|

»

»

Require help CAS SSO

View: New views

5 Messages — Rating Filter: Alert me

	Require help CAS SSO by SMallik :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Hi Guys, I have successfully implemented integration of CAS+Acegi+Ldap wherein I have two web applications on the same tomcat server. Here once my user is authenticated and authorised to view a secured page of first web application, he can navigate to second web application without any re-login. For this I have provided a link in secured page of first web application to the secured page of second web application. Does this mean that my SSO functionality is working properly ? Now I want to take out one of my application from this tomcat server and want to place this on tomcat server running in any other machine. Can you please guide me as to how I can achieve CAS SSO functionality in this case ? Thanks Shailendra
	Re: Require help CAS SSO by scott_battaglia :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message You shouldn't have to do anything beyond move the application to the new server. CAS doesn't care where the CAS clients (i.e. the applications that use CAS) live. The only thing you should watch out for is if your CAS server uses self-signed certificates (i.e. not from one of the main certificate vendors) you'll need to add it to the new server's JVM. -Scott -Scott Battaglia PGP Public Key Id: 0x383733AA LinkedIn: http://www.linkedin.com/in/scottbattaglia On Mon, Jun 23, 2008 at 1:08 PM, SMallik <kmr_shailendra@...> wrote: Hi Guys, I have successfully implemented integration of CAS+Acegi+Ldap wherein I have two web applications on the same tomcat server. Here once my user is authenticated and authorised to view a secured page of first web application, he can navigate to second web application without any re-login. For this I have provided a link in secured page of first web application to the secured page of second web application. Does this mean that my SSO functionality is working properly ? Now I want to take out one of my application from this tomcat server and want to place this on tomcat server running in any other machine. Can you please guide me as to how I can achieve CAS SSO functionality in this case ? Thanks Shailendra -- View this message in context: http://www.nabble.com/Require-help-CAS-SSO-tp18073650p18073650.html Sent from the CAS Users mailing list archive at Nabble.com. _______________________________________________ Yale CAS mailing list cas@... http://tp.its.yale.edu/mailman/listinfo/cas _______________________________________________ Yale CAS mailing list cas@... http://tp.its.yale.edu/mailman/listinfo/cas
	Re: Require help CAS SSO by SMallik :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message What all I want to know is that how does CAS know about different applications that use CAS. Let's say I login to one Casified application , after authentication and authorization I can see the secured page of that application . Now I want to access the 2nd application on some other server in any other machine, my question is how CAS ensures that this user will not be forced to authenticate and authorize himself again . -Shailendra scott_battaglia wrote: You shouldn't have to do anything beyond move the application to the new server. CAS doesn't care where the CAS clients (i.e. the applications that use CAS) live. The only thing you should watch out for is if your CAS server uses self-signed certificates (i.e. not from one of the main certificate vendors) you'll need to add it to the new server's JVM. -Scott -Scott Battaglia PGP Public Key Id: 0x383733AA LinkedIn: http://www.linkedin.com/in/scottbattaglia On Mon, Jun 23, 2008 at 1:08 PM, SMallik <kmr_shailendra@yahoo.com> wrote: > > Hi Guys, > I have successfully implemented integration of CAS+Acegi+Ldap wherein I > have > two web applications on the same tomcat server. Here once my user is > authenticated and authorised to view a secured page of first web > application, he can navigate to second web application without any > re-login. > For this I have provided a link in secured page of first web application to > the secured page of second web application. > Does this mean that my SSO functionality is working properly ? > Now I want to take out one of my application from this tomcat server and > want to place this on tomcat server running in any other machine. > Can you please guide me as to how I can achieve CAS SSO functionality in > this case ? > > Thanks > Shailendra > -- > View this message in context: > http://www.nabble.com/Require-help-CAS-SSO-tp18073650p18073650.html > Sent from the CAS Users mailing list archive at Nabble.com. > > _______________________________________________ > Yale CAS mailing list > cas@tp.its.yale.edu > http://tp.its.yale.edu/mailman/listinfo/cas > _______________________________________________ Yale CAS mailing list cas@tp.its.yale.edu http://tp.its.yale.edu/mailman/listinfo/cas
	Re: Require help CAS SSO by Michael Ströder :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message SMallik wrote: > What all I want to know is that how does CAS know about different > applications that use CAS. Let's say I login to one Casified application , > after authentication and authorization I can see the secured page of that > application . Now I want to access the 2nd application on some other server > in any other machine, my question is how CAS ensures that this user will not > be forced to authenticate and authorize himself again . The CAS server sends a cookie to the user's web browser which that returns whenever redirected to the CAS server again: the CAS ticket granting cookie. You might want to observe that by taking a closer look at the HTTP headers. http://livehttpheaders.mozdev.org is a nice tool for Mozilla-based browser (Firefox, Seamonkey, etc.). Since it's running as a browser plugin you can also observe SSL connections from your browser to the CAS server. Ciao, Michael. _______________________________________________ Yale CAS mailing list cas@... http://tp.its.yale.edu/mailman/listinfo/cas
	Re: Require help CAS SSO by scott_battaglia :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message If you're curious how CAS works check out: http://www.ja-sig.org/products/cas/overview/cas1_architecture/index.html http://www.ja-sig.org/products/cas/overview/protocol/index.html -Scott -Scott Battaglia PGP Public Key Id: 0x383733AA LinkedIn: http://www.linkedin.com/in/scottbattaglia On Mon, Jun 23, 2008 at 5:55 PM, Michael Ströder <michael@...> wrote: SMallik wrote: > What all I want to know is that how does CAS know about different > applications that use CAS. Let's say I login to one Casified application , > after authentication and authorization I can see the secured page of that > application . Now I want to access the 2nd application on some other server > in any other machine, my question is how CAS ensures that this user will not > be forced to authenticate and authorize himself again . The CAS server sends a cookie to the user's web browser which that returns whenever redirected to the CAS server again: the CAS ticket granting cookie. You might want to observe that by taking a closer look at the HTTP headers. http://livehttpheaders.mozdev.org is a nice tool for Mozilla-based browser (Firefox, Seamonkey, etc.). Since it's running as a browser plugin you can also observe SSL connections from your browser to the CAS server. Ciao, Michael. _______________________________________________ Yale CAS mailing list cas@... http://tp.its.yale.edu/mailman/listinfo/cas _______________________________________________ Yale CAS mailing list cas@... http://tp.its.yale.edu/mailman/listinfo/cas

LightInTheBox - Buy quality products at wholesale price