Hi All,
I'm working on putting in place a login based on a Central Authentication
Service (http://www.ja-sig.org/products/cas/) that the university has in
place. I have a CF template that checks the login information and returns a
ticket value that can then be checked against a server. To the farcry login
screen, I think I can send the ticket information and the username of who
logged in.
What I am thinking is that the authentication should go something like:
1. user logs in using CAS
2. CAS returns ticket and username information to FC login
3. FC login checks if username is present in user library
1. If it is, then FC checks if the ticket is valid (against existing
server)
2. If not, FC returns an error saying "username not valid for FC"
4. If both the username and the ticket are valid, FC sets the appropriate
permissions as if the user had logged in using FC
5. Upon loggout or time out, ticket is destroyed
Does this logically make sense? And more importantly, is it safe (as long as
I trust the CAS to be safe?)?
And to do this, all I have to do is write my own login screen, and put it in
/farcry/projects/(name)/customadmin/login/login.cfm, or do I also have to
extend the
application.factory.oAuthentication.login function to check the ticket and
username and return true false?
Any help would be appreciated!
Thanks,
Tomek
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"farcry-dev" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/farcry-dev?hl=en
-~----------~----~----~----~------~----~------~--~---
