Course Outline
Introduction
- The case for SOS (Single-Sign-On-Authentication)
- CAS vs LDAP vs OpenID
An overview of the CAS Architecture
- System components
- CAS Server
- CAS clients
- Supported protocols
- Software components
- Spring MVC/Spring Webflow
- Ticketing
- Authentication
Building CAS as an Overlay Project
- Building and deploying with Gradle, Maven and Docker
- Using custom and third-party source
- Managing dependencies
Configuring Authentication in CAS
- Orchestrating authentication handlers with authentication manager
- Choosing authentication handlers and schemes
- Testing the default authentication scheme
- Principal Resolution
- Transforming the user id
- Setting up "Remember Me" long-term authentication
- Setting up proxy authentication
- Multi-factor authentication (MFA)
- Limiting failed login attempts with login throttling
- Configuring an SSO session cookie
Attribute Resolution and Release
- Principal-Id attribute: receiving authenticated userid
- Attribute release policy: Releasing attributes to applications
- Caching attributes: Caching resolved attributes
- Encrypting attributes: Conditionally encrypting attributes
Troubleshooting
Summary and Next Steps
Requirements
- An understanding of security concepts (authentication, authorization etc.)
- Familiarity with Linux and the command line
Audience
- System administrators
Testimonials (10)
Overview of Risk topics and preparing for exam
Leszek - EY GLOBAL SERVICES (POLAND) SP Z O O
Course - CRISC - Certified in Risk and Information Systems Control
Lap Qradar
Sutthikan Noisombat - NTT
Course - IBM Qradar SIEM: Beginner to Advanced
Accessing tools and being able to ask questions to someone friendly who I felt wouldn't judge me
Kiara
Course - Open Source Cyber Intelligence - Introduction
The simple explanation of the trainer
Mohammed salem - Palestinian Police
Course - Open Source Intelligence (OSINT) Advanced
A wide range of knowledge of the lecturer.
Marcin Szklarski - Santander Consumer Bank
Course - CCSK Plus (Certificate of Cloud Security Knowledge - Plus)
Very good knowledge and character.
Constantinos Michael
Course - Java and Web Application Security
Pushing changes on an ongoing basis, when on the 3rd day I started to get more lost than before and it was harder to spot the error quickly, I was quickly able to check out the latest changes and stay up to date with the material
Paulina
Course - Advanced Java Security
Machine Translated
Very good to understand how a hacker would potentially analyse sites for weakness and tools they might employ .
Roger - OTT Mobile
Course - .NET, C# and ASP.NET Security Development
Me gustó ver desarrollo seguro en ASP.NEt pero hicieron falta ejercicios práticos para implementar en el dia a dia de los desarrolladores
Alma Xocua - PASE, Servicios Electrónicos S.A. de C.V.
Course - Comprehensive C# and .NET Application Security
Beginning by how to hack to better understand how to secure was very interesting and appreciated.