Skip to end of metadata
Go to start of metadata
Table of Contents

Legacy uPortal client

uPortal client version 3

This is version 3 of the uPortal CAS client. The CAS with which it works is version 2.x. Sorry for the confusion.

General notes about CAS and uPortal

How can uPortal use the authentication proxying features of CAS?

See a summer 2003 PowerPoint presentation. Use Powerpoint and note the interactions between CAS and the portal animated in slide #6.

We use proxy authentication with the portal. For example, a channel from our LMS requires user authentication via proxy. There are several key components. The CAS security provider which you probably already understand. In addition there is a CAS proxy ticket acceptor servlet which comes with the CAS client java library. This servlet is also deployed in the portal context. At the time of authentication, the security provider validates the user with CAS. CAS sends a proxy granting ticket to the servlet (must be over ssl) and a token to the security provider along with the validation results.

Later a channel wants access to a backend protected by CAS. The channel makes a call to a method in the CAS security provider which returns a proxy ticket. It then attaches that to the connection to the back end. To validate the ticket, the back end calls CAS proxy authentication service and gets back: y/n for success or failure netid in case of success AND the ssl url of intervening proxies (the url in our case of the CAS proxy ticket acceptor servlet). The application decides whether the url of the proxy is acceptable and if so responds with the requested data. The servlet filter provided in the CAS client package contains code to support the proxy authentication so you can use that or use it as an example.

Originally answered by: Susan Bramhall on the CAS mailing list.

  • No labels