Raghu: I agree with Scott. This sounds like a difficult but fun project. Multiple protocols in addition to the support for multiple authentication mechanisms makes a tempting code base (valuable). You can truly learn from this.
Start your design by modularizing the protocols and the authentication methods. I would first work to fully understand the protocols and then diagram their use on paper. HTH David On Sat, Feb 21, 2009 at 10:20 AM, Scott Battaglia <[email protected] > wrote: > Raghu, > > You best bet is that you create a server that is able to understand > multiple protocols. This is what we're attempting to do with CAS4 (it will > support SAML2, CAS1, CAS2, and possibly others). Another possible project > you may wish to look at is: > > https://rnd.feide.no/simplesamlphp > > It mediates between a group of protocols (much like CAS4 will do). > > Your only other choice is a framework like Spring Security, on the client > side, which understands multiple authentication mechanisms. > > -Scott > > -Scott Battaglia > PGP Public Key Id: 0x383733AA > LinkedIn: http://www.linkedin.com/in/scottbattaglia > > > On Sat, Feb 21, 2009 at 1:05 AM, Raghu Ravi <[email protected]> wrote: > >> David, >> Thank you for replying, this is my project in co,llege and i have >> to do it to earn my credit. The project is to build a generic API for SSO, I >> have chosen OpenSSO and CAS to work with, do you have any better suggestion, >> any other SSO that I could use. I am not getting any help, since this is one >> of a kind project. >> The motivation is, an enterprise has to change all the client web >> application when they migrate from one SSO serevr to another, eg from CAS to >> OpenSSO, by using the generic API they would just have to change the server >> and thats it, it should work. >> I had no idea about single sign on until I started the project, >> so I if you know a better server to work with please suggest it, >> >> thank you >> Raghu >> >> On Fri, Feb 20, 2009 at 6:19 PM, David Whitehurst <[email protected] >> > wrote: >> >>> Raghu: >>> >>> I haven't come across anything that does this. I do think, however that >>> you would need to consider what both products do collectively. Ask yourself >>> "what would OpenSSO add to CAS?" How would you use such an API? Who would >>> use such an API? >>> >>> I've looked at the SSO spec at Oasis and OpenSSO seems to have captured >>> that need for compliance. CAS is based on a security protocol and seems to >>> be more process related where OpenSSO deals with programming needs to >>> support SSO communications. You also have to ask yourself is there a true >>> need for a combined API? >>> >>> I don't know if I helped but I understand your motivation I think. When >>> you get into the detail of CAS and SSO you may find that everything is >>> already there to accomplish your tasks. I don't know if you are going to >>> simplify things with another API. >>> >>> David >>> >>> On Fri, Feb 20, 2009 at 3:37 AM, Raghu Ravi <[email protected]>wrote: >>> >>>> Hi, >>>> I am doing a project on writing a generic API for OpenSSO and >>>> CAS, has anyone come across such an API or atleast an idae to proceed with >>>> with would be of great help. >>>> >>>> Thanking You >>>> Raghu R >>>> >>>> -- >>>> You are currently subscribed to [email protected] as: >>>> [email protected] >>>> >>>> >>>> >>>> To unsubscribe, change settings or access archives, see >>>> http://www.ja-sig.org/wiki/display/JSG/cas-user >>>> >>>> >>> -- >>> You are currently subscribed to [email protected] as: >>> [email protected] >>> To unsubscribe, change settings or access archives, see >>> http://www.ja-sig.org/wiki/display/JSG/cas-user >>> >>> >> -- >> You are currently subscribed to [email protected] as: >> [email protected] >> >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/display/JSG/cas-user >> >> > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
