Versions Compared

Old Version 2

changes.mady.by.user Former user

Saved on

compared with

New Version 3

changes.mady.by.user Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Panel
bgColor#FFFFCE
title
borderStyledashed

ENTR:Main Scenario ENTR:Extensions ENTR:Notes ENTR:References ENTR:Associated Modules ENTR:Implementations ENTR:Advice and ExperienceENTR:Contributors

Goal:

Anchor
goal
goal
Excerpt

Support CAS authentication to Sakai


Version:
Anchor
version
version
?
DG Priority:
Anchor
priority
priority
?
Status:
Anchor
support
support
partially implemented
Scope:
Anchor
scope
scope
?
Preconditions:
Anchor
pre
pre
? A deployer has successfully deployed an instance of the Central Authentication Service.
Success end:
Anchor
success
success
A deployer can easily configure Sakai The deployer configures the Sakai instance to offer "Log in via CAS" as the or one of the ways way users authenticate to Sakai.
Failed end:
Anchor
fail
fail
? The deployer is unable to configure Sakai to authenticate users via the Central Authentication Service or has to ask questions on the Sakai or CAS email lists.
Actors:
Anchor
actors
actors
? Sakai deployer, SEPP, JA-SIG CAS team.
Primary Actor:
Anchor
actor
actor
? Sakai deployer
Trigger:
Anchor
trigger
trigger
? A deployer wishes to use CAS for Single Sign On to Sakai.
Security Concerns:
Anchor
security
security
? Sakai must properly validate the CAS service tickets. Sakai must properly reject proxy tickets from untrusted proxying entities (or reject all proxy tickets).
Logging:
Anchor
logging
logging
Sakai should log the login of users and record the way in which the user authenticated (awp9 logged in at TIMESTAMP via CAS). Sakai should log ticket validation failure, ideally logging the raw validation failure response / exceptional condition encountered. Sakai should intelligently log SSL / cert problems on ticket validation when encountered.
Performance Concerns:
Anchor
performance
performance
? Sakai should not require a redirect to CAS on every request.

Anchor
main
main

Panel
bgColor#FFFFCE
titleMain Success Scenario
borderStyledashed

Deployer successfully configures Sakai instance such that: End user visits Sakai. Sakai offers a "Log in via CAS" button. User clicks button, authenticates to CAS, CAS redirects back to Sakai. Sakai validates service ticket, establishes user session, context, etc., user is authenticated to and logged into and begins using Sakai.

...

Panel
bgColor#FFFFCE
titleReferences
borderStyledashed

See CAS website / JA-SIG

Anchor
modules
modules

...

Name <email>

Institution

Notes

Andrew Petro<andrew~andrew.petro@yale.edu>edu

Yale University

initial notes