Gmail Calendar Documents Reader Web more »
Recently Visited Groups | Help | Sign in
Google Groups Home
ESOE Users
+ new post
Home
About this group
Join this group
ESOE vs. CAS
Options
There are currently too many topics in this group that display first. To make this topic appear first, remove this option from another topic.
There was an error processing your request. Please try again.
flag
   2 messages - Collapse all  -  Translate all to Translated (View all originals)
The group you are posting to is a Usenet group. Messages posted to this group will make your email address visible to anyone on the Internet.
Your reply message has not been sent.
Your post was successful
 
From:
To:
Cc:
Followup To:
Add Cc | Add Followup-to | Edit Subject
Subject:
Validation:
For verification purposes please type the characters you see in the picture below or the numbers you hear by clicking the accessibility icon. Listen and type the numbers you hear
 
Sam  
View profile  
 More options Sep 8 2008, 11:23 am
From: Sam <samuel.coch...@gmail.com>
Date: Sun, 7 Sep 2008 18:23:10 -0700 (PDT)
Local: Mon, Sep 8 2008 11:23 am
Subject: ESOE vs. CAS
Reply to author | Forward | Print | Individual message | Show original | Report this message | Find messages by this author
Hi all,

This is mainly directed at Bradley -

I've been looking at various single sign-on and session management
solutions. In looking at ESOE I can't help but see massive
similarities to CAS. Is there any reason why QUT chose to develop ESOE
vs. using/adapting CAS? I'm looking at the product in a university
deployment context and would be keen to understand the reasons.

Regards,

Samuel Cochran


    Reply to author    Forward  
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
Bradley Beddoes  
View profile  
 More options Sep 8 2008, 12:09 pm
From: Bradley Beddoes <bedd...@intient.com>
Date: Mon, 08 Sep 2008 12:09:26 +1000
Local: Mon, Sep 8 2008 12:09 pm
Subject: Re: [esoe-users] ESOE vs. CAS
Reply to author | Forward | Print | Individual message | Show original | Report this message | Find messages by this author

Sam,

Just fyi for yourself (and the list!) I don't work for QUT any longer so
this response is not on their behalf, just my recollection of events.

It is worth noting QUT did undertake a considerable review over 3 months
or so needs from all users inside the university and matching those
needs against solutions already present in the market (open and commercial).

Some brief reasons:
* The CAS protocol while 'open' is not a standard per say, its protocol
was also lacking in a few areas which we wanted to support (and was at
the time from memory undergoing to 1.0 to 2.0 change plain text to xml).

* SAML 2.0 covered all our needs for protocol/bindings support, security
and being an open standard. The standard itself has gone through lots of
rigorous assessment with lots of input from the wider community.

* It was considered talking to vendors we'd be more likely to see
support for SAML 2.0 SP's in software then CAS given the wide
deployments of SAML 2.0 in industry.

* There was a need for Attribute Exchange and Single Logout which are
natively specified in SAML 2.0

* QUT wanted to utilize XACML to provide really fine grained access
control for applications, there was already a SAML 2.0 profile to
support this, so we could leverage that in our implementation.

* QUT wanted to federate with other SAML supporting entities in higher
ed and industry. For example the Google Apps suite.

* A web management portal to control the entire identity deployment was
high on the list to allow application administrators to enable/disable
services and undertake crypto updates.

So it was agreed that the SAML path suited the business needs and ESOE
was moved forward.

I have heard recently that CAS now has some kind of SAML support though
I don't profess to be knowledgeable in how far they've taken this
support into their stack.

So both solutions are great at what they do and like anything both have
similarities and differences it just depends on needs of the business as
to which path is better suited for your own needs.

I hope that is of some help.

regards,
Bradley
--
Bradley Beddoes
Lead Software Architect
Intient Pty Ltd

http://www.intient.com

  beddoes.vcf
< 1K Download

    Reply to author    Forward  
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
End of messages
« Back to Discussions « Newer topic     Older topic »

Create a group - Google Groups - Google Home - Terms of Service - Privacy Policy
©2009 Google