Philippe, I do believe that container level authentication is a good approach for many reasons : * allow to use J2EE security model based on security role * use the container stuff to manage those roles as you want * transparency for the application * JAAS is good even we do have alternatives like Spring Security ;-)
I will be really glad to see for the CAS project container specific client for major application servers. The Soulwing CAS client (based on Tomcat's Valves) is only compatible to Tomcat ... So it is not compatible to Weblogic Server but inside Weblogic you can write your own Authentication Provider / Identity Asserter to have such a similar approach. BTW, there is the JSR 196 on this topic but only currently supported by Glassfish and in the roadmap of JBoss 5 (AFAIK) ... Regards, -- Arnaud Lesueur LinkedIn: http://www.linkedin.com/in/lesueur On Tue, Mar 24, 2009 at 16:33, Philippe Demierre <[email protected] > wrote: > Dear All, > > We ask for your experiences and invaluable advices. > > In order to use java J2EE web applications with CAS (for authentication) we > are evaluating many solutions to use CAS with JAAS for authorization. > > We are evaluating the solution "Soulwing CAS client" as a container-level > authentication for Tomcat. > > http://www.ja-sig.org/wiki/display/CASC/Soulwing+CAS+Client > > --- > > We would like to know your opinion about this solution : > > How many institutions are using this solution with the Tomcat server ? > > How many institutions are using this solution with another server ? > > Is it possible to use this solution with a weblogic server ? > > Thank you in advance > > Philippe Demierre > University of Geneva > IT Division, Software Development (DEVM) > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
