Hi Rhett, Many thanks for these pointers and your suggestions. The code looks nice and clean. The license for this code looks very BSD-like, is that correct?
I noticed that this code is based on acegi. Is this easier/better than using the CAS client code directly? Arjohn Rhett Sutphin wrote: > I have done this for my Restlet-based API. I can point you to the > code[1], but since the application is a redistributable webapp which > supports several authentication plugins, the implementation is > probably more indirect than you need. Also, please note that my > experience is with Restlet 1.1 only so far -- I haven't tried to > update this application to 2.0. > > If I were adding support for just CAS, I would define a new challenge > scheme (call it something like cas_proxy_ticket) and define a Guard > and AuthenticationHelper pair which handle this scheme. This would > mean that a client would need to acquire a proxy ticket and then > include it in the HTTP request as the Authentication header, something > like > > Authentication: cas_proxy_ticket PT-123456789 > > Rhett -- Arjohn Kampman, Senior Software Engineer Aduna - Semantic Power www.aduna-software.com ------------------------------------------------------ http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=2416109
