[Building Sakai] CAS login with local login
Charles Hedrick
hedrick at rutgers.edu
Tue Apr 6 18:22:09 PDT 2010
Actually, the existing code seems to be set up to do this. It keeps a session property indicating whether CAS has been consulted. The first time it calls CAS. If that fails, it calls the normal login screen. I didn't see how that would work because my tests with CAS were in the normal login mode where it either returns with the user logged in or doesn't return. Can you tell me how to call CAS in this mode?
Wouldn't it be easier just to check the cookies to see if there's a CAS cookie present? Or is the cookie not accessible to Sakai?
On Apr 6, 2010, at 9:08:01 PM, Steve Swinsburg wrote:
>>
>> Interesting. So what if the user doesn't have a CAS ticket, but they could log into CAS? It sounds like they'll end up logging in via xlogin rather than CAS. Or is the point just to make sure that you can receive users who are already logged in because of a portal or something like that? Can you point me at instructions on how to set this up? It sounds like that might be a good starting point for us.
>>
>
> This is what I wrote before (reproduced below). Sakai needs to be modified to check for local auth, then consult CAS via the gateway (or vice versa). If both fail, they need to choose how to authenticate (CAS or xlogin)
>
>>
>
>> 1. Modify the CAS check so it uses the gateway feature for checking CAS, but not presenting the login box if it fails.
>> 2. Modify Sakai so it also consults a local session to check for authentication.
>> 3. If neither 1 or 2 succeeded, have the intermediate window where they choose how to login.
>
>>
>> For XYZ users, login here: <button goes to CAS>
>> For all other users, login here: <button goes to xlogin>
>
>
>
> cheers,
> Steve
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://collab.sakaiproject.org/pipermail/sakai-dev/attachments/20100406/7680d500/attachment.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2421 bytes
Desc: not available
Url : http://collab.sakaiproject.org/pipermail/sakai-dev/attachments/20100406/7680d500/attachment.bin
More information about the sakai-dev
mailing list