CAS SSO using RT

Anthony Meo
Partner Integration Engineer
BT Conferencing, Inc.
25 Braintree Hill Park, Suite 200
Braintree, MA 02184
§ 617.801.6636
© 617.429.9356
(f ) 617.801.6604
anthony.meo@btci.com
www.btconferencing.com http://www.btconferencing.com/

I am very curious about adding CAS authentication into RT. In our
environment, we use CAS to authenticate our Customer Management
Application and would like to do the same with RT. It’s a given the
user must already exist in RT, but once that pre-req is taken care of,
the user should be able to sign on once and use either system without
having to re-login.

Does anyone have any insight where to begin with this. There is a very
popular Perl CAS 2.0 client out there http://sourcesup.cru.fr/perlcas/

I am not sure where I would try to use the CAS client code within RT.
Hopefully someone can take a look and give me a push in the right
direction.

Thanks,
-Anthony

Anthony Meo
Partner Integration Engineer
BT Conferencing, Inc.
25 Braintree Hill Park, Suite 200
Braintree, MA 02184
§ 617.801.6636
© 617.429.9356
(f ) 617.801.6604
anthony.meo@btci.com
www.btconferencing.com http://www.btconferencing.com/

I am very curious about adding CAS authentication into RT. In our
environment, we use CAS to authenticate our Customer Management
Application and would like to do the same with RT. It’s a given the
user must already exist in RT, but once that pre-req is taken care of,
the user should be able to sign on once and use either system without
having to re-login.

Does anyone have any insight where to begin with this. There is a very
popular Perl CAS 2.0 client out there http://sourcesup.cru.fr/perlcas/
http://sourcesup.cru.fr/perlcas/

I am not sure where I would try to use the CAS client code within RT.
Hopefully someone can take a look and give me a push in the right
direction.

Thanks,
-Anthony

Anthony Meo
Partner Integration Engineer
BT Conferencing, Inc.
25 Braintree Hill Park, Suite 200
Braintree, MA 02184
§ 617.801.6636
© 617.429.9356
(f ) 617.801.6604
anthony.meo@btci.com mailto:anthony.meo@btci.com
www.btconferencing.com http://www.btconferencing.com/

I am very curious about adding CAS authentication into RT. In our
environment, we use CAS to authenticate our Customer Management
Application and would like to do the same with RT. It’s a given the
user must already exist in RT, but once that pre-req is taken care of,
the user should be able to sign on once and use either system without
having to re-login.

Does anyone have any insight where to begin with this. There is a very
popular Perl CAS 2.0 client out there http://sourcesup.cru.fr/perlcas/
http://sourcesup.cru.fr/perlcas/

I am not sure where I would try to use the CAS client code within RT.
Hopefully someone can take a look and give me a push in the right
direction.

Thanks,
-Anthony

Anthony Meo
Partner Integration Engineer
BT Conferencing, Inc.
25 Braintree Hill Park, Suite 200
Braintree, MA 02184
§ 617.801.6636
© 617.429.9356
(f ) 617.801.6604
anthony.meo@btci.com mailto:anthony.meo@btci.com
www.btconferencing.com http://www.btconferencing.com/

er… Anybody besides me receive this exact e-mail about 4 times?
heh… I am not quite sure what to make of this extreme redundancy.

~reed
Reed Loden - reed@reedloden.com

Please have a little sympathy, I sent an apology for the extra posts.
Sometimes computers don’t act as we command them to.

-Anthony

Anthony Meo
Partner Integration Engineer
BT Conferencing, Inc.
25 Braintree Hill Park, Suite 200
Braintree, MA 02184
§ 617.801.6636
© 617.429.9356
(f ) 617.801.6604
anthony.meo@btci.com
www.btconferencing.com-----Original Message-----
From: rt-devel-bounces@lists.bestpractical.com
[mailto:rt-devel-bounces@lists.bestpractical.com] On Behalf Of Reed
Loden
Sent: Tuesday, March 15, 2005 11:40 PM
To: rt-devel@lists.bestpractical.com
Subject: re: [Rt-devel] CAS SSO using RT

er… Anybody besides me receive this exact e-mail about 4 times?
heh… I am not quite sure what to make of this extreme redundancy.

~reed
Reed Loden - reed@reedloden.com

Rt-devel mailing list
Rt-devel@lists.bestpractical.com
http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-devel

I didn’t see this get answered, and while it’s a bit more suitable for
rt-users, here you go…

Does anyone have any insight where to begin with this. There is a very
popular Perl CAS 2.0 client out there http://sourcesup.cru.fr/perlcas/

You said that it was okay if the user had to exist first in RT, as
long as the followup authentication steps fit in your framework,
that’s good, as it’s usually not too hard to do that with
WebExternalAuth.

When RT uses WebExternalAuth, it uses the REMOTE_USER variable set by
the server. (there are some canonicalization functions). It looks like
there are some cas apache modules, so you should be able to use go
that route.

good luck

seph