How to integrate CAS into Webauction

A place to discuss and receive support for the Web Auction application.

How to integrate CAS into Webauction

Postby cinto_qq » Fri Aug 19, 2011 12:26 am

Hi,

Our company is using CAS as the authentication system. How can we integrate CAS with Webauction?


Cheers,
Cinto
cinto_qq
 
Posts: 12
Joined: Wed Aug 17, 2011 6:58 pm

Re: How to integrate CAS into Webauction

Postby cinto_qq » Tue Aug 23, 2011 3:37 am

Hi,

We have managed to add CAS to webauction.

However, how can we change the authorization from Webauction database to our own database? Do we add the check of getting the role inside function getRoles(Dataface_Record $record); under ApplicationDelegateClass.php?


Cheers,
Cinto
cinto_qq
 
Posts: 12
Joined: Wed Aug 17, 2011 6:58 pm

Re: How to integrate CAS into Webauction

Postby shannah » Tue Aug 23, 2011 10:32 am

CAS is really only meant for authentication (determining that someone is who they say they are). Authorization/Permissions should still be handled in web auction. I.e. you'll generally still manage the user accounts inside web auction. The only difference with CAS is that the webauction password won't be used because they'll be using there CAS login.

If you want to start storing permissions info or group info centrally you'll be looking at something separate from cas.... Essentially you need to create a way for web auction to communicate with your role management system. In reality I don't think it's realistic to have centralized permissions management for multiple distinct applications because many of the permissions will be specific to that application. It is possible to tap into a more general role policy that you store centrally and use this as a guideline when initializing the permissions for a particular application.... once again, outside the scope of CAS though.

-Steve
shannah
 
Posts: 4457
Joined: Wed Dec 31, 1969 5:00 pm

Re: How to integrate CAS into Webauction

Postby cinto_qq » Wed Aug 24, 2011 6:24 pm

Hi Steve,

Thanks for the explanation.

I have another question on CAS. We need users to login before they can see webauction. How can we modify webauction or CAS to achieve that?


Cheers,
Cinto
cinto_qq
 
Posts: 12
Joined: Wed Aug 17, 2011 6:58 pm

Re: How to integrate CAS into Webauction

Postby shannah » Wed Aug 31, 2011 7:58 pm

You can either use the Apache CAS module to disable access to the directory altogether. (This works using .htaccess files).
or
You can modify the getPermissions() method to disable anonymous access. E.g. in the application delegate class, change:
Code: Select all
function getPermissions(&$record){
      if ( isAdmin() ) return Dataface_PermissionsTool::ALL();
      return Dataface_PermissionsTool::READ_ONLY();
   
   }

to
Code: Select all
function getPermissions(&$record){
      if ( isAdmin() ) return Dataface_PermissionsTool::ALL();
      return Dataface_PermissionsTool::NO_ACCESS();
   
   }


-Steve
shannah
 
Posts: 4457
Joined: Wed Dec 31, 1969 5:00 pm

Re: How to integrate CAS into Webauction

Postby cinto_qq » Tue Sep 06, 2011 7:09 pm

Hi Steve,

Thanks! We are able to cas the whole webaucation.

I have modified the getPermissions method further to allow users to login. This is the code I used:

Code: Select all
function getPermissions(&$record){
      if ( isAdmin() )
                       return Dataface_PermissionsTool::ALL();      
      else if ( isUser() )
                       return Dataface_PermissionsTool::READ_ONLY();
      else
                       return Dataface_PermissionsTool::NO_ACCESS();
   
}


I have written the function isUser() to check if the login belongs to userRole.


Cheers,
Cinto
cinto_qq
 
Posts: 12
Joined: Wed Aug 17, 2011 6:58 pm


Return to Web Auction Discussion

Who is online

Users browsing this forum: Google [Bot] and 1 guest

cron
Powered by Dataface
© 2005-2007 Steve Hannah All rights reserved