Methods of Authentication

Previous versions of CAS used a Form into which the user typed a userid and password. CAS 3 should support the addition of plugins that support other forms of authentication. This is a discussion of each method of authentication, a processing model, the information returned about the user, and any error conditions expected.

Real authentication methods that might be used now:

Client Certificate over SSL
NTLM

An authentication method that depends on external as yet unreleased code:

Shibboleth 1.3

Bad authentication methods that are obvious:
Cookie
Match IP address from a table

Future possible methods to be considered in the design but not coded:
IPSEC
Kerberos
XML Signature