Build and Implement A Single Sign-On Solution
By Chris Dunne
• Download the CAS server and client libraries used in this article.
• Download the Tomcat web.xml for CAS used in this article, including instructions for setting up SSL.
• Download the
CASCallBackHandler code used in this article.
• Learn about "Using CAS at Yale: A Quick Introduction." This article details the components of CAS, explains when to use it, and shows the easiest way to use it to authenticate users.
• Check out "CAS 2.0: Proxiable Credentials" for the reasons for the upgrade plus the new and improved features of the system.
• Read "Using Web services for e-Commerce single sign-in" (developerWorks, January 2002) for more on how to integrate an electronic Customer Relationship Management (eCRM) application into an existing e-Commerce marketplace application to provide a single-sign-in experience for the user.
• Discover how to implement SSO on the Java platform using GSS-API and Kerberos standards to handle the security issues in the article, "Simplify enterprise Java authentication with single sign-on" (developerWorks, September 2003).
• Get the details on Lightweight Third Party Authentication (LTPA), a way for servers to delegate single sign-on authentication to a common third-party service, from "WebSphere and Domino single sign-on" (developerWorks, January 2001).
• Take the "Java security, Part 2: Authentication and authorization" tutorial (developerWorks, July 2002) for an introduction to the basic concepts of authentication and authorization and an architectural overview of JAAS.
• Visit the ITS Central Authentication Service site for an explanation of the thought that went into the design and implementation of CAS 1.0.
• Check out Tips for LDAP Users site for how to use different security authentication mechanisms and SSL (Secure Socket Layer) to access the LDAP service.
• Visit the Security Guide, Kerberos chapter for information on understanding the secure remote commands, authenticating to AIX using Kerberos, and a Q&A on troubleshooting Kerberos.
First published by IBM developerWorks
If you found this article interesting, you may want to read these as well:
» Scheduling Recurring Tasks In Java Applications
» Eye On Performance: A Load Of Stress
» A Brief History Of Garbage Collection