Course Outline

Introduction

  • The case for SOS (Single-Sign-On-Authentication)
  • CAS vs LDAP vs OpenID

An overview of the CAS Architecture

  • System components
  • CAS Server
  • CAS clients
  • Supported protocols
  • Software components
    • Spring MVC/Spring Webflow
    • Ticketing
    • Authentication

Building CAS as an Overlay Project

  • Building and deploying with Gradle, Maven and Docker
  • Using custom and third-party source
  • Managing dependencies

Configuring Authentication in CAS

  • Orchestrating authentication handlers with authentication manager
  • Choosing authentication handlers and schemes
  • Testing the default authentication scheme
  • Principal Resolution
  • Transforming the user id
  • Setting up "Remember Me" long-term authentication
  • Setting up proxy authentication
  • Multi-factor authentication (MFA)
  • Limiting failed login attempts with login throttling
  • Configuring an SSO session cookie

Attribute Resolution and Release

  • Principal-Id attribute: receiving authenticated userid
  • Attribute release policy: Releasing attributes to applications
  • Caching attributes: Caching resolved attributes
  • Encrypting attributes: Conditionally encrypting attributes

Troubleshooting

Summary and Next Steps

Requirements

  • An understanding of security concepts (authentication, authorization etc.)
  • Familiarity with Linux and the command line

Audience

  • System administrators
  7 Hours
 

Number of participants


Starts

Ends


Dates are subject to availability and take place between 09:30 and 16:30.
Open Training Courses require 5+ participants.

Testimonials (9)

Related Courses

CRISC - Certified in Risk and Information Systems Control

  21 Hours

Standard Java Security

  14 Hours

Java and Web Application Security

  21 Hours

Advanced Java Security

  21 Hours

Advanced Java, JEE and Web Application Security

  28 Hours

.NET, C# and ASP.NET Security Development

  14 Hours

Comprehensive C# and .NET Application Security

  21 Hours

Advanced C#, ASP.NET and Web Application Security

  21 Hours

Web Application Security

  14 Hours

Related Categories