Versions Compared

Version Old Version 1 New Version 2
Changes made by

Howard Gilbert

Howard Gilbert

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • The front end is a "Presentation Layer" that handles arriving HTTP requests. In addition to presenting and processing the Login form (containing userid and password), this layer also handles non-interactive forms of login (X.509 Certificates), and the Service Ticket validation and Proxy ticket calls.
  • The Business Layer (where J2EE would have EJBs) validates the login (by verifying the userid/password against a backend system such as Kerberos or LDAP), and it creates Tickets including the Login TGT and Service Tickets.
  • Tickets are stored in a Ticket Cache. Normally this is just an in-memory collection, although it can be replicated (for clustered failover) or stored in a shared database. Since Tickets can be persisted (even though they frequently aren't) they become Entities in a logical Persistence Layer.

 Presentation Layer

Spring provides its CAS 3 uses two different Spring APIs to configure and code the Presentation Layer.

The calls to validate Service Tickets and issue Proxy Tickets are processed by "Spring MVC". This is the Spring version of a standard MVC (Model, View, Controller)  framework where a Spring Servlet receives the raw request, "binds" request parameters by setting bean properties, and then maps the end of the request URL to a specific Action Bean. Since Action Beans expose methods called with the HTTPRequest and HTTPResponse objects, they are really Servlets under a different name, but because the Action Beans are configured within the Spring ApplicationContext they get Spring dependency injection. Web frontend framework (like Struts) in which Spring provides the actual Servlet object and the application (CAS) provides POJO objects called Action Beans that expose methods that are called when specific mapped URLs arrive and are passed the Request, Response, and Session objects. In other words, they are Servlets under a different name. There are various reasons given by the different frameworks for this behavior. In Spring, the basic reason is that real Servlets operate outside the ApplicationContext and cannot get dependency injections, but MVC Action Beans are defined inside the ApplicationContext and therefore have access to dependency injection and all the other Spring services.

However, the most visible CAS function