Security Cas And Open Id
Upcoming SlideShare
Loading in...5
×
 

Security Cas And Open Id

on

  • 1,143 views

 

Statistics

Views

Total Views
1,143
Views on SlideShare
1,141
Embed Views
2

Actions

Likes
0
Downloads
10
Comments
0

1 Embed 2

http://www.slideshare.net 2

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Security Cas And Open Id Security Cas And Open Id Presentation Transcript

  • Security and Identity Ruby, CAS and OpenID Justin Gehtland justin@thinkrelevance.com Copyright 2007, Relevance, Inc. Licensed only for use in conjunction with Relevance-provided training For permission to use, send email to contact@thinkrelevance.com
  • Hello, My Name Is Justin Gehtland President of Relevance justin@thinkrelevance.com Copyright 2007, Relevance Inc.
  • Step 1 > rails myapp Copyright 2007, Relevance Inc.
  • Step 2 > script/plugin install acts_as_authenticated Copyright 2007, Relevance Inc.
  • Step 3 There is no step 3! Copyright 2007, Relevance Inc.
  • Good Enough? Redundant implementations No shared auth Comingled storage Copyright 2007, Relevance Inc.
  • Identity: There should be only one Client Rails App Auth Store Request Locked Page Redirect to Central Login Request Login Page, Perform Login Return Token Request Locked Page, Present Token Provide Token, URL Authenticate request Provide Locked Page Copyright 2007, Relevance Inc.
  • Two Types of Central Authentication Private Located within enterprise or WAN Circumscribed set of apps Public Available on public internet Apps opt in Copyright 2007, Relevance Inc.
  • OpenID (PUBLIC) Free, Open central ID Vendor-supported, but not controlled Copyright 2007, Relevance Inc.
  • ruby-openid Dependencies on: net transports Yadis (OpenID + directory service) Copyright 2007, Relevance Inc.
  • CAS (PRIVATE) Central Authentication Service FOSS Java-based Copyright 2007, Relevance Inc.
  • rubycas-client Matt Zukowski, Ola Bini and Matt Walker Simple wrapper around CAS Development is mostly just configuration Copyright 2007, Relevance Inc.
  • What about... LDAP NTLM Commercial SSOs Copyright 2007, Relevance Inc.