I'm a little curious about why CAS is being extensively used in MVC. A lot of it seems to be suppressedmessages too. I may have misunderstood it but I always thought you didn't need to use CAS if you fully trusted the code/server you used. ...
I really wasn't sure what the title for my question could be, so sorry if it's a bit vague. I'm working on an application that uses client application services for authentication/profile management etc. In web.config for my website, I have the following profile properties like this: <properties> <add name="FirstName" type="string" ...
Hi i wounder if anyone know of any guide for SEAM 2 and CAS client 3 or newer out there? ...
I need to implement a CAS Proxy Granting Ticket System. So I need to understand the system. There is a good doc here, but I have no idea about the proxyCallback I need. Could someone explain me that ? ...
I'm trying to use CAS for SSO between Liferay and a PHP webapp. I installed JASIG CAS webapp, created a certificate with keytools and configured Liferay through its administrative GUI (Setting>Authentication>CAS tab) as follows: When I click on "Sign in" in Liferay menu I'm forwarded to the CAS login page (with the "dirty trick" user...
I'm working with a time sensitive desktop application that uses p/invoke extensively, and I want to make sure that the code is not wasting a lot of time on CAS stackwalks. I have used the SuppressUnmanagedCodeSecurity attribute where I think it is necessary, but I might have missed a few places. Does anyone know if there is a way to mo...
I am in the process of studying for the 70-536 .NET Framework - Application Development Foundation Exam, as I have been programming .net for many years, this should not be hard! However I am having to learn about “Code Access Security” (CAS), As I have never had a need to use or configure it, I was wondering if anyone else has found a ...
I have a .NET application that users run from a file server. One of the .NET Assemblies requires Full Trust. I have signed the assembly. When setting the Code Access Security policy, which version of the .NET framework policy do I set? The application was built to use version 1.1 of the .NET Framework. Do I need to setup a policy fo...
Hi All, I am in a process of integrating several websites/content management tools to try out some of my ideas. Over the past couple of months, I have discovered tons of very helpful stuff, and it's great. I'm setting everything up just fine. To name a few it's: phpwebsite, moodle, livezilla, etc. The problem is that I am doing everyt...
Hi, my application include a self-updater executable that is used to update the application. One of the first steps the updater is performing is to check that it does have write permission to the application folder IPermission perm = new FileIOPermission(FileIOPermissionAccess.AllAccess, _localApplicationCodebase); if (...
Which CAS implementation should i use to enable CAS single sign on to my django app (trusing a specified CAS server, I'm not interested in creating a CAS provider) ? What I can find are the following: http://code.google.com/p/django-cas/ http://github.com/Nitron/django-cas-consumer I've used django-cas before, and it seems to work b...
Hello, I have a webapp that uses Spring Security and SSO with CAS. There's also another webapp (in Classic ASP) that connect to CAS. And this situation happens sometimes: Logged in to Java webapp and do stuff. 12 hours later (session has expired long ago) user goes to same page and it displays without redirecting to login page. This pag...
I need to write a google gadget that reads feeds from google groups. Trouble is I'm making an ajax call to retrieve the feeds and our google apps domain is protected by CAS (central authentication service). So, I'm getting a 400 bad request on making the call. I suspect that the browser is not sending the cookie when making ajax call. H...
I need to make POST request to CAS SSO server login page, and CAS login page has few input hidden params which are dynamically populated through java. I don't know how to read these hidden param values from response and pass in to CAS server. Without passing these hidden params I am not able to login. Does any one how to read input hidd...
Basically the title says it all What I mean is differentiation and integration stuff that a CAS would do? (like a Typical handheld CAS if not better) Is it possible? What Gem need to be installed? Anyone had any experience? ...
Hi, I have a web part and the dll is deployed to the bin of the web application.I have created a custom cas policy and deployed( wss_custom). Just for the sake of testing i have given Unrestricted access to whatever IPermission i knew (around 10). Most of the IPermissions i got is from the PermCalc.exe. Yet i get the following error gen...
I wonder if I should use the CAS protocol or OAuth + some authentication provider for single sign-on. Example Scenario: A User tries to access a protected resource, but is not authenticated. The application redirects the user to the SSO server. If beeing authenticated the user gets a token from the SSO server. The SSO redirects to the...
I have a question, less pertaining to actual implementation more towards "how it works". We have a CAS server doing the SSO authentication for multiple web protals (sister protals). How does CAS validates the cookies across portals and how does it figure out that user was logged onto sister site. Also extending same question to; can som...
I've seen a couple threads here on SO that ask about what CAS is and how to use it.My specific is specifically focused on real-world usages of CAS. For example: DotNetNuke did some efforts in the past to be able to run under Medium Trust: is that still true? what is the % of DNN that run in partial trust (i.e. not full trust)? what &...
Using an Existing Module ... Is there a authentication module for GlassFish 3 that integrates CAS into the server? Preferably this module conforms with JSR 196. How can I provide group information (user A is in Group X, Y, Z) with such a module? I would need a separate group database or webservice. ... or Writing a New Module? If no s...