitter chatroom: https://gitter.im/apereo/cas - CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html - CAS documentation website: https://apereo.github.io/cas - CAS project website: https://github.com/apereo/cas --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/37ddf3bb-6bee-4450-8ae5-215aa9108ff4%40Spark.
