What you are describing sounds more like authorization than authentication. "use CAS to determine a user's eligibility to view content".
We use CAS attributes to support authorization in various web applications. Authorization is done serverside using CAS client libraries to handle a customized "CAS 2.0+attributes" response or the SAML response (which supports attributes without customization). Basically, if you can get attributes back in the validation response from CAS, you can use these for authorization in the CAS protected app. Sorry, no experience with FIMS. Our only use of flash "clientside" with CAS has been to create a flash app that uses the RESTful API to obtain a TGT and service tickets to access service urls as required. http://www.ja-sig.org/wiki/display/CASUM/RESTful+API. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Andrew Roazen Sent: Saturday, 15 November 2008 6:14 a.m. To: [email protected] Subject: Any experience getting CAS to work with Flash Interactive StreamingServer? We are in the process of developing a solution for streaming copyrighted content to students at NAU. In short, we want FIMS to use CAS to determine a user's eligibility to view the content (e.g. students, faculty and staff associated with a given course for a given semester). Has anyone already done something like this, and if so would they be willing to share how it works. Before everyone tells me that CAS is for http/https and that plugins don't go through that route, the potential scenario I had in mind is one where the page with the SWF player is itself behind CAS authentication (to generate the proxy id in the session), the page is dynamically generated and the URL to the FIMS content embeds the proxy id, the FIMS uses ActionScript to send an HTTP POST request to the CAS server, the server returns XML data and the ActionScript parses the data to determine success/failure. But if there's a smarter way of doing this I'm all ears. Thanks, and if I should have submitted this to the dev mailing list I apologize in advance. _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
