Hi Gil, While Unicon's first pass at bridging to LTPA also involved modifying the CAS server to add this feature, review and refactor led to an architecture of a separate bridge application instead.
I'm a big fan of this architecture, incidentally. Keep CAS simple and focused on doing what it does well -- the CAS protocol - and rely upon authenticating to bridge applications to translate to other protocols. In this architecture, the Shibboleth IdP, CASified, becomes a really great bridge for speaking excruciatingly rigorous SAML. Anyway. An LTPA bridge, CASified, becomes a much smaller and less ambitious bridge for speaking passable LTPA. And here it is: https://github.com/Unicon/ltpa-bridge The idea is that it's a simple little Java webapp. It's a CASified application. Your users log into it using CAS, just like any other CAS-using service. The bridge computes the LTPA token and redirects the browser over to the target application with the token. Install and configure one of these bridges for each LTPA-consuming application you want to CAS-integrate. If that becomes unwieldy, do something fancier and ideally proffer a pull request. :) I should mention that this bridge application probably isn't yet in production anywhere. It's the refactored and in my view better architected version of something Unicon initially did as local CAS customizations for a client. The customizations it was refactored from have been successfully in production for months. Hope to hear about your successful experiences with it. Kind regards, Andrew On Fri, Nov 16, 2012 at 6:30 AM, Gil Victor Teixeira Pinto < [email protected]> wrote: > I'm trying to integrate iNotes following the tutorial: > > https://github.com/apetro/casify-lotus-domino-inotes/wiki/CasifyDominoLotusiNotes > > I'm having trouble completing the modifications on the CAS server to > generate the LTPA token to be returned to the client (Domino / iNotes web > mail). > At the forum domino experts< > http://www.dominoexperts.com/articles/Creating-a-session-for-a-user> > there are some tips for creating the cookie< > http://offbytwo.com/2007/0/21/working-with-ltpa.html<http://offbytwo.com/2007/08/21/working-with-ltpa.html>>, > but I do not know if the code is correct because I have no idea how to > return it to the client that is requesting authentication. > > I wonder if anyone has some sample code that does this generation of LTPA > cookie. > > Thanks in advance! > > -- > You are currently subscribed to [email protected] as: [email protected] > > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
