[opencms-dev] opencms and single sign-on
Inigo
imunoz at zylk.net
Fri May 4 13:09:17 CEST 2007
Alfonso de Gea García escribió:
> Hello Iñigo,
>
> You should take a look to http://www.ja-sig.org/products/cas/, it's an open
> source central authentication server with single sign on capabilities (it
> also supports ntlm for sso over windows systems... great!!).
>
> You have to deploy the server like a web application with Tomcat and use the
> cas jsp taglib in your login form (e.g.: login.jsp) inside OpenCms (note
> that the key is that you have to use form-based authentication with OpenCms
> and you could find out how to deal with this issue in the posts of the
> OpenCms mailing lists).
>
I have some doubts. Using CAS you still have to manage the user roles in
OpenCMS and so on, dont you? I mean, CAS only validates if a given user
is valid or not, according to the configurated authentication mechanism,
but you still have to check if a user can or can't see some pages or
not, is that right? Appart from that, (this is CAS specific) is there
anything special you have to do configurating CAS in order to maintain
the sessions between different applications? I have setup a CAS Server
in my machine, and appart from that I have installed OpenCMS and
Webcalendar, both of them having CAS integration. Well, when I go to
webcalendar, it redirects me to the CAS login screen, I logged
successfully. Then, I go to the login defined in OpenCMS, and it also
redirects me to the CAS login screen. As fas as I understand, CAS should
know that user is already logged and therefore, log you in
automatically. I hope I have explained myself well.
Thanks in advance.
More information about the opencms-dev
mailing list