Presentation is loading. Please wait.

Presentation is loading. Please wait.

JA-SIG CAS Enterprise Single Sign-On Scott Battaglia Application Developer Enterprise Systems & Services Rutgers, the State University of New Jersey Copyright.

Published byJerome Thomas Modified over 9 years ago

Similar presentations

Presentation on theme: "JA-SIG CAS Enterprise Single Sign-On Scott Battaglia Application Developer Enterprise Systems & Services Rutgers, the State University of New Jersey Copyright."— Presentation transcript:

1 JA-SIG CAS Enterprise Single Sign-On Scott Battaglia Application Developer Enterprise Systems & Services Rutgers, the State University of New Jersey Copyright Scott Battaglia 2006. This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial, educational purposes, provided that this copyright statement appears on the reproduced materials and notice is given that the copying is by permission of the author. To disseminate otherwise or to republish requires written permission from the author.

2 Background Member of Architecture & Engineering Team Lead Developer for JA-SIG CAS

3 Agenda Brief Overview of CAS Rutgers before CAS Transition to CAS Where We’re at Now Why We Chose CAS

4 What is CAS? CAS is  Enterprise single sign on for the web  A trusted web application  A proxy authenticator

5 History of CAS CAS 1.0  Created by Yale University  Web Single Sign On  Easy to use CAS 2.0  Also produced by Yale University  Introduced Proxy authentication

6 History of CAS JA-SIG CAS 3.0  Became JA-SIG project in 2004  Jointly led by Yale and Rutgers  Goal was to make CAS flexible to meet local needs  100% compatible with CAS 2 protocol

7 Authentication at Rutgers Rutgers is a place of choice  Authentication via Kerberos  Authentication via LDAP  Authentication via RADIUS Multiple passwords  Kerberos password  PIN  Safeword  SecureId

8 Before CAS Multiple authentication paths Different credentials for different systems Re-inventing the wheel each time Inconsistent log in Users gave password to application Difficult to ensure consistent and proper handling of credentials

9 Transition to CAS Initiative to introduce portal to Rutgers Needs to aggregate content from various providers Needed secure way to access services on behalf of user without caching passwords Recognized need for web single sign on

10 Transition to CAS Identified several key areas to address:  Capacity planning  Is single sign on confusing?  Who can use CAS?  Convincing others to use CAS  24/7 availability

11 Where We’re at Now CAS is our enterprise level sign on Proxy authentication Protects our web services Java, PL/SQL, PHP, and ASP clients Uses LDAP for primary authentication Running on a Sun Fire V120 (UltraSPARC-IIe 648MHz) with 2GB of RAM Vending 20-30 tickets a minute

12 Why We Chose CAS Wide community deployment and support Open Source Easy to use Industry supported Large amount of clients Flexible to meet local needs

13 Your school goes here.

14 Many CAS Clients Acegi (for Java web-apps, esp. Spring) AuthCAS (Perl Apache module) PerlCAS phpCAS MOD_CAS PAM_CAS ISAPI filter PL/SQL

15 Many Supported Platforms

16 Applications distributed CASified Your Application Goes Here. BlueSocket (!)

17 Summary Roll out single sign on in a manageable way Easily integrated existing web applications Improve security by consolidating credentials handling Isolate primary authentication dependency

Download ppt "JA-SIG CAS Enterprise Single Sign-On Scott Battaglia Application Developer Enterprise Systems & Services Rutgers, the State University of New Jersey Copyright."

Similar presentations

What Does the Net Generation Expect From Us? SAC August 8, 2005 SAC August 8, 2005 Copyright © 2005, Joel L. Hartman. This work is the intellectual property.

What Does the Net Generation Expect From Us? SAC August 8, 2005 SAC August 8, 2005 Copyright © 2005, Joel L. Hartman. This work is the intellectual property.
While You Were Out: How Students are Transforming Information and What it Means for Publishing Kate Wittenberg The Electronic Publishing Initiative at.

While You Were Out: How Students are Transforming Information and What it Means for Publishing Kate Wittenberg The Electronic Publishing Initiative at.
The Academic Computing Assessment Data Repository: A New (Free) Tool for Program Assessment Heather Stewart, Director, Institute for Technology Development,

The Academic Computing Assessment Data Repository: A New (Free) Tool for Program Assessment Heather Stewart, Director, Institute for Technology Development,
Copyright Tom Parker, Ron DiNapoli, Andrea Beesing, Joy Veronneau 2004. This work is the intellectual property of the authors. Permission is granted for.

Copyright Tom Parker, Ron DiNapoli, Andrea Beesing, Joy Veronneau This work is the intellectual property of the authors. Permission is granted for.
Design & Development Scott Battaglia Application Developer Enterprise Systems and Services Rutgers, the State University of New Jersey

Design & Development Scott Battaglia Application Developer Enterprise Systems and Services Rutgers, the State University of New Jersey
EDUCAUSE Security Professionals Conference 2007 Monkey-in-the-Middle Attacks on Campus Networks Andrew J. KortySean KrulewitchIndiana University April.

EDUCAUSE Security Professionals Conference 2007 Monkey-in-the-Middle Attacks on Campus Networks Andrew J. KortySean KrulewitchIndiana University April.
Introducing JA-SIG Central Authentication Service 3.0 Scott Battaglia Rutgers, the State University of New Jersey.

Introducing JA-SIG Central Authentication Service 3.0 Scott Battaglia Rutgers, the State University of New Jersey.
Using Levels of Assurance Renee Shuey nmi-edit CAMP: Charting Your Authentication Roadmap February 8, 2007.

Using Levels of Assurance Renee Shuey nmi-edit CAMP: Charting Your Authentication Roadmap February 8, 2007.
What’s New in JA-SIG CAS? JA-SIG Summer Conference Denver, CO June 24 – 27, 2007.

What’s New in JA-SIG CAS? JA-SIG Summer Conference Denver, CO June 24 – 27, 2007.
Migrating to uPortal 2 at UBC Paul Zablosky University of British Columbia Copyright Paul Zablosky 2003. This work is the intellectual property of the.

Migrating to uPortal 2 at UBC Paul Zablosky University of British Columbia Copyright Paul Zablosky This work is the intellectual property of the.
UPortal Authentication Options: Design and Application Shawn Bayern Research programmer, Yale University Author, Web Development with JavaServer Pages.

UPortal Authentication Options: Design and Application Shawn Bayern Research programmer, Yale University Author, Web Development with JavaServer Pages.
UPortal Security and CAS Susan Bramhall ITS Technology & Planning Yale University.

UPortal Security and CAS Susan Bramhall ITS Technology & Planning Yale University.
The Homegrown Single Sign On (SSO) Project at UM – St. Louis.

The Homegrown Single Sign On (SSO) Project at UM – St. Louis.
Identity Management: The Legacy and Real Solutions Project Overview.

Identity Management: The Legacy and Real Solutions Project Overview.
IT Strategic Planning From Technical Dreams to Institutional Reality

IT Strategic Planning From Technical Dreams to Institutional Reality
1 sm Using E-Business Solutions to Meet Management Challenges: Interoperability & Flexibility Bring Success to the Implementation of Specialized Components.

1 sm Using E-Business Solutions to Meet Management Challenges: Interoperability & Flexibility Bring Success to the Implementation of Specialized Components.
FAMILY EDUCATIONAL RIGHTS AND PRIVACY ACT Electronic Signatures This work is the intellectual property of the author. Permission is granted for this material.

FAMILY EDUCATIONAL RIGHTS AND PRIVACY ACT Electronic Signatures This work is the intellectual property of the author. Permission is granted for this material.
Web Portal Development with uPortal or.Net Midwest Educause: March 24-26, 2003 David B. Williams Mark Troester

Web Portal Development with uPortal or.Net Midwest Educause: March 24-26, 2003 David B. Williams Mark Troester
Mobile Computing and Security Authenticated Network Access (ANA) Jon Peters Associate Director Dave Packham Manager of Network Engineering NetCom University.

Mobile Computing and Security Authenticated Network Access (ANA) Jon Peters Associate Director Dave Packham Manager of Network Engineering NetCom University.
Moving Your Paperwork Online Western Washington University E-Sign Web Forms Copyright Western Washington University, 2004. This work is the intellectual.

Moving Your Paperwork Online Western Washington University E-Sign Web Forms Copyright Western Washington University, This work is the intellectual.

Similar presentations

Ads by Google