Scott, Thanks for the reply. See below for my responses.
Scott Battaglia wrote: > > > * Each application in the SSO network will be, in effect, a > CASProvider? > This lets each application manage the username/password for the their > member, and they can operate independently of the SSO network if need > be, but CAS can also know how to query it during authentication. > > > In general, CAS works best if you have a single username/password > combination (otherwise how do you know its the same person across all > applications). > > That's the case here. The CAS server has an authentication implementation which knows how to ask each CAS provider to authenticate the user. Only one will know about the user. We use an email and password for authentication, so we can ensure that uniqueness. > > In our case, the applications are all Rails applications. I'm > currently > experimenting with rubycas-server which is probably not suitable for > production (we estimate a large, international userbase). Does anyone > have recommendations for a good opensource CAS server? > > > Yes, http://www.ja-sig.org/products/cas/ :-) As long as you're okay > with Java. > Yes, I'm okay with Java, a bit down on it these days after having moved to Ruby, but we can work with it. Regards, Nicholas > > Regards, > Nicholas Faiz > > _______________________________________________ > Yale CAS mailing list > [email protected] <mailto:[email protected]> > http://tp.its.yale.edu/mailman/listinfo/cas > > > ------------------------------------------------------------------------ > > _______________________________________________ > Yale CAS mailing list > [email protected] > http://tp.its.yale.edu/mailman/listinfo/cas > _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
