Hello I have been looking at shiro capabilities and I am pretty convinced that I could build a centralized authentication system with it. But the thing is I don't have much experience on CAS so don't have the proper mindset nor any good documentation showing how to do it with shiro.
I have been using shiro on couple of web applications and I thought all these applications(clients sso apps A and B) really should have a unique login system. So I thought I would build a central doing authentication only and redirect the control those clients. So mister a goes to aapp.com and aapp.com redirect to sso.com for authentication then upon success sso.com redirect to aapp.com for authorization to start with aapp.com. so if mister a goes to bapp.com he should be logged in automatically. Can anyone guide me through the process of achieving that? I use shiro with spring most of the time so I was trying to put up my security application context on pastie.org <http://pastie.org/8454373> . I know on the client side (aapp.com and bapp.com) I should be looking at CasFilter and CAS realm But I really can't get how all can be orchestrated nicely thanks for reading this -- View this message in context: http://shiro-user.582556.n2.nabble.com/Building-Single-Sign-On-server-and-client-both-using-shiro-tp7579324.html Sent from the Shiro User mailing list archive at Nabble.com.
