Course Outline
Introduction
- The case for SOS (Single-Sign-On-Authentication)
- CAS vs LDAP vs OpenID
An overview of the CAS Architecture
- System components
- CAS Server
- CAS clients
- Supported protocols
- Software components
- Spring MVC/Spring Webflow
- Ticketing
- Authentication
Building CAS as an Overlay Project
- Building and deploying with Gradle, Maven and Docker
- Using custom and third-party source
- Managing dependencies
Configuring Authentication in CAS
- Orchestrating authentication handlers with authentication manager
- Choosing authentication handlers and schemes
- Testing the default authentication scheme
- Principal Resolution
- Transforming the user id
- Setting up "Remember Me" long-term authentication
- Setting up proxy authentication
- Multi-factor authentication (MFA)
- Limiting failed login attempts with login throttling
- Configuring an SSO session cookie
Attribute Resolution and Release
- Principal-Id attribute: receiving authenticated userid
- Attribute release policy: Releasing attributes to applications
- Caching attributes: Caching resolved attributes
- Encrypting attributes: Conditionally encrypting attributes
Troubleshooting
Summary and Next Steps
Requirements
- An understanding of security concepts (authentication, authorization etc.)
- Familiarity with Linux and the command line
Audience
- System administrators
Testimonials (11)
Overview of Risk topics and preparing for exam
Leszek - EY GLOBAL SERVICES (POLAND) SP Z O O
Course - CRISC - Certified in Risk and Information Systems Control
Lap Qradar
Sutthikan Noisombat - NTT
Course - IBM Qradar SIEM: Beginner to Advanced
The simple explanation of the trainer
Mohammed salem - Palestinian Police
Course - Open Source Intelligence (OSINT) Advanced
Accessing tools and being able to ask questions to someone friendly who I felt wouldn't judge me
Kiara
Course - Open Source Cyber Intelligence - Introduction
A wide range of knowledge of the lecturer.
Marcin Szklarski - Santander Consumer Bank
Course - CCSK Plus (Certificate of Cloud Security Knowledge - Plus)
Lot's of information explained very well. Good examples, interesting exercises. Trainer showed us his real world experience.
Gergely Bathó - GE Medical Systems Polska Sp. Z O.O.
Course - Application Security for Developers
The Burpe suite i need more training in this
Gontse Ntshegi - Vodacom
Course - Android Security
Me gustó ver desarrollo seguro en ASP.NEt pero hicieron falta ejercicios práticos para implementar en el dia a dia de los desarrolladores
Alma Xocua - PASE, Servicios Electrónicos S.A. de C.V.
Course - Comprehensive C# and .NET Application Security
Azure web security, it was more what i was expecting, the penetration testing i would never do in my job
Toby
Course - Application Security in the Cloud
the balance between lectures and practice, the rhythm, the trainer knowledge and pedagogic skill
Armando Pinto - EID
Course - C/C++ Secure Coding
Pushing changes on an ongoing basis, when on the 3rd day I started to get more lost than before and it was harder to spot the error quickly, I was quickly able to check out the latest changes and stay up to date with the material
Paulina
Course - Advanced Java Security
Machine Translated