What you are describing sounds more like authorization than
authentication. "use CAS to determine a user's eligibility to view
content".

We use CAS attributes to support authorization in various web
applications. Authorization is done serverside using CAS client
libraries to handle a customized "CAS 2.0+attributes" response or the
SAML response (which supports attributes without customization).
Basically, if you can get attributes back in the validation response
from CAS, you can use these for authorization in the CAS protected app.

Sorry, no experience with FIMS. Our only use of flash "clientside" with
CAS has been to create a flash app that uses the RESTful API to obtain a
TGT and service tickets to access service urls as required.
http://www.ja-sig.org/wiki/display/CASUM/RESTful+API.

-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On Behalf Of Andrew Roazen
Sent: Saturday, 15 November 2008 6:14 a.m.
To: [email protected]
Subject: Any experience getting CAS to work with Flash Interactive
StreamingServer?

We are in the process of developing a solution for streaming copyrighted
content to students at NAU. In short, we want FIMS to use CAS to
determine a user's eligibility to view the content (e.g.  
students, faculty and staff associated with a given course for a given
semester). Has anyone already done something like this, and if so would
they be willing to share how it works.

Before everyone tells me that CAS is for http/https and that plugins
don't go through that route, the potential scenario I had in mind is one
where the page with the SWF player is itself behind CAS authentication
(to generate the proxy id in the session), the page is dynamically
generated and the URL to the FIMS content embeds the proxy id, the FIMS
uses ActionScript to send an HTTP POST request to the CAS server, the
server returns XML data and the ActionScript parses the data to
determine success/failure. But if there's a smarter way of doing this
I'm all ears.

Thanks, and if I should have submitted this to the dev mailing list I
apologize in advance.
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas

Reply via email to