CASA Use Cases
From Bandit-project.org
Case 1 - Enhancing Enterprise Application Authentication
The IS&T department of a major corporation decides that the authentication scheme (username/password) utilized by their in-house applications is not secure enough for their requirements, furthermore it makes it difficult to migrate their infrastructure to Kerberos as mandated by upper management. Given this they start looking at their constrains and realize that changing authentication schemes is very difficult because of the difficulties of changing their client/server protocols and provide a migration path.
Luckily for the corporation, one of the IS&T programmers is keeping its eyes on the developments in open source and knows that CASA provides an Authentication Token Infrastructure that if leveraged will allow them to meet their requirements with minimum application changes. The CASA Authentication Tokens could be used to replace the passwords being passed around between the client/server applications while allowing the subjects to be authenticated utilizing the underlying authentication infrastructure. At first CASA would authenticate the subjects utilizing user names and passwords but once the Kerberos infrastructure is put in place it would switch to using it for authentication.
At a later time, the sharp IS&T programmer realizes that by leveraging the capabilities of CASA to project an authenticated identity he can reduce the need to configure its services to have access to the different identity repositories present in its corporation. Furthermore, the programmer knows that he can reduce application complexity because its applications can obtain identity information in a normalized format due to CASA's use of the Identity Abstraction. Given this knowledge, the programmer configures CASA to provide identity information that is tailored to each specific service and modifies the services to read that information about authenticated entities from CASA.
