Hi,
Thanks to everyone who helped me (newbie) understand why CAS uses a different
ServiceTicket per application (especially the security consideration that, if
one application is compromised, the others may still be safe).
Special appreciation to those who manage to provide (useful) replies at 5AM in
the morning ;)
My question was originally triggered by comparing CAS to Sun's OpenSSO 8.0.
I thought I'd share the conclusion, just in case the question ever pops up
again (e.g. by other newbies migrating from other SSO tools, or if someone does
another "head to head" presentation)...
To the best of my understanding, OpenSSO defaults to using shared tokens, as
described for example here:
http://developers.sun.com/identity/reference/techart/app-integration.html
However, it can be configured to use separate tokens, as described here (link
kindly provided by OpenSSO forum):
http://docs.sun.com/app/docs/doc/820-3885/ghubc?a=view
Thanks again for the help.
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
