Hello, I'm just doing a quick spec. on SSO for a current project. I like the look of CAS as a solution, compared to Shibboleth it seems much simpler, and Openid won't work for us. But I find myself trying to bend CAS in one or two ways which make me uncertain if I'm approaching it with the right expectations. I realise there's often not a perfect fit, but because I'm new to the protocol I'm uncertain if I'm working against its expectations.
Is this a very unCAS thing to consider? * Each application in the SSO network will be, in effect, a CASProvider? This lets each application manage the username/password for the their member, and they can operate independently of the SSO network if need be, but CAS can also know how to query it during authentication. In our case, the applications are all Rails applications. I'm currently experimenting with rubycas-server which is probably not suitable for production (we estimate a large, international userbase). Does anyone have recommendations for a good opensource CAS server? Regards, Nicholas Faiz _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
