AppFuse › AppFuse - Dev

Considerations for AppFuse and CAS

3 messages Options
Embed this post
Permalink
David Whitehurst

Considerations for AppFuse and CAS

Reply Threaded More More options
Print post
Permalink
Guys:

A limited-english speaking guy from Bangalore has asked for help to CAS'ify AppFuse.  I've thought about this a lot but the User/Role thing messes me up.  If the User and Role model example was replaced with a parent and a child collection not relating to security, I would just remove the User and revise the authorization mechanisms in AppFuse.  Then the addition of a CAS client configuration in web.xml would solve things.

To look at things from a User and Role security example, CAS is only needed for authentication if SSO is required for use with another AppFuse project.  I've actually pictured AppFuse as an Identity management application and another AppFuse project with the User/Role stuff gutted and then use CAS with both apps for SSO.

I would like to create an AppFuse with the security example in isolation (User/Role something else) of the model-persistence-transaction example.  How should I do it?  It doesn't make sense to add any more to AppFuse, but if I do it in isolation, I want to use name of AppFuse to show it's relation.  I have JIRA, Confluence, servers, environment, etc. to do it in isolation but I want to be a subsidiary (like that word?) of AppFuse.  Or, I'm offering to add even more to the AppFuse project.

What does everyone think?  I don't want the public to download and use another quickstart.  I want them to use AppFuse because I still think it's more scalable and reliable than the Rails-Grails stuff.  CAS is difficult to discuss and write about because the details take some time to explain, but I still believe that it's the best isolated authentication for enterprise, I've seen.  And, if it ever needs a correction, the correction can be made and shared with all.

Give us some suggestions.


Thanks,

David
Matt Raible-3

Re: Considerations for AppFuse and CAS

Reply Threaded More More options
Print post
Permalink
Have you tried integrating CAS with AppFuse? I was able to integrate  
it with Roller (which uses a similar Spring Security setup).

http://cwiki.apache.org/confluence/display/ROLLER/Roller+4.0+with+LDAP+and+CAS

I'm willing to make changes as necessary, but nothing so drastic that  
it confuses users - since the vast majority of users won't use it.

Matt

On Jan 28, 2009, at 7:18 AM, David Whitehurst wrote:

> Guys:
>
> A limited-english speaking guy from Bangalore has asked for help to  
> CAS'ify AppFuse.  I've thought about this a lot but the User/Role  
> thing messes me up.  If the User and Role model example was replaced  
> with a parent and a child collection not relating to security, I  
> would just remove the User and revise the authorization mechanisms  
> in AppFuse.  Then the addition of a CAS client configuration in  
> web.xml would solve things.
>
> To look at things from a User and Role security example, CAS is only  
> needed for authentication if SSO is required for use with another  
> AppFuse project.  I've actually pictured AppFuse as an Identity  
> management application and another AppFuse project with the User/
> Role stuff gutted and then use CAS with both apps for SSO.
>
> I would like to create an AppFuse with the security example in  
> isolation (User/Role something else) of the model-persistence-
> transaction example.  How should I do it?  It doesn't make sense to  
> add any more to AppFuse, but if I do it in isolation, I want to use  
> name of AppFuse to show it's relation.  I have JIRA, Confluence,  
> servers, environment, etc. to do it in isolation but I want to be a  
> subsidiary (like that word?) of AppFuse.  Or, I'm offering to add  
> even more to the AppFuse project.
>
> What does everyone think?  I don't want the public to download and  
> use another quickstart.  I want them to use AppFuse because I still  
> think it's more scalable and reliable than the Rails-Grails stuff.  
> CAS is difficult to discuss and write about because the details take  
> some time to explain, but I still believe that it's the best  
> isolated authentication for enterprise, I've seen.  And, if it ever  
> needs a correction, the correction can be made and shared with all.
>
> Give us some suggestions.
>
>
> Thanks,
>
> David
>


---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

David Whitehurst

Re: Considerations for AppFuse and CAS

Reply Threaded More More options
Print post
Permalink
Matt:

I haven't, but since I've been doing CAS for all kinds of applications, I know that CAS replaces any need for the login part of AppFuse.  That's why I feel like anyone that uses CAS with AppFuse would ditch the login stuff.  And, when you check out AppFuse as an archetype all of the example stuff is related to user and role.  I understand fully how you "showcase" it all using just two objects, and that's fine.

I guess if I actually had a need to do the CAS thing I would just modify things to suit.  This guy wants free advice, how-to, and he wants it now.  He's not going to get it.  I've personally wanted to separate the security example from persistence and transaction example from day one.  Modification in that direction would be too drastic at this point.

I think I've answered my own question. I'll describe how to implement CAS to this guy and he can just do it and learn from it.


David

On Wed, Jan 28, 2009 at 12:09 PM, Matt Raible <[hidden email]> wrote:
Have you tried integrating CAS with AppFuse? I was able to integrate it with Roller (which uses a similar Spring Security setup).

http://cwiki.apache.org/confluence/display/ROLLER/Roller+4.0+with+LDAP+and+CAS

I'm willing to make changes as necessary, but nothing so drastic that it confuses users - since the vast majority of users won't use it.

Matt


On Jan 28, 2009, at 7:18 AM, David Whitehurst wrote:

Guys:

A limited-english speaking guy from Bangalore has asked for help to CAS'ify AppFuse.  I've thought about this a lot but the User/Role thing messes me up.  If the User and Role model example was replaced with a parent and a child collection not relating to security, I would just remove the User and revise the authorization mechanisms in AppFuse.  Then the addition of a CAS client configuration in web.xml would solve things.

To look at things from a User and Role security example, CAS is only needed for authentication if SSO is required for use with another AppFuse project.  I've actually pictured AppFuse as an Identity management application and another AppFuse project with the User/Role stuff gutted and then use CAS with both apps for SSO.

I would like to create an AppFuse with the security example in isolation (User/Role something else) of the model-persistence-transaction example.  How should I do it?  It doesn't make sense to add any more to AppFuse, but if I do it in isolation, I want to use name of AppFuse to show it's relation.  I have JIRA, Confluence, servers, environment, etc. to do it in isolation but I want to be a subsidiary (like that word?) of AppFuse.  Or, I'm offering to add even more to the AppFuse project.

What does everyone think?  I don't want the public to download and use another quickstart.  I want them to use AppFuse because I still think it's more scalable and reliable than the Rails-Grails stuff.  CAS is difficult to discuss and write about because the details take some time to explain, but I still believe that it's the best isolated authentication for enterprise, I've seen.  And, if it ever needs a correction, the correction can be made and shared with all.

Give us some suggestions.


Thanks,

David



---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]
Free Embeddable Forum Powered by Nabble Help