To join the group, log into your Slideshare account if you have one.
Else get a free account now...it takes less than a minute.

Extending CAS SSO Out of the Box

Loading...

Flash Player 9 (or above) is needed to view presentations.
We have detected that you do not have it on your computer. To install it, go here.

0 comments

Post a comment

    Post a comment
    Embed Video
    Edit your comment Cancel

    Notes on slide 1

    Favorites, Groups & Events

    Extending CAS SSO Out of the Box - Presentation Transcript

    1. live. learn. work. play. Expanding CAS SSO Out of the Box A Presentation By: Jason Shao, Director of Product Development 1940 East 6th Street • 11th Floor • Cleveland • Ohio 44114 • Tel: 216.589.9626 • Fax: 216.589.9639 • info@campuseai.org• http://www.campuseai.org
    2. live. learn. work. play. Agenda Agenda SSO Overview Typical CAS Integration Scenarios Alternate CAS Integration Scenarios Approach 1 : SSO Protocol Support Approach 2 : Custom SSO API Integration Approach 3 : Automated Credential Replay (Common Sign-On Services) Approach 3a : Stored Credential Replay (Separate Services) 1940 East 6th Street • 11th Floor • Cleveland • Ohio 44114 • Tel: 216.589.9626 • Fax: 216.589.9639 • info@campuseai.org• http://www.campuseai.org
    3. live. learn. work. play. SSO Overview We Love SSO Convenience for users accessing multiple systems Integration in workflows/user experience Reduced Costs of user-support load related to password, username, and credentials Security of services located both on and off-site 1940 East 6th Street • 11th Floor • Cleveland • Ohio 44114 • Tel: 216.589.9626 • Fax: 216.589.9639 • info@campuseai.org• http://www.campuseai.org
    4. live. learn. work. play. SSO Overview Typical CAS Integration Scenario <filter> <filter-name>CAS Filter</filter-name> <filter-class>edu.yale.its.tp.cas.client.filter.CASFilter</filter-class> <init-param> <param-name>edu.yale.its.tp.cas.client.filter.loginUrl</param-name> <param-value>https://localhost:18443/cas/login</param-value> </init-param> <init-param> <param-name>edu.yale.its.tp.cas.client.filter.validateUrl</param-name> <param-value>https://localhost:18443/cas/serviceValidate</param-value> </init-param> <init-param> <param-name>edu.yale.its.tp.cas.client.filter.serverName</param-name> <param-value>localhost:18443</param-value> </init-param> </filter> 1940 East 6th Street • 11th Floor • Cleveland • Ohio 44114 • Tel: 216.589.9626 • Fax: 216.589.9639 • info@campuseai.org• http://www.campuseai.org
    5. live. learn. work. play. SSO Overview We Hate SSO Integration typically performed application –by- application – extremely slow and labor intensive Integration of closed-source/blackbox systems can be extremely painful Integration with hosted/SaaS applications may be impossible 1940 East 6th Street • 11th Floor • Cleveland • Ohio 44114 • Tel: 216.589.9626 • Fax: 216.589.9639 • info@campuseai.org• http://www.campuseai.org
    6. live. learn. work. play. Approach 1: SSO Protocol Support Approach 1: SSO Protocol Support 1940 East 6th Street • 11th Floor • Cleveland • Ohio 44114 • Tel: 216.589.9626 • Fax: 216.589.9639 • info@campuseai.org• http://www.campuseai.org
    7. live. learn. work. play. Approach 1: SSO Protocol Support Approach 1: Advantages Standard Supportable Allows tight integration &capabilities Typically protects user credentials 1940 East 6th Street • 11th Floor • Cleveland • Ohio 44114 • Tel: 216.589.9626 • Fax: 216.589.9639 • info@campuseai.org• http://www.campuseai.org
    8. live. learn. work. play. Approach 1: SSO Protocol Support Approach 1: Dis-Advantages Requires Manufacturer/Service Support Potential incompatibilities in implementation 1940 East 6th Street • 11th Floor • Cleveland • Ohio 44114 • Tel: 216.589.9626 • Fax: 216.589.9639 • info@campuseai.org• http://www.campuseai.org
    9. live. learn. work. play. Approach 2: Custom SSO API Integration Approach 2: Custom SSO API Integration 1940 East 6th Street • 11th Floor • Cleveland • Ohio 44114 • Tel: 216.589.9626 • Fax: 216.589.9639 • info@campuseai.org• http://www.campuseai.org
    10. live. learn. work. play. Approach 2: Custom SSO API Integration Approach 2: Advantages Supported Typically protects user credentials 1940 East 6th Street • 11th Floor • Cleveland • Ohio 44114 • Tel: 216.589.9626 • Fax: 216.589.9639 • info@campuseai.org• http://www.campuseai.org
    11. live. learn. work. play. Approach 2: Custom SSO API Integration Approach 2: Dis-Advantages Requires Manufacturer/Service Support Configuration on the product side can be difficult 1940 East 6th Street • 11th Floor • Cleveland • Ohio 44114 • Tel: 216.589.9626 • Fax: 216.589.9639 • info@campuseai.org• http://www.campuseai.org
    12. live. learn. work. play. Approach 3: Automated Credential Replay (Common Sign-On Services) Approach 3: Automated Credential Replay (Common Sign-On Services) 1940 East 6th Street • 11th Floor • Cleveland • Ohio 44114 • Tel: 216.589.9626 • Fax: 216.589.9639 • info@campuseai.org• http://www.campuseai.org
    13. live. learn. work. play. Approach 3: Automated Credential Replay (Common Sign-On Services) Approach 3: Advantages Convenient for End Users No modifications to target systems required No credential storage required 1940 East 6th Street • 11th Floor • Cleveland • Ohio 44114 • Tel: 216.589.9626 • Fax: 216.589.9639 • info@campuseai.org• http://www.campuseai.org
    14. live. learn. work. play. Approach 3: Automated Credential Replay (Common Sign-On Services) Approach 3: Dis-Advantages Parameters and formats can change between different software versions May require specific network/domain settings to support some login processes Exposes User Credentials 1940 East 6th Street • 11th Floor • Cleveland • Ohio 44114 • Tel: 216.589.9626 • Fax: 216.589.9639 • info@campuseai.org• http://www.campuseai.org
    15. live. learn. work. play. Approach 3a: Stored Credential Replay (Separate Services) Approach 3a: Stored Credential Replay (Separate Services) 1940 East 6th Street • 11th Floor • Cleveland • Ohio 44114 • Tel: 216.589.9626 • Fax: 216.589.9639 • info@campuseai.org• http://www.campuseai.org
    16. live. learn. work. play. Approach 3a: Stored Credential Replay (Separate Services) Approach 3a: Advantages No modifications to target systems required May be the only way to integrate some systems 1940 East 6th Street • 11th Floor • Cleveland • Ohio 44114 • Tel: 216.589.9626 • Fax: 216.589.9639 • info@campuseai.org• http://www.campuseai.org
    17. live. learn. work. play. Approach 3a: Stored Credential Replay (Separate Services) Approach 3a: Dis-Advantages Parameters and formats can change between different software versions May require specific network/domain settings to support some login processes Requires storage and management of user credentials 1940 East 6th Street • 11th Floor • Cleveland • Ohio 44114 • Tel: 216.589.9626 • Fax: 216.589.9639 • info@campuseai.org• http://www.campuseai.org
    18. live. learn. work. play. Alternate CAS Integration Scenarios Hybrid Approaches 1940 East 6th Street • 11th Floor • Cleveland • Ohio 44114 • Tel: 216.589.9626 • Fax: 216.589.9639 • info@campuseai.org• http://www.campuseai.org
    19. live. learn. work. play. Look and Feel Consistency Acknowledgements CAS Development Team Sacramento State &Clearpass Development Team Development staff at CampusEAI Our many members 1940 East 6th Street • 11th Floor • Cleveland • Ohio 44114 • Tel: 216.589.9626 • Fax: 216.589.9639 • info@campuseai.org• http://www.campuseai.org
    20. live. learn. work. play. Expanding CAS SSO Out of the Box A Presentation By: Jason Shao, Director of Product Development 1940 East 6th Street • 11th Floor • Cleveland • Ohio 44114 • Tel: 216.589.9626 • Fax: 216.589.9639 • info@campuseai.org• http://www.campuseai.org
    SlideShare Zeitgeist 2009

    + Jason ShaoJason Shao Nominate

    custom

    483 views, 0 favs, 0 embeds more stats

    An overview of different SSO approaches, and how yo more

    More info about this document

    © All Rights Reserved

    Go to text version

    • Total Views 483
      • 483 on SlideShare
      • 0 from embeds
    • Comments 0
    • Favorites 0
    • Downloads 6
    Most viewed embeds

    more

    All embeds

    less

    Flagged as inappropriate Flag as inappropriate
    Flag as inappropriate

    Select your reason for flagging this presentation as inappropriate. If needed, use the feedback form to let us know more details.

    Cancel
    File a copyright complaint
    Having problems? Go to our helpdesk?

    Categories

    Tags

    -->
    What's New

    © 2009 SlideShare Inc. All rights reserved.