I need to know if CAS 3.3.3 supports SAML both request and response or just SAML responses?
It sends a SAML 1.1 response for a ticket validated at /samlValidate. See http://www.ja-sig.org/wiki/display/CASUM/SAML+1.1 for more information. It also sends a SAML LogoutRequest message to implement single sign-out. That is the extent of SAML support in CAS.
And where does CAS store authorization configurations? Is it in the same database which uses to store identity informations?
Again, CAS does _not_ store identity information. It _integrates_ with an authentication provider containing identity data. Neither does it store any authorization configurations. The extent of its data storage is which services may receive a subset, if any, of the attributes to be released on ticket validation. The attribute release feature was one of the driving forces for including SAML support in CAS. It does not, however, have any explicit support for authorization. You really should read the "Attribute Release" section of http://www.ja-sig.org/wiki/display/CASUM/Home for an overview of how CAS approaches authorization.
M -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
