Course Outline

Introduction

  • The case for SOS (Single-Sign-On-Authentication)
  • CAS vs LDAP vs OpenID

An overview of the CAS Architecture

  • System components
  • CAS Server
  • CAS clients
  • Supported protocols
  • Software components
    • Spring MVC/Spring Webflow
    • Ticketing
    • Authentication

Building CAS as an Overlay Project

  • Building and deploying with Gradle, Maven and Docker
  • Using custom and third-party source
  • Managing dependencies

Configuring Authentication in CAS

  • Orchestrating authentication handlers with authentication manager
  • Choosing authentication handlers and schemes
  • Testing the default authentication scheme
  • Principal Resolution
  • Transforming the user id
  • Setting up "Remember Me" long-term authentication
  • Setting up proxy authentication
  • Multi-factor authentication (MFA)
  • Limiting failed login attempts with login throttling
  • Configuring an SSO session cookie

Attribute Resolution and Release

  • Principal-Id attribute: receiving authenticated userid
  • Attribute release policy: Releasing attributes to applications
  • Caching attributes: Caching resolved attributes
  • Encrypting attributes: Conditionally encrypting attributes

Troubleshooting

Summary and Next Steps

Requirements

  • An understanding of security concepts (authentication, authorization etc.)
  • Familiarity with Linux and the command line

Audience

  • System administrators
  7 Hours
 

Testimonials (6)

Related Courses

CRISC - Certified in Risk and Information Systems Control

  21 Hours

Standard Java Security

  14 Hours

Related Categories