Share Email Print

Proceedings Paper • new

Web application security: CAS and beyond
Author(s): A. Maurizio Chavan
Format Member Price Non-Member Price
PDF $14.40 $18.00

Paper Abstract

The Central Authorization Service (CAS) is used by ALMA and some of its partners (ESO, NRAO) to secure Web applications and provide Single Sign-On. CAS has been in common use throughout academia for quite some time and is well suited for securing so-called "server side" tools – that is, applications taking care of the business logic as well as generating the HTML code for the User Interface (UI). Many Web applications are designed instead with a strong separation between a “single page” UI running in a browser and one or more back-end servers implementing the business logic; the back-ends may serve non-interactive clients, and may send requests to each other as well. Such a fragmented structure does not match CAS’ model very well and challenges system designers to come up with alternatives. This paper describes the CAS protocol and usage, comparing it to alternative authentication and authorization models based on OAuth 2.0 that can overcome the issues CAS raises. It also tries to plot a path forward based on industry standards like OpenID Connect.

Paper Details

Date Published: 6 July 2018
PDF: 9 pages
Proc. SPIE 10707, Software and Cyberinfrastructure for Astronomy V, 107071C (6 July 2018); doi: 10.1117/12.2312062
Show Author Affiliations
A. Maurizio Chavan, European Southern Observatory (Germany)

Published in SPIE Proceedings Vol. 10707:
Software and Cyberinfrastructure for Astronomy V
Juan C. Guzman; Jorge Ibsen, Editor(s)

© SPIE. Terms of Use
Back to Top