You'll need clarification from your security people on what Kerberos authentication actually means.
If you need each application to speak to Kerberos directly, then CAS won't help you. If you need CAS to speak to Kerberos, you can either use SPNEGO (if you use a Windows system) or the JAAS module to speak to Kerberos and then all of your applications would just speak to CAS. -Scott On Wed, Feb 11, 2009 at 8:30 AM, sol myr <[email protected]> wrote: > Hi, > > We are evaluation CAS. > Our security guys require Kerberos authentication (note: all our machines > are Windows, servers and clients alike). Now we were wondering: how does > CAS support Kerberos, exactly? In particular : > > Is it possible/customary to configure CAS to use Kerberos tickets *instead* > of CAS tickets? Or is it Kerberos tickets *in addition* to CAS tickets (so > that the client first obtains a kerberos ticket, which CAS-server validates > and then issues a CAS TGC )? > > Thanks very much. > > > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
