CAS
- CAS
- 1. Code Access Security. The security mechanism used in the Microsoft
CLR. CAS works by assigning trust levels (i.e.
permissions) to software code (rather than the traditional model of
assigning permissions by user).
For more information see:
- http://msdn.microsoft.com/en-gb/magazine/cc301467.aspx - Security in .NET: Enforce Code Access Rights (CAS) with the Common Language Runtime (CLR).
- 2. Central Authentication Service. An open-source service providing
single sign-on, this allows web applications to authenticate users
against a trusted central server. This trusted central server is known
as the CAS server and is responsible for authenticating users, providing
the identities of authenticated users and for certifying the identities
of authenticated uers.
A web application using CAS will redirect an unauthenticated visitor to the CAS server where the user will be authenticated (typically via a user-name and password login). Once this authentication step has been passed the user is redirected back to the original website together with a ticket, the web application then opens a secure connection to the CAS server to authenticate the ticket and retrieve the identity of the visitor.
For more information see:
- www.jasig.org/cas - CAS project home page.
- http://everything.explained.at/Central_Authentication_Service - CAS explained.