带有SAML.2的CAS服务器 [英] CAS server with SAML.2
问题描述
我开始在我的公司与CAS合作.这对我来说是全新的,因此我必须阅读大量文档以及如何了解CAS的工作原理.
I'm starting to work with CAS on my company. This is totally new for me, so I had to read lot of documents and how to's to have an idea of how CAS works.
因此,我们必须在服务器中向具有两个不同应用程序的公司提供单点登录服务.其中之一,使用SAML2.我的CAS服务器现在正在使用MySQL数据库,因此我将在数据库中让这两个应用程序的用户提供身份验证服务.
So, we have to provide a single sign on service in our server to a company with two different applications. One of those, uses SAML2. My CAS server is now working against a MySQL database, so I'll have the users of those 2 apps on my database to provide authentication service.
我不清楚有关SAML的信息.我已经阅读了有关与CAS 4.0.0集成的SAML2的所有教程,都是使用Google帐户.我不知道为什么!我在CAS目录的xml上有一些SAML2配置,但是我不知道如何证明它是否有效.
What I don't get clear is about SAML. All the tutorials I've read about SAML2 integrated with CAS 4.0.0 are using Google Accounts. I don't know why! I have some SAML2 configuration on a xml on my CAS directories, but I don't know how to prove if it's working or not.
推荐答案
如果您要使用单个数据库对两个应用程序进行身份验证,则CAS就足够了,不需要SAML.使用SAML,您可以连接到支持SAML的外部应用程序,这两个应用程序都可能具有自己的内部身份验证,但是它们将通过SAML2协议/协议相互通信
If you are going to authenticate both of the applications using your single database, CAS is enough, SAML not required. With SAML you can connect to an external application(which supports SAML), both might be having their own internal authentication, but they will commnicate each other through SAML2 protocol/agreement
CAS是理想的选择,这些Web应用程序都使用相同的身份验证(DB,LDAP或其他方式).这样,身份验证将集中到所有这些不同的应用程序上.
CAS is ideal ,if you want to setup a web single sign-on to different web applications (exclusively for a single institution), which all use the same authentication (DB, LDAP or whatever). With this the authentication will be centralized for all these different applications.
要让其他外部机构的用户使用您的Web应用程序,可以选择SAML,前提是外部应用程序也应支持SAML.
For users from another external institution to use your web application, SAML would be the choice, provided the External application also should support SAML.
这篇关于带有SAML.2的CAS服务器的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
