> 1. CASify the PERL script so it can only be accessed within a CAS > authenticated session > 2. Modify JSP Proxy script so it can pass the CAS session to the PERL script
Your intention to CAS-enable the Perl script sounds like a use case for CAS proxy authentication, but you haven't described it in terms of proxy in your proposal. I encourage you to leverage proxy authentication in your solution. > 1. Is CASifying the PERL script a good idea to begin with? Is there a better > way to protect this script? Provided you change it to use CAS proxy authentication, sounds perfectly reasonable. > 2. We have used mod_auth_cas to CASify the PERL script but we can seem to > pass the CAS session to it via the JSP script; what are we missing? In a word, you're missing proxy. Doing anything else is a missed opportunity and likely more complicated. M -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
