Re: CAS Integration with JBoss

[Adam Rybicki]

Krish, It sounds like you have a good start.  Having a working CAS server allows you to focus on CAS-enabling applications that need SSO.  Let me see if I can better define a minimum "working CAS server:" It authenticates against your production enterprise authentication store (Kerberos, LDAP, whatever) It only accepts SSL (port 443) traffic The SSL certificate is a "real" certificate that was properly signed by a recognized CA With these simple requirements in place your CAS-enabling work will proceed more smoothly.  Development against a production CAS should be just fine.  There is nothing that a CAS client should be able to do to "destabilize" a CAS server in any way.  If there is, it would be a CAS server bug.  It's OK to have a development instance of CAS, if you are doing CAS development, like implementing and testing some CAS server features (user attributes, service registry, clustering, etc.)  If the development instance doesn't have a "real" SSL certificate, for simplicity I would avoid pointing any development client applications at it. As with any client-server system, it will become much easier to resolve development issues when you are confident that your CAS server is operating properly, IMHO. CAS-enabling of applications can then proceed one-at-a-time or by grouping them by technology (JSP, ASP, PHP, etc.)  It's useful to always check on the JA-SIG Wiki to see if someone has documented CAS-enabling the application(s) you intend to CASify. Adam Krish Palaniappan wrote: Hi,             I have an application that uses JBoss container managed security for authentication, and it uses a number of login modules, both OOTB provided by JBoss and custom modules. It supports SSO across multiple applications deployed in the same container. There are other applications deployed outside of JBoss that are authenticated via different means. Now, this is what I am looking into doing. Implement SSO across all the applications, whether or not they are deployed in JBoss, using CAS. I did read through the documentation provided in the CAS website but it is still not clear to me as to what the first steps are. I could either use the Java CAS client or better still, use Spring Security (if that makes it any easier) as the applications use the Spring framework.               At this point, I’ve deployed the CAS Web Application in JBoss, enabled SSL, and tested out that http://localhost:8080/cas login works for admin/admin. That’s pretty much where I am at. Thanks for any pointers!   -- krish   _______________________________________________ Yale CAS mailing list cas@tp.its.yale.edu http://tp.its.yale.edu/mailman/listinfo/cas

begin:vcard
fn:Adam Rybicki
n:Rybicki;Adam
org:Unicon, Inc.;Professional Services
adr:Suite 113;;3140 North Arizona Avenue;Chandler;AZ;85225;United States
email;internet:[EMAIL PROTECTED]
tel;work:+1-480-558-2400
tel;home:+1-310-265-8286
tel;cell:+1-310-980-2758
x-mozilla-html:FALSE
url:http://www.unicon.net/
version:2.1
end:vcard

smime.p7s
Description: S/MIME Cryptographic Signature

_______________________________________________
Yale CAS mailing list
cas@tp.its.yale.edu
http://tp.its.yale.edu/mailman/listinfo/cas