Comments on: Leveraging CAS with Luminis

By: No Sheep » Shibboleth For AuthZ

No Sheep » Shibboleth For AuthZ — Tue, 27 Jun 2006 13:38:12 +0000

[...] Until this point I had only though of Shibb as a solution for inter-organizational web-based single-sign on (Federated SSO or WebISO or WebSSO). I knew I could use Shibboleth internally to serve as my WebSSO, but we already have a hugely successful implementation of CAS in our environment. Additionally I haven’t been able to point at a killer application of the federated WebSSO ability. I knew this driver would be coming, but without immediate demand I was luke warm on Shibboleth. [...]

By: Identity Future » Blog Archive » Leveraging CAS with Luminis

Identity Future » Blog Archive » Leveraging CAS with Luminis — Fri, 31 Mar 2006 14:53:41 +0000

[...] From NoSheep.net’s article: In SunGard Higher Education’s Luminis product one of the many add-on packages you can install is CAS support. CAS is an acronym for Central Authentication Service. This WebISO solution is one of the most common in higher education. CAS was created originally by Yale, but ongoing support has been taken over by JA-SIG. When the CAS package is installed in Luminis, it makes Luminis act as a CAS authentication provider. Coupled with this built-in Luminis support, we use a CAS library called phpCAS that adds to the simplicity of deploying this within our environment. [...]

By: zbtirrell

zbtirrell — Wed, 29 Mar 2006 18:54:31 +0000

This isn’t exactly what we do in our environment. In fact what you see in the function I wrote is primarily a series of calls to phpCAS functions which are all documented on their site. There is a lot of additional complexity we’ve coded in around this. As I said in the post, this is “merely a starting point for people interested in this WebISO technology.”

By: ken

ken — Wed, 29 Mar 2006 17:53:57 +0000

Are you confident that in exposing your CAS code you are not introducing any security holes for would be authenticators?