- На днях в фокус моего внимания попал CAS. Central Authentication Service — опенсорцный сервер на Java, реализующий достаточно простой и надежный протокол аутентификации на токенах. Фишка в том, что он централизован как LDAP сервер аутентификации и при этом прост как Basic Authentication.
-
- CAS is an Enterprise Java solution to web application authentication that also provides the benefit of Single Sign On (SSO). Technically, SSO can be achieved because the authentication can be removed from the web application and handled centrally. And, when this authentication is handled by a single service, access to many services can be granted once and "remembered" for the life of the web session or even longer though not recommended. Remember too that the SSO feature does not have to be employed and yet CAS authentication still provides a quality authentication mechanism.
- CAS is a collaborative effort that has produced a very solid central authentication service using the Java development platform. CAS also provides a broad selection of clients for use with all of the Enterprise and scripted web technologies.
- wiki.jasig.org/display/CASUM/Technical+Overview
- wiki.jasig.org/display/CASC/Home
- wiki.jasig.org/display/CASC/Zope+client
- owasp.org/index.php/Category:OWASP_Project
-
- Красота CAS усугбляется большим количеством разных серверов аутентификации и клиентов, реализующих протокол CAS. Полезняшка, однозначно.
-
- kwords: authentication, authorization, SSO, security, login, java, server
-
Комментариев нет:
Отправить комментарий