[DRE-maint] Bug#543528: RFP: rubycas-server -- single sign-on server based on JA-SIG's CAS protocol
hertzog at debian.org
Tue Aug 25 15:07:23 UTC 2009
* Package name : rubycas-server
* URL : http://code.google.com/p/rubycas-server/
* License : GPLv2
Programming Lang: Ruby
Description : single sign-on server based on JA-SIG's CAS protocol
(CCing teams that might be interested in packaging this software)
RubyCAS-Server is an implementation of the server-end of JA-SIG's CAS
protocol, providing a cross-domain single sign-on solution for web
RubyCAS-Server gives you:
* A stand-alone central login page where the user enters their
credentials (i.e. their username and password).
* A mechanism for validating the user's credentials against various
backends (a table in a SQL database, ActiveDirectory/LDAP, Google
* A back-end validator where CAS-enabled client applications connect
to check whether the current user is authenticated (if the user has
already been authenticated with the CAS server, then they are
permitted to proceed, otherwise they are redirected to the CAS
server's login page for authentication).
* Full compatibility with the open, multi-platform CAS protocol (CAS
clients are implemented for a wide range of platforms, including
PHP, various Java frameworks, .NET, Zope, etc.)
* Multi-language localization -- RubyCAS-Server automatically detects
the user's preferred language and presents the appropriate
Why you would want/need this:
* CAS allows you to share authentication across domains. That is, a
service at myservice.com and another service at anotherservice.com
can share the same sign-on session (without CAS, sharing session
information across domains is a lot harder than it sounds --
browsers are specifically designed to make this difficult).
* The user only sees the login page once -- the first time they try to
access any one of your CAS-protected services, and never again until
they log out or their single-sign on session expires.
* Client applications never see the user's actual credentials (i.e.
user credentials are less exposed to snooping).
* RubyCAS-Server can act as a single sign-on solution for a wide range
of platforms (see the JA-SIG CAS clients page for details).
More information about the Pkg-ruby-extras-maintainers