Scott M. Holodak wrote: > I think that's probably the easiest/most common solution. You have one > authoritative source for usernames & passwords (LDAP or DB). CAS > interfaces with that to service authentication requests. Your individual > web applications use CAS for authentication.
Also my strong recommendation is *not* to derive user-IDs from person names since person names can change over time, possibly conflict and might be reused. => 1. Assign a unique ID which is never reused. 2. Only disable assigned user-IDs not delete them. Such a user-ID can then easily be used as a long-term primary key for authorization, user profile data and cross-system audit logs. Ciao, Michael. -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
