Table of Contents
This section documents some more advanced setup features such as using external authentication services (currently only CAS). The main benefits of external authentication are
The AuditConsole is based on the well-known spring framework and makes use of many of the spring-security features. This allows for the use of external authentication methods such as CAS or OpenID.
In this section we will explain how to set up the AuditConsole for use with external authentication method.
It is important to note, how external authentication works within the AuditConsole. The following figure outlines the basic concept at the example of CAS (Central Authentication Service).
The outline is roughly as follows (CAS is a bit more complex, see the CAS section for details):
For OpenID authentication things work quite similar. Instead of redirecting, the login-form simple asks for username/password and authenticates using OpenID. This returns some authenticated open-id property which is used to fetch the authenticated user from the AuditConsole user database.
An important note with external authentication is, that CAS or OpenID are authentication systems, which means that it they do not provide user management themselves. This means that the authenticated user has to exist in the AuditConsole database beforehand. The AuditConsole will not accept CAS-authenticated users for which there does not exist an Account in the AuditConsole.