That comment in the documentation is not necessarily related to CAS. What's in the docs (as of 2/8/11) is the built-in capability to work with agent-based SSO solutions. You identify the HTTP header with SSO identity information and then configure how to extract the user ID from that header so that Presto can determine permissions for the user.
If the built-in mechanism doesn't work for your SSO solution, Presto also has a new API for custom SSO filters. The documentation for this API is not yet up on the doc site (I'm currently working on this and other API docs), but will be available shortly. I won't promise a specific date, but sometime this month is likely.
I'm not familiar with CAS, so I'm not sure that this API actually solves the configuration issues. We are checking to see if we have a more specific answer on this.
Sara, technical writer/jackbe
Matt, I believe the Presto Team is working on some new documentation to help users integrate Single Sign-On solutions like Central Authentication Service (CAS).
I have integrated the Central Authentication Service (CAS) Single Sign-On solution with Presto.
I did this shortly after posting the LDAP/Presto Step by Step guide here http://www.jackbe.com/enterprise-mashup/forum/using-presto-dev-edition-active-directory-ldap-authentication#comment-2023
The solution was very simple.
I used Tomcat Valve http://tomcat.apache.org/tomcat-6.0-doc/api/org/apache/catalina/Valve.html to extract the user name from CAS, injected it into the Presto Header (review presto documentation) to trigger the Presto Session. Presto updates may provide a simpler way, but if you need this type of mehtod to support Single Sign-On, then you should reivew these links about Central Authentication Service (CAS) SSO:
Here is a super quick way to get Single Sign-On working across domians: https://wiki.jasig.org/display/CASUM/Demo
Here is how to extract values from CAS to support Proxy Ticketing https://wiki.jasig.org/display/CAS/Proxy+CAS+Walkthrough
I think Central Authentication Service (CAS) is a good choice of a Single Sign-On solution(SSO) for Presto. I now have Public Key Infrastructure (PKI) and Lightweight Directory Access Protocol (LDAP) integrated with the SSO solution secured by Secure Sockets Layer (SSL) Cryptographic Protocol.
I hope this helps you on your journey to SSO/Presto,
Daniel Hudson
Daniel Hudson
@WebTechMan
I'm still not sure that this helps, but the Javadoc for the SSO Filters API is now on the Presto Library site and I have updated the configuration topic with some really abbreviated instructions on what you need to do to use this interface.
See http://www.jackbe.com/prestodocs/v3.0/administration/userRepositorySSO.html and http://www.jackbe.com/prestodocs/v3.0/presto-apis/ssofilter/
BTW, there is now at least minimal reference docs (Javadoc, JSDoc or C#doc) for all the Presto APIs as well as for the REST APIs which are new in Presto 3.X. So take a look at the Presto Library in the table of contents there is a whole new section "Presto Development and APIs".
Sara, technical writer/jackbe
I'm trying to configure Presto to use the Central Authentication Service (CAS) (www.jasig.org/cas) for a single sign-on solution. Does anyone have any tips, examples, or other helpful information on how to do this? I see there's a page in the Presto documents about single sign-on (www.jackbe.com/prestodocs/v3.0/administration/userRepositorySSO.html) but the note "you can also implement custom extraction or transformation layers to integrate Presto with your SSO solution. Please contact your JackBe representative for more information." leads me to believe configuring Presto for CAS is more complicated.