Vula: You should spend sometime and read about the CAS architecture [1] [2], proxy authentication [3], and protocol [4], but here is a summary of CAS:
1. Web SSO; requires HTTP(S) communications 2. Similar to Kerberos; trusted 3rd party between users and applications 3. Uses one-time service tickets for application use; passed as query param 4. Uses ticket granting tickets for SSO session; stored as cookie 5. Provides for app-to-app authentication via proxy authentication 6. Server is Java-based 7. Clients supported in multiple environments / languages Anyhow, spend some time reading the following references; they should answer your questions. A- References: [1] http://www.jasig.org/cas/cas1-architecture [2] http://www.jasig.org/cas/cas2-architecture [3] http://www.jasig.org/cas/proxy-authentication [4] http://www.jasig.org/cas/protocol [5] http://www.ja-sig.org/wiki/display/CASUM/Home On 3/9/09 6:39 PM, "vula" <[email protected]> wrote: > How does SSO solutions combines in groups and in what of those groups CAS > belongs? > > To elaborate, I read here > (http://www.intranetjournal.com/articles/200205/se_05_28_02a.html) that there > are two types of SSO, Web based and Non-Web based, in some White papers about > SSO (Planing for SSO, Rion Dutta) I read that there are two approaches to SSO, > tokens and proxies so if we group in this way there are "token-based" and > "proxie-based" SSO, than I read that there are Kerberos based, Smart card > based... (http://en.wikipedia.org/wiki/Single_sign-on) > > All this is rather confusing to me, Kerberos, Smart card, tokens, proxies, > Web, Non-Web, cookie-based, ESSO, is there a way that this can be organized, > for example, we say, from web point of view there are 1. Web based, 2. Non-Web > based, whom this point ... there are 1... 2...? And in which of these groups > CAS belongs, and other SSO solutions? > > p.s. Sorry if my English grammar is not so great but I think that you will get > my point. -- Andrew Feller, Analyst LSU University Information Services 200 Frey Computing Services Center Baton Rouge, LA 70803 Office: 225.578.3737 Fax: 225.578.6400 -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
