Hi Massimiliano, thanks for the quick reply.
These posts are interesting, but I think they cover a different use case than I had in mind and which I should have described in more detail. The use case is that I have a number of Web applications (other than the Syncope console). Syncope should manage the users that can log in to the Web applications and CAS should offer SSO based on the user data in Syncope. I.e., the user wants to login to Web Application X which is protected by CAS filters. She is redirected to CAS which asks for the credentials if necessary. The credentials are validated by CAS against the user data in Syncope. After successful login, possibly authorizations could be set in the Web applications using the data in Syncope (this could be done using attributes sent by CAS with the ticket, or outside of CAS by calling Syncope from the Web application). Is this a valid use case anyway? Are there best practices / existing code for this? Best regards, Guido >> Il 22/01/2013 17:56, Guido Irrelevant ha scritto: >> I'm currently evaluating Syncope as a solution for centralized IdM of >> external customers. For access management / SSO we are considering JASIG CAS. >> >> Is there a best practice to connect CAS to Syncope? (e.g. a custom >> AuthenticationHandler calling the REST services to verify username/password, >> or having Syncope act as an LDAP server to CAS if possible)? > >Massimiliano Perrone <[email protected]> schrieb: > > Hi Guido, > there is not a BB to connect CAS to Apache Syncope. But, this is my > example [1] with Apache Syncope and OpenAM (instead of CAS). > The "guide" isn't complete for the moment (this week I will write next > post), but it could be a good example to start ;) > > Massimiliano > > [1] > http://blog.tirasa.net/blogs/index.php/massi/apache-syncope-and-active-directory-3 >
