Misagh, Thank you for your reply. I didn't think the Shibboleth side of things would come into play, but I just wanted to make sure that I wasn't going to run into any configuration issues with using the CAS-Shib plugin along with enabling OAuth support. Just for more clarification, I take it that CAS setup as an OAuth provider allows it to directly use the OAuth authentication handler whereas the OAuth Proxy basically delegates OAuth authentication to the CAS, similarly to what the CAS-Shib plugin does?
Ben Branch UNIX/Linux Administrator University of Central Oklahoma ITIL Foundation v3, Network+, RHCE 100 N. University Drive, Box 122 Edmond, OK 73034 D: 405.974.2649 | M: 405.550.6804 | bbranch@uco.<mailto:bbranch@uco.>edu | www.uco.edu<http://www.uco.edu/> "I am wiser than this man, for neither of us appears to know anything great and good; but he fancies he knows something, although he knows nothing; whereas I, as I do not know anything, so I do not fancy I do. In this trifling particular, then, I appear to be wiser than he, because I do not fancy I know what I do not know." - Socrates From: Misagh Moayyed [mailto:[email protected]] Sent: Tuesday, June 23, 2015 3:15 PM To: [email protected] Subject: RE: [cas-user] MailChimp + CAS + OAuth 2.0 So when you say OAuth AuthN with CAS, do you mean to have CAS act as an OAuth provider or OAuth proxy? Either scenario would work, (and I have done a couple of times) but I am not sure where Shibboleth comes into play, if Mailchimp is solely interacting with CAS and its OAuth endpoints, (which are configurable I believe) From: Ben Branch [mailto:[email protected]] Sent: Tuesday, June 23, 2015 12:02 PM To: [email protected]<mailto:[email protected]> Subject: [cas-user] MailChimp + CAS + OAuth 2.0 All, Currently we have a project that is looking to utilize MailChimp as a way to send out mass communications. Part of the project requirements is that the product must support either CAS or Shibboleth. Just to fill you in a little, here is my current configuration: 2 x CAS Nodes (v3.5.2 + User-Session Replication and EhCache Ticket Replication between nodes) 1 x MySQL Node for storing Services. What we are looking at doing is possibly implementing OAuth Authentication within CAS to support our MailChimp project. Has anyone had any experiencing with using CAS + Unicon CAS-Shib Authenticator + OAuth? Additionally, has anyone just done CAS + OAuth with MailChimp? From reading the documentation, it appears that OAuth would use a different end-point (https://cas.example.com/cas/oauth2.0) whereas my Shibboleth services get redirected back to /Authn/Cas. I mention this, because it would seem that if we had multiple services with different protocols going to the same end point, that could lead to some potential issues with how to handle the incoming user. Any suggestions or comments are greatly appreciated. Ben Branch UNIX/Linux Administrator University of Central Oklahoma ITIL Foundation v3, Network+, RHCE 100 N. University Drive, Box 122 Edmond, OK 73034 D: 405.974.2649 | M: 405.550.6804 | bbranch@uco.<mailto:bbranch@uco.>edu | www.uco.edu<http://www.uco.edu/> "I am wiser than this man, for neither of us appears to know anything great and good; but he fancies he knows something, although he knows nothing; whereas I, as I do not know anything, so I do not fancy I do. In this trifling particular, then, I appear to be wiser than he, because I do not fancy I know what I do not know." - Socrates -- You are currently subscribed to [email protected]<mailto:[email protected]> as: [email protected]<mailto:[email protected]> To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected]<mailto:[email protected]> as: [email protected]<mailto:[email protected]> To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
