Hi all,
I use CAS for scientific data server authentification.
This scientific data server is called THREDDS and implements a standard
for scientific data dissemination which is called OPeNDAP (restricted
demo URL :
http://www.ifremer.fr/thredds3/dodsC/restricted/CORIOLIS-GLOBAL-RTOA/sea_water_salinity/aggregated_time_serie.html).
What is specific about it is that most of clients for such a server are
not web browsers but scientific tools (matlab, IDL, ...) or API (C++,
java, python...) for which it is difficult to use the CAS web login form
(login.jsp) to proceed to authentification.
In such case, what would be easy to use for the authentification is a
web service where username and password are passed through the URL (as
HTTP POST or GET parameters).
I wonder if something already exists for that pupose.
This could be a web service which can be requested easily without human
intervention :
*1) one URL (web service) to get the login form ticket (lt), *
then the client can "post" the login/password information as it is done
by the login.jsp form :
https://<host....>/index.jsp?service=<restricted url>
Post Data:
username="..."
password="..."
lt="..."
*or 2) one URL or web service to directly post the username/password.*
The 'lt' management will then be completly hidden to the client software.
I am not completly aware of the HTTPS requirements so I don't if any of
this solution can be implemented and which is the best.
Let me know if something similar is already available in the CAS server
or has already been set up by one of you.
Thanks,
Thomas
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
