Marvin, Thank very much for the quick response. How does CAS proxy authentication work? Looks like we may not need to modify our JSP proxy script after all. If you can point me in the right direction, I'd really appreciate it.
Bet Regards, Peter On Mon, Jul 11, 2011 at 2:13 PM, Marvin Addison <[email protected]>wrote: > > 1. CASify the PERL script so it can only be accessed within a CAS > > authenticated session > > 2. Modify JSP Proxy script so it can pass the CAS session to the PERL > script > > Your intention to CAS-enable the Perl script sounds like a use case > for CAS proxy authentication, but you haven't described it in terms of > proxy in your proposal. I encourage you to leverage proxy > authentication in your solution. > > > 1. Is CASifying the PERL script a good idea to begin with? Is there a > better > > way to protect this script? > > Provided you change it to use CAS proxy authentication, sounds > perfectly reasonable. > > > 2. We have used mod_auth_cas to CASify the PERL script but we can seem to > > pass the CAS session to it via the JSP script; what are we missing? > > In a word, you're missing proxy. Doing anything else is a missed > opportunity and likely more complicated. > > M > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
