Hi I have a few web applications that I'm trying to tie in via CAS and LDAP, but I'm a little confused about the authorization, which I read CAS isn't supposed to do. Yet, I see something like groups, but don't know what they are.
Anyway, my scenario is pretty common, and is as follows: We need to restrict access to each of our apps that are going to support SSO. Within each of our apps, there are roles in LDAP tree. These roles are used to prevent certain users from accessing various parts of the site. In addition, admin users should be allowed to assign users access to the apps they are an admin of. Also, an admin of one system may not be an admin of another system. Is it possible to satisfy all of these scenarios with CAS? Or should I be looking at a completely different type of SSO? Thanks -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
