CAS + JDBC + MySQL

These days I’ve been playing with possible integration of CAS (Central Authentication Service) and MySQL .

The main idea is to deal with the problem of single sign on authentication, so that you can put an intermediate authentication layer between some web applications (let’s say e-learning software, wiki, bugzilla, whatever…) and the user. So, when the user tries to authenticate himself within a specific aplication, the application forward the request to the CAS server, and it manages the authentication stage. And here it comes the nice thing: CAS can be connected with a MySQL database with, let’s say a table composed of “username” and “password” (md5 encoded). This way, you can simply have all your applications authentication (if they support CAS it would be easier, else pray it is open source software so you can implement the CAS module) centralized in JA-SIG CAS (which runs over Apache Tomcat).

Note: We’re supposing here that all users have access to all your web applications (which seems to be ideal, but not real ¿uh?). Anyway, you could always develop your own AuthenticationHandler module in Java, so you can apply your own authentication method.

want some details? just wait for the April or May nº of hakin9 magazine.

The next step is having a look at Shibboleth Project, which manages similar authentication, but it takes into account that the web applications are distributed around some organizations, not only one (imagine that a user would like to authenticate himself in a University A resource and other user in a University B resource, ¿how to centralize that authentication layer? here it comes Shibboleth to rescue you from hell😉. btw, its deployment seems to be harder than CAS.

2 comentarios en “CAS + JDBC + MySQL

  1. We are doing a similar project here. Now we need to choose between Acegi from Spring and Seraph from Spring to work with CAS. We are now switching all our programs to use Spring. So our preference is in Acegi. The major issue is we have to implement the user management function. For Seraph, we can use OSUser for the job. But we do not know whether Seraph works seamlessly with Spring.

    Can you throw us some lights on this? Thank you

Responder

Introduce tus datos o haz clic en un icono para iniciar sesión:

Logo de WordPress.com

Estás comentando usando tu cuenta de WordPress.com. Cerrar sesión / Cambiar )

Imagen de Twitter

Estás comentando usando tu cuenta de Twitter. Cerrar sesión / Cambiar )

Foto de Facebook

Estás comentando usando tu cuenta de Facebook. Cerrar sesión / Cambiar )

Google+ photo

Estás comentando usando tu cuenta de Google+. Cerrar sesión / Cambiar )

Conectando a %s