Versions Compared

Old Version 4

changes.mady.by.user Andrew Petro

Saved on

compared with

New Version Current

changes.mady.by.user Adam Rybicki

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Corrected links that should have been relative instead of absolute.

The following guide explains how to use Unicon/Sacramento State's clear-text credentials and Unicon's bridge method to implement CAS single sign on for Datatel's WebAdvisor. This was built as a proof of concept and tested against WebAdvisor 3.1.

WebAdvisor

Any documentation on authenticated WebAdvisor against any SSO application is very sparse. We currently accomplish this with uPortal by having WebAdvisor authenticate against a SUN LDAP server connected to a SUN IDM system; uPortal also authenticates off the same server and using the Toro Gateway Portlet and Unicon's bridge method we pass the username and password to WebAdvisor authenticating the user. Before you can use this method both CAS and WebAdvisor need to be using the same username and password.

CAS clearPass

WebAdvisor must receive the password in plain text. To accomplish this we used the CAS clearPass extension created by Unicon for SacramentoState; refer to the WIKI document on this to set it up.

SSOBridge

To handle to actual login to WebAdvisor we used to Toro Gateway Portlet bridge method that is documented on Unicons site. This is how we currently provide SSO from uPortal to WebAdvisor.

CAS Client

Attached is a very simple CAS client which connects the CAS clearPass extension to the SSO bridge. It is written in PHP and was originally built on top of an internal web framework but has since been separated; proxy tickets are stored in a database which used ADOdb and has been tested with Oracle. The client authenticates against CAS and receives a proxy ticket, this ticket is then used to received the plain text password cached by CAS. Once the username and password is received from CAS a page is rendered with a form that posts the required attributes to the bridge, JavaScript is used to automatically submit the form on WebAdvisor authenticating the user.This page used to have documentation that detailed how to bridge authentication from uPortal to WebAdvisor with the use of a uPortal portlet. That documentation has been moved to a new location as there is now an alternate choice that does not require uPortal. Both approaches have merits and are linked below.

Single Sign On to WebAdvisor Using CAS, ClearPass, uPortal, and the Gateway SSO Portlet
Single Sign On to WebAdvisor Using CAS, ClearPass, and a Custom Java Filter