Gazelle Single Sign On : Authentication of users
Single Sign On : One Authentication shared by the different gazelle applications
As Gazelle is made of different webapps, it is necessary to share the authentication of the users among the different component.
Single Sign On (SSO) using the CAS tool
To achieve that goal, SSO (Single Sign On) is used. When a user access a protected resource, the application validates its identity. If the user is not authenticated, it routes him to a shared application managing identities. When the user gets his credentials, he gives his ticket to the source application. That one checks against the SSO that the ticket is valid and authenticates him.
Therefore, user identities are shared among all applications. Gazelle CAS uses EU-CAT user database.
Gazelle is using Jasig CAS for SSO, feating perfectly all our needs. Applications have to be modified a bit to replace current authentication without too much effort.
However, Gazelle applications should be able to use or not the SSO. For Test Management and Product Registry, SSO can be enabled at runtime.
Gazelle's SSO is able to authenticate users using a X.509 browser certificate.