Isn't Peoplesoft 9.1 supposed to have some SAML authentication support hooks?
Jason On 7/1/09 3:36 PM, "Bryan Wooten" <[email protected]> wrote: I'll try and explain. We have several IT organizations on campus and we are in the process of integrating into one department. So Dept A has implemented a portal (not PeopleSoft) and they have based authorization on CAS (Active Dir is the backend) for their custom applications. My department uses the PeopleSoft portal and our custom applications use a PeopleSoft token for authentication (Sun LDAP is our backend and we have custom Pcode and funclib). My dept uses a couple of homegrown methods (depending on when in the past 8 years the app was developed) to do this PeopleSoft Token validation, including a servlet filter. The 2 directories are kept in sync. Users from Dept A want to be able to get to our apps without logging in to our portal and vice versa. So one suggestion is to modify CAS server to accept peoplesoft tokens so users can seamlessly access Dept A's applications after logging into our PeopleSoft Portal. That seems like a "bad idea" to me. Of course no one has mentioned modifying our apps to accept CAS tickets! My thought was to CASify PeopleSoft to use Dept A's CAS server and then CASify our existing applications. Now CAS tickets are used exclusively throughout the departments. The next step in the grand plan is to implement Sun Access Manager (OpenSS0) in order to get *authorization* functionality (via Policy Agents). Currently all apps implement their own authorization methodology, another bad, hard to maintain thing. Since Access Manager can also be CASyifed everything should fall into place. I am open to other ideas and suggestions. From: Biondi, Dan [mailto:[email protected]] Sent: Wednesday, July 01, 2009 12:32 PM To: [email protected] Subject: RE:[cas-user] CASifying PeopleSoft Bryan: Just curious, why are you interested in CASifying PeopleSoft to use with the PeopleSoft Portal? Why go to the trouble to CASify PeopleSoft and just use the native integration between those two PeopleSoft (Oracle) products? Dan Biondi Web Portal Coordinator Sacramento State v: 916-278-7616 From: Bryan Wooten [mailto:[email protected]] Sent: Tuesday, June 30, 2009 11:35 AM To: [email protected] Subject: [cas-user] CASifying PeopleSoft I've been reading with great interest CASifying PeopleSoft. In going through the PowerPoint slides the implementation seems to rely on the uPortal as the initial user login to access PeopleSoft applications. I was wondering if the PeopleSoft Portal would "play well" with CASifyed PeopleSoft as described. I am of the belief that it will, but others think uPortal is a required component of the system. Thanks for any guidance, Bryan -- Jason Shao Director of Product Development CampusEAI Consortium 1940 East 6th Street, 11th Floor Cleveland, OH 44114 Tel: 216.589.9626x249 Fax: 216.589.9639 ________________________________ Your input is important to improve upon our continuous efforts to service you better. Please e-mail my manager at [email protected] with any feedback. CONFIDENTIALITY NOTICE: This e-mail together with any attachments is proprietary and confidential; intended for only the recipient(s) named above and may contain information that is privileged. You should not retain, copy or use this e-mail or any attachments for any purpose, or disclose all or any part of the contents to any person. Any views or opinions expressed in this e-mail are those of the author and do not represent those of CampusEAI Consortium or the Open Student Television Network. If you have received this e-mail in error, or are not the named recipient(s), you are hereby notified that any review, dissemination, distribution or copying of this communication is prohibited by the sender and to do so might constitute a violation of the Electronic Communications Privacy Act, 18 U.S.C. section 2510-2521. Please immediately notify the sender and delete this e-mail and any attachments from your computer. Warning: Although precautions have been taken to make sure no viruses are present in this e-mail, the companies cannot accept responsibility for any loss or damage that arise from the use of this e-mail or attachments. -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
