Hi all, I am in charge in evaluating how to convert a standalone java application that uses a database, to a web application that authenticate users in a centralised manner. I found CAS very interesting, so I have currently no questions about how to integrated it with the new web application, but I still have some question about the standalone application.
Currently the java application prompt the user for login/password, and use these credentials to access the database. So, the authentication is done at DBMS level. Web application will be configured in order to use a fixed login/password for accessing the database, after the user has been authenticated via CAS. For this change to work we'll have to do some minor coding in order to separate the application user from the database user. We would like to keep the java application working, so we wonder if there exists any CAS client for java applications. My first search did not find anything, so I am thinking about something different, like: let the application connect a tomcat server with CAS and with a servlet that will respond with login/password for database access. Of course CAS will check user credentials before let the client access the servlet. I am wondering what should be done at client level. From what I understand, CAS authentication require an HTTP GET, then probably a few HTTP REDIRECT, before accessing the servlet. I am sure this is not always true, but I hope this is true for accessing LDAP, Active Directory, and Lotus Domino. Does anyone have any experience in writing such a client for java application? Is there any other path for authenticating java applications of this kind? Thank you very much, Giuseppe Sacco -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
