Hi I am trying to implement CAS SSO authentication for an Oracle ADF/JSF application (running under 10gR3 - 10.1.3.5) . As I understand it we have to do the following at a minimum:
Step 1 Successfully implement CAS "filters" in the application's web.xml which will force a person logging onto the our JSF application to re-authenticate against the CAS server if they haven't already logged in via our CASify'd portal. I have tried putting the CAS filters in the web.xml, as per the instructions for the CAS client, but have not managed to get CAS authentication to work. I am wondering if there are issues to do with the Oracle software we are running. Additionally we want to do the following: Step 2 Somehow once CAS authentication has been successful we need to bypass (programmatically or otherwise) the normal forms based JAAS authentication which our application uses (where you enter a logon/password) by writing some java code to capture the CAS authentication details and hand these over to a custom security provider component (essentially java code which runs a database PL/SQL procedure to perform a LDAP lookup confirming clients identity). We are using the JAAS login module class "oracle.sample.dbloginmodule.DBProcLM.DBProcOraDataSourceLoginModule" Has anyone successfully CASify'd an Oracle ADF/JSF application in a similar fashion? Is it possible/doable or are there inherent problems with achieving this on the oracle version we are using? Have you managed to at least achieve Step 1 without Java coding? thanks Brian email: [email protected] -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
