We are using Apache http server as a web proxy. We want to use CAS to authenticate users to the proxy.
CAS authentication requires a CAS server. You seem to be implying you will be protecting one and only one logical application with CAS, which is an uncommon use case for CAS. If you want single sign on across multiple nodes of a single logical application, the Tomcat SSO valve might meet your needs.
Can we just use apache mod_auth_ca by itself, do we need tomcat as well?
A CAS server is required running on a suitable servlet container; Tomcat meets that requirement. In the sense that Tomcat is a servlet container it's required. You would run mod_auth_cas as an Apache module that communicates with the CAS server. Note this could all run on one box, but as I said it seems hardly worth it for a single Web application.
What exactly is the CAS Server?
It's a Web SSO solution. Some helpful links in order of general to specific: http://en.wikipedia.org/wiki/Single_sign-on http://www.jasig.org/cas/about http://www.jasig.org/cas/protocol M -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
