SourceForge.net Logo

JCas - Introduction
 
Home | Documentation | Support | Download | Get Involved | Related Sites

JCas User Guide

        Introduction
        Setup
        First CAS server
        Access Control
        JDBC Database Authorization
        JAAS User Authorization
        SSL Setup
        JSP Taglib
        JCas Client
        JLL - JAAS Login Library

Reference

        Release Notes
        JCas Configuration
        FAQ
        Help Forum

JCas Developers

        API Javadocs
        CAS Specification

Introduction

For administrators and developers alike, there are some important bits of information you should familiarize yourself with before starting out. This document serves as a brief introduction to some of the concepts and terminology behind the JCas server. As well, where to go when you need help.

Terminology

In the course of reading these documents, you'll run across a number of terms; some specific to JCas, and others defined by the CAS specifications.
  • Scheme - Defines all methods and parameters that will be used when a specific user wishes to be authorized. Schemes are the main item in CAS.
  • Cookie - A piece of information (usually a string) that has specific meaning to a CAS server when authorizing a user. Cookies are sent along with responses to a client. Subsequent requests can contain such cookies to enable the server speeding up the authorization phase.
  • Agent - Software product that connect with a CAS server.
  • System Authorization - Specific method for authorization. System Authorization uses the mechanism a backend JDBC database provides to authorize users. Basically, user authorization is forwarded to the database system.
  • Custom Authorization - Specific method for authorization. Custom Authorization is performed by JCas and uses tables in a database that contain user information. Opposit of System Authorization.
  • Extended Authorization - Additional method for authorization. Administrators can define customized queries on a JDBC database that validates a user's authorization. Extended authorization does NOT replace System or Custom Authorization but extends those.
  • JAAS Authorization - Specific, standardized Java Authentication and Authorization method. JAAS was defined by the Java Community Process and is the Java implementation of the Pluggable Authentication Module (PAM).
  • Instance - Defines all parameters of a JDBC data source, such as JDBC driver, DDL related tables, access queries etc. Instances are used for System and Custom Authorization methods.
  • Request - XML message coming from a CAS client. It contains user name and password and the scheme the user should be authorized against. Requests can contain additional information such as agent name and cookies.
  • Response - XML message sent to a CAS client containing the result of the authorization attempt. It can contain error codes and messages as well as cookies and server related information.
  • Thread - A sequence of a program which runs a certain function within a program. As an application runs, it spawns off functions within the program as a thread. For example, your CAS server may need to handle a request from a client, that function could be a thread. Some operating systems can run multiple threads at one time, allowing for fast execution of an application. JCas makes use of the Java threads.

Configuring JCas

This section will acquaint you with the basic information used during the configuration of the container. All of the information in the XML configuration file is read at startup, meaning that any change to the file necessitates a restart of the server.

Where to go for help

While we've done our best to ensure that these documents are clearly written and easy to understand, we may have missed something. Provided below are various web sites and mailing lists in case you get stuck.
  • Current document - most documents will list potential hangups. Be sure to fully read the relevant documentation as it will save you much time and effort. There's nothing like scouring the web only to find out that the answer was right in front of you all along!
  • JCas FAQ - as maintained by the developers.
  • JCas Help Forum - Get help from the community itself. The forum is maintained by the developers and they keep a strong eye on it to get your questions answered quickly.
  • JCas-users mailing list, which you can subscribe to here. If you don't get a reply, then there's a good chance that your question was probably answered in the list archives or FAQ. Although questions about application development in general are sometimes asked and answered, please focus your questions on JCas-specific issues.