ࡱ> n+gqo}CivEvPNG  IHDRPO|BbKGD pHYs  ~tIME  2' IDATx\/tg%UEyf+SG]pE8pv]"y7q%ā'&&CwN C:L0N$ @4]C(gUUquukNx ?Hu(g$azxxxm^GnAǡ"c:)! ˲h\ :C' <~MӐ׈5>TUE b_^wwwPlxLSu`0CQlhoVu.#E8WeYt8BU_W8msա#RJՊ˘-#^VaJV2[5M{6.DԲ,( @{^6rUxsL2#4͜=Uz4 Y.]W0'_@q(Jq.&m4MREQ(e%`}z lTu$Ix~hm eG+y$y}e}X,޳Zܭߙ@ ![ʆaHET :lI'^ӴPR'Z,+뺵t]K1,), r.bF}Q)I}|$+//EɈx v}nf,+ׯD=[(14mKd5o4O!N(DY E9 U4͌[6H&!ĉ4?TEQ 15G? bȶP?)aTQ&;P!Bv$T(2*G8ig˲@d2NU -HaX {/֚u-(!`6e^__KFYMq\;BԚCQH\gKi`Si$8y ZQ=Մ( OUKex_׺X(Jbt\$QDbN';'N ~y'ӄREJFϟUKo*[V+E-X/ UX$<̉f|*cvW9e)cg<񗘆5>y!D9TT(<K% 9(2RU&%kB븚T1c+F#Zp$PEض#{OU"cY,+Wu׹b,>Y92T.yl i!9$AE3¾4?MsXdcUm, emt86뱹wѮh٩:GJWDžK,W/,//:6/V0\rRR B v:?OHɶ+`̋O@|I8RqeY9*C ny8Sǀs5dPh?΍ޜ<r6u]* 0 ?/n5fvP*hsDJ;?aS:gaH?$' 9@W@ƾ&#~^ת\ie z~rc SKY(S@#Osp BX:Z|춃$TAa*)=qQ]g{^Ui)n,-TMN ssY dΌc8bWE=G`UBK',YeGx~Xm{[eǛI@A/4RHĤ^L>%],ia (Xelׇ (E5#IItݒ Cڌd :Lz}ɓkf*gY7h+ a)t]m0Mal͗g{ZiDQGsk[q:#&,6 qc%_KP@eyVu?6i/@>Q=芍SiS"UiцyF L&L è,+8NNs.SIh,Qpˑ$,nUUWw.( 0Aj8KblV·|..zC*,ₘ_iK๎ *2I!+Zqy tq;?>>殟L&uf| ˟s]7[mb 9t]_, 0Ln;oInxr B|߇O~g?~I5͙ ^( !k &|.E촄 ަQEل"yK+4 ov`4u]_S0?Tk8V_̙ '0"Xт_,v„}/ą~? 3 +rܱ8Dl&0>RAojv*L^|XM8TNQLhT #Q+85"``ĥH'|FW/GQDQAnaǫYKWۿK3dͤ{|/>4w!6Mso-˲h4Ne~` 53iۏmi\\$}h4jSS2eً`ꁆal 9#QJ{ɶuhn`13V&}@*jqlp-_ޤYsUӘy@<)͡ML?hSq+6p`Bliӑq}`a70 QS+3AXp?D}ugƉD]iLOA^ސgf)y@D|w:{8ey~ݡ m_7`wĆ]xmVUlF^=a6TjL`QnIYmѴ&%}@tv"{Mcq8:y ̉KE(%PUt:<,6./˯c٫&1NMCjE\E<^ٸD;vNTXVwQsqL !rj~4rb!9gNr r0IENDB`n N': GPNG  IHDRNY|NsRGBPLTE!(&$0,+74171;<854:BNB%.F;-B>;U& T:.|s'f7,f;0u2(y=9EA>KE;VD7UJ=IEANHDRLESNIUQEVSJYSFZSK^YLVTPZUQ]YT_\Z^]a]fxmRGfVUa[Ub]Yi\YuS]}WPz_sea[kcUib]pf]ui]dbbabokeaighmiclkjnbqhnsjn~rketnixoctqjyqf{slstrvxt}vp{zu{|{ius}p}ty}  ' 6<$#  )0)101,.<6BE\rQc`Vmbdzrh{ntizs~{vx}s}r@Cul{q  /7 -4#$++44<<;GDDKKUU}z}~zųÿžɷнȥɮŵǸʺξ´ƸʻUIDAThC՚yT[ǽ IXf4, G FH;ig,I&k;M%,6A` K8Re12 uaYF f8G̽{=ɝszr޷|~ソ{,+\jVi7Zr:.VT;~SPTT"=$So,**y{UkcdV_TTb5g75WFFLY= lf΍ss;TkₙZc&aZ$ 2di[nuфܸ'<02ƥߕSsuͣ+fd'Xh,^!td[9srՓX~k7εdp#wp8vdweCD.@&tpԟ\@ I-gU>'dqJ4@rAy8̪|8UKѮL":W\,y)q[MCCjKi]̳n( @:8d[NXGd8WzK0|m  nЏFYsPF@, C-?\0֤_K"ft9[_B]VSQ  R [$-V hwy}ﻏ===_~yI޽*5M&Ӎ z{KpO%pFS]ݍzk,W^2~/qgΞB={v;jw$zSp9s Wkq %= ǧqӧN#C&GsCmQ ^/)a26g9wl=P?00848<4[_l'WBjaKPtMh2z|޼/:uO]I-qv-A 3ۼyhcնCC i%y{Ǜtzuhzh ԶSE}_ynw{EAٝrd<7wVR[U޼'t2hv~Qy-.MudkImdVOZ^m^ꊋK6;ϧ!yl<[Fy"8]eIaIF+fFyþ'n%Ǹry.jP-v1/uc|995=5e}9B=V6N74?p1yM/fqɩ{/^-KAߟ8Wnx1{.>k\|W/醤w1*o_\<إ(g]}ǏJAq6vA_l j ~7p:S4}WA3B.#Q]<2yi}w}<ֻČwZmP]I½st1<0 '=ro61=]C$}ΰZX)x[|hR222߼6jbMN77c4 V*Eny\Fm$\/ 7q!ZH!?@ֿ%sǎ\t{{bB!OB 0…QY-33C(QEm ܚAC+Ǚ(x(/7Ӑ̶x[&upGY m23/aI|,  2РÅ9r y|\2] "C1JbEXK% yL7V'?xͲҊRYĤ$<> Du* fc8O]lB2+*! t E1Ӱ"4?vij1 Ih7 胂. ~>Er@;D8quKJX$,~9!^/l@0:ZNC,{@N/ IX>y9K˧Zփ8$EQIX GekSiVEXRqbu,3IX';7 .xK<@t\MòK{Ţ.&,*j 3ɽ,m"0y) Hӎ!&]hC/ 4ԭpOuښ'Qpԃl]ִr^G)"/ E] |a \"KTS'V0Buu6BCojڼqP*+iHxi~ɕQJid~Uv0JC"- imɔ4e 'qY* S-|u2\)2Y~# >rkZy8B.o/Yw%;8@o6aq2E%*+Wp6w4;9ě"fL_VYFy`Օ*aPr& k ;'ܢ)+C!>V!XHya.x_,++@[ ϜiV#jew^޸TP%\ r"a"K8XYPc ]sI6Y0^\Q޸y)Ls)t9^r8:,Ҫv5ؓ:}^)\fy,@`v㫻9`NdcpbmpZ xt2/B|ZKR3SD,<͚g2UOAЌl43w^ yBLt RA!q4˱G['TI:p|{YۤQK5 z OK:d,me{vvCWƒ8JԣzsW#'E(h\!PP+j)+h $_mI:B^6$0FH:n7`%0lso 0YaۣZh!]OUqt +^.:Idu?(6%R  J6vk{S@GJ҂/!9EAϒ&_g iQz7D74z9mbX&ݭS8q]Mdn_"z\ўU"_DTUQU/"*EDUſU"_DTU)z_Jϟ3ns]f * @U/Uye%"ſU"_DTUQU/"*EDUſ¿!?gw&{Vc)>voՎwIAcEuK|r򍍞{Eu_7li,5v?_AEyEWk`}U__KV2m_yOt{K5s69"6J1_vŌ⧅Ʉ[~53(mZ;jWȠLQKa/*OP +YttOP;״PV3qQi?Dφ;Ww||I76K%?-j54nWWg٬N jǹm?eg&Ʒݣn|d|K1+:'>t2x"i\e{W$m'^Y3+}ѪiOj]ſU"_DTUQU/"*EDUſU5 P* @U/U_¿T P* @U/U_¿T P* @U/U_¿T P* @U/U_¿Tx<Z>W43.(hh{N݄tqּ~5m^Ka7\n6{iJ ėt?EGsMk-q AN}vn[Eӽ槿~]Cj߃[P>s}KGGۑqɶv#rl`) "{ʿ+Ju{̰۫4W>ar%$Wnz/!ΗK|3pu|?Â_9-mvcr7NNta؇(ԛ^d^O. @U/U_¿T P* @U/U_¿T P* @U/U_¿T P* @U/U_r{x8Ϳq}U"_DTUQU/"*EDUſU"_DTUAJFIENDB`n躜qP㐽PNG  IHDR&} pHYsodIDATxA8h>ϑ,fɷ(?, A RED E?!ͫBY1ؓB" $H'!D= !$I!`OB{BH$ؓB"fSnw=a^=u'@ {D.SBY%ؓB" $H'!D= !$I!`OB{BH$ؓB"JzVdոYu77g1XI2C z=Y3,0ik}g.*if0 $_8 g1. .ҭ"gK 77Vɖub{ծ4ز]4հ+l+^D`h}N&unJ~8а>52@9z2T +VivЮG9bκֱ+'G??a,S/͔){ ղnĞHSE+q}\})>_W1})ο2iEN!axڗE4`IHyjXp5͙+-ehWcXWv07Ce4`O2)Ʊ(rX +:(K/>{j/u`wY6wnvuvml/*m}*Y*rX}h+eűU@i԰$}3ku+t{5noh+PtiyrѼc]8PKݽ}/7ȧ{5nowH{ٖ7{.ZKgaB/7ȧ{jwe˥lYH߬2JO;i>k"2)} ڋmZ `OB{BH$ؓB" $H'!D= !$I!`OB{BH$ؓB"=n ="`O ="`O ="`O ="Ǟ/¾>Ӭu8sֹ[󢓺=`.WqĚ]]A f~lGG.;5P- {nv}b@ۧޛ}ҤCt~ά4\ AxRlȜ<˞c[esۯHth[ʼPM#uc1R3Yo.u}o(ζ}P}zkf?݀Լe {8 $hO=նݖk+j4T{=\~}rG`Ĕ34AHRk}>JV^6ݞڌxiQ;wxm|;3K@+^mOǽX~}r [:ieh ~17e^{GQ WnhO׸R3oGtgVl۴ ,)Vgxۧ,CtX@?)+?60{lGI5n)Fj6|dNcOhYTLK=  pgu`O pg{>O|fC)~Mu9Wx f+Vk޺$奀=lg^Z͞_Ȼ-T(ߺ>,lۇWB#,찼nmRפmo)LE^RTawzaJ~5j[Szoؕ43C>bU]F1dfʫAuxݶA{uw^f>l%cpCXN00euћ㇋ڕO][{f{bOw)enY^W=z2|pqZ6w/}fbOc >)[[~cH])^Jl/wog) w2u ,Ŝ<\̭gx7q,XΞ!.g;1|=jÞ';TȞeĞY1JZJo'kRlcƯ#P*8}iI%)˫=A7{.zijmݶafV4SսEe)xWB25naJ7NGRr}_4}HOzt^of[͞k!Wb { 4_{D'@ {N5`!g1`Qg1`Qneߴ& ׽rukjX>tw"n4L׍[gdžfO2P(FL`O }2Z8= p)wE@F{s}`hHn۠{kۡJ{Ж `O ­ 5'@ {D'@ {D'@ {D'@ {D'@ {3\MBH{S Y1 ̧|bO.$dT\73]HȊ>ng>廐S}p`|w!!+BBVLu=)߅{S 7,r@ 7'tP~(gس?gQ{.{nhz^bwwrՐ;\U`O9@ru=|2s 'v:tz^\A0=sƞ.?wNڏnpgRpUnM'\ Ğ|0H^k8 {0Sn["s/;_nh`O9eϡ[:\ 7=[c!ugsLn9{vzy({H簓,{*Ğ쑇==]^mO'sў{EJtu]q);k8}B5`O9n[XҮk9ۯ${,!g&~س?gQ{.{nS=\ {nXZٟ3(W~?d(䁩~6/{SBVLu=)߅{S Y1 ̧|bO.$dT\73]HȊ>ng>廐S}p`|wEPHu3ĞU_0=]FJ7}gs\% \ٟ3Qgؕ];{m`e',I9cύ(+gڳ)Ftgsc2=%-*E*-b,UuAo?wْ`O9r_ UëhAۡ=(o20{bF{J_n>ugyP'I-{=__l-Ğ}bONZv6R2f{b҉ҹyc'`?&s }*lot=W{bYt SYN{.Ğߟє[JrН떱*]s '`[:AQz"C(9 {= Ws -6a`FJN{E`FJN{E`FJس?gQ~QHu=)WSm^"̧\%{S Y1 ̧|bO.$dT\73]HȊ>ng>廐S}p`|w!!+BBVLu=)߅{S Y1 DzQ]rT\73F7OX6_TÞiM{c(ؓCu@X6ʥ\_Tx;Ru@X6{*?wtd}?’2u@X6Ϟ\~ң+hidu@X6J=۟PpEymٖjGXVήvۉJjkP^4nr&:i`|,%g[b9>|=&uZ+{bjY2|뀦=l~"_Jaxn9Z=v8ԣ4NʲW]rH*oA r2:i`|,%볧)G]Mic=5q5NJ X^e}egLA*5J8:i`|,m RWҷyسopKwV J=z?BIt4>;i Ju'+U~=C˶S}p`|7I*T^̧|bO.$dT\73]HȊ>ng>廐S}p`|w!!+BBVLu=)߅{S Y1 ̧|#Xu=)?d^8~ž9cύsKfȏ=s/`ΜF%3{b?;AuT;y(?d`Og'(jg2=QLܒM8q8gQ~n `*bO#3sKfמ]WIS3(?dsזu]ŞNPmd-!~GUtQaQLܒ{.m\tcOm'(jg2̐y{{S~n Igga{*b3sKfמFa{bg>̐=Oσu==t?=`|-!1{8S3(?d`Og'(jg2=QLܒ=矝:<[2C'{[G3sKfȏ=߰{ƞO%3zٙ3(?d@@Z{S~n Y1 ̧|bO.$dT\73]HȊ>ng>廐S}p`|w!!+BBVLu=)߅{S Y1 ̧|bO.$dT\73]HȊ>ng>廐S}p`|w!!+'@ {D'@ {D (2?{<S$"{BH$ؓB" $H'!D= !$I!`OB^7O^IENDB`nJ\fwPcE$a[HPNG  IHDR1ƠPLTE3f333f3333f3ffffff3f̙3f3f333f333333333f33333333f33f3ff3f3f3f3333f33̙33333f3333333f3333f3ffffff3f33ff3f3f3f3fff3ffffffffffff3ffff̙fff3fffffff3ffffff3f333f3333f3ffffff3f̙̙3̙f̙̙̙̙3f3f̙333f3̙333f3fff̙fff3f̙̙3f̙3f̙3f333f3333f3ffffff3f̙3f3f9ųmtRNS-KbKGDH cmPPJCmp0712HsVIDATXGXKb ́M}Va+4tE>x^t=Ko{[_`˯kT9@Hل'Q?%fSbRpaCim߃}ҋm'+t,4QFJD](&o#,^U?}`)0!͵U+~|uaQ8@^PBPN8# KlD8\-%\o kK%0Åq%vaᜳdTcmRL`ȱ2;y ^78 %o .'ԔCX|-@%ҙgf=9E ޶o``@s]X냰;XjŠ\8<w/wpny=p u=W/C}t-¢`8n=d"|w`)AtHoܿsg*Io="E:\N%/#l j[L0["E1h}/m4 tۯBûԞS.<-7m6wrjOSCP:ĭv?@[Tˑ_ ݒw"ĖUo";(Ǒqlf-?t ,bD`O gQvMp5ԭIENDB`nNAP"EPNG  IHDR<`PLTE9JEY .<'3wa~ [u Qi mȾvvvkkkaaaWWWLLLBBB777.tRNSE cmPPJCmp0712HsIDAThC՚횪: Ѣ" ͽڦ~s8%8^B׭,At8'z"䚳t ^n.?= w|aq oo>";[ی螷ߑ'6ך>cAT\㍲~ 䞟y!|qOBtydI*YFA>qE1Ò߂\Ϭ,QЌ/ Y˕D-7gp?ϨH|!#,ʟȿQ`7(lQ2r/kX /JM=y,B(/)P{>I6EAwJ57S?"MƂWJ"t)iTxkQ\Uue|Q۔Z(gXfdZ0N2pXiBfŵL%eygrݛr܂-O<1vb%2$[s*u܂1PMPFR&7|H16RAVbo\~ 8l ,zrS@J 3Ǽ%{<a9BIg {x9eE'NiQ3P.bKnȃ7ӆgu@@5Yq ҂>rʂ'>g6eP̡bD&]B'2b~i<*9B}yD2L\]zێ-J%n\E~h=_T@vFߑrM,ȝ.ʼnE2^NnbDĻI}܆e\#-EccbBQ#/ℶ0 !*"}ZdQE^nBU䃈2bODGFAqYd@%w '2< Lj^NIrT|bS-4F-Jϙ\+%C:+ AI|y@?sq)R$r!/)Պ L7j 嶫vsIdl_Ȁ"jM 7<# ـM(ihKEB^0nv$*2z#W3zzx;z1U7⿃iZdWPtoulrw8>" 2oC3Vbe7S-_#H>z6|U#c2NbԳJlaJb6GC`YY+N&x1jz|YU:"f=d0}eravxUztg;i;7θ ?POPi *\O=uX3Ղ#3qA8n,> >¯ w|nK55o69bcaGچZ96<.!֭vOh\zi̿Ixz<jT&mqf6Cgs å7*wCU'vw%gyy4}$MGyO2 ʬ ]̸mo*.jV!^4CdrqC"oK#T/ՍqDG't s9á*x5g= MԝOh>Ɩ1C%(BU~0R?P~7Cݰj@#xPLJ|ëjB5ӼJ9-A/ 6x^BadY#E^SS(a&Y(g:r{#_谹uO;U܆eF#)@p*bOd& %$JXbl*h9hG7#p쑗@|`jox۔n)P/~6rRPB(qV]\ 3V+)MѷOSDe=ƹT,;@ (I N@O%m۳UiL-P`%wes>bac"OLlY3^rwZ'P+Ϊ?۠9 M:Tj;"Cu v,@9܂;cE 4C bX$MuCQ3 3I Pf)UQiƺq$.<@J?P3Ԫؿ~-_߿lG#=v9~y:^$K$]y<#P[̠\jcmPReRP _!\~ ®yALǬSګ#J"O ryGԿKeuTfT~P n0r@ͮn7_sЄ|U >P:8N_x |8'YPQx~B"liξCC-{ 4q0o(S@5.x%; +%ud.~I ;he;=\c316-4a/KI6Io0i[Nx ,C+aɭy[! t$Py>Pι?W74 pOQI/,mC]GzƚT[ +uªOH̭`AnÕj&x^_C5~pp"E2Lq L!}%P-JEy\7HrLTk$x.5-> ft(_I1 f7075@Ґ,({Nfrõ3qIA2WMY2iD% Pȧ3Ya>;H2G+]MhZ2.Dy3bJm36XM .Z*.IOa?q+}k=uqإ&N9 L0n8;>PGl 1}Ԝ⺋j(ӯ;ffJT|`kx@A6 v.|K%^0S=w6@Ű3ǽxoO$pk5YO(宆P$3X v J>ȋ-2W铀04ݪCڴkcaK2:9py;=6[uW:C `&da%3Ad.`68C) @= Ƽv# M+"qdlv=Pc(ӻ\LzN'L"3;:u{8OL) /?~`̀p1#hEK/D2V%\o_y1 'u䙠=[{EW]eyr"WÃ[`{2V+A'WwZޯKӹ<7잟_ C43Z|bwo&@j<݋@s |cPRa7EHCJ/;-+kms#@EKf0Bu)n' 2~2|KK':Hi `_%N\|2GyLq*+eˁRXAV6Ayogy vv*=GՑbU(#{LKp %@GMFk*7p]ѡšnLihsMk~]ޕn-`Er;(X^f5|b g73479fL~(F3Zvp׸!(2(70GA;~|*D䦠s<͘:nN0] v yܞG[Hc2jW"Y8 TL`:h1FsO"`eQ( UN׽}t4m@N 9sv~K5˓% Quޚ (Tt XL܇cU:c[v3_vlBY: W 6je¨.]vy0,b/3!ac>^N|Hz, >1۾ :tSx$X U]J!MA:MDi0C$CO0PNf %]l"'Yx}O(-%4 '8Rdg(0L@G8S:ֹ˃B:ņʼG6pVcyP/\gzZ1jr(T!6,7a@iL5~:@rH#/v8RN suvcFyTurᔔ<c/h1Uގw6zBqA JVqvb(E3]P:} P&KU& B, (: gsd#w?G†삛` Ι]u#(c(V#Uytw7y|˘7+9Z= Ut P㭾BsB䕹c~|sVh#"&)!:1k8j< Uʃ-A8tS*J3o:HFVnݐ䓖;g0\ԟS %#'j.@em҈ ]h:*g-PKHـ8Oҹ"az-\)؍AC :SiI`+ITR (娊 S8˓uPW i<@;]TӪ| Ց=UP5dO92ԉga(h,pG m.#C#*\ *x%`pKH3B>7Cɘ@w.ύ#x@W ]PV=TP BT7m>gxhx5ccpeA l:jSfiJR.뢹ٕY*s^t60:v=@~:LtZzg r9zETTyঠ\CRlMUBN:Tܫ(+S{X~s0LC@]Ǖ,DŽm\m[\jW6^e,0T>Rm=ot+mfA..IKy]:Y 9C0ְ9PLɣJp@ fy6kQ~`ɤ]V.Wp:|5DwV|0Y^W?!4 |-H=?MB$Ph v.! G naӥJ6.|-1^;U7_}KE8=On̙3AҚ [CߌIg 3RcH {FX. 2\'F%v l,"=5zwPdRgZ=…W =L jc$q[\Cj NjGv$MӸ2=1@ݸZ1цG()Ȼd ]CkcS*:6gNo_Wч}uid! VBxMp<6CM@-B54ÉQq. 6ҔY޸ﱖw>>#~o ;ow C 0tKPWWc."\۰6WڟP-ް6Dc5LQ8xZD^oݦCMxPOױ/ߘ7dkEqcP nd @-m\7jV,-l.]x.IENDB`nm{uJs/YPNG  IHDRg?B&QsRGBPLTE忿ƮЈaattt@@3f Aa024b pHYsj5IDATXG (sEQFٙ !2k(`c0 pά'rF[XD;DJj7Ϙ(ls 3MGmJCS[|fa^hu2ovB.SZl;<'X !ڒpE vk* O ZfRJ- GCJcf82?N*Ni'=5g a'N0 *http://www.sympa.org/|hhttp://mis105.mis.udel.edu/ja-sig/uportal/index.html>*http://www.horde.org/00B$Photo Editor Photo MSPhotoEd.30@Photo Microsoft Photo Editor 3.0H4http://ent.univ-nancy2.fr/J'6http://www.yale.edu/tp/cas/^(Jhttp://tp.its.yale.edu/pipermail/cas/.rhttp://www.esup-portail.org/consortium/espace/SSO_1B/cas/~/jhttp://www.esup-portail.org/consortium/espace/SSO_1B/p9\http://list.unm.edu/archives/jasig-portal.html/ 0DTimes New Roman3v 0( 0DArialNew Roman3v 0( 0" DCourier Newman3v 0( 01 b .  @n?" dd@  @@``_zTL7carbrake.wav.WAV 101026RIFF6WAVEfmt ++data6~~~~~~~~~~~~}}}}}}}{{}}}}}~~~~~~~}{{{{{{{{{}}}{{{}~}}{}}~}}}}}~~~~}}}{yxvvuusqqppnnlnnppqsssuvvuvvxxxy{{{{}~~~~}}{{{{{~~~~~}{xxyuvxy~~}}y~~~}}{~~}y}xxuxuvvvvx{yy}yyy}~~~~~yy}xvvy}sps{{qiksuqgiqsqnlqusnpsx{{{{{yy{yxqquupnglpqpnpqsusu}}xxyy{{{~}}xxyxvqpqvunnqussssssqquusvx{~~{{}{usqkipniggkpvspsvuy{xxyy{yxy}~yx{{y}}~~{uvvvxunkqunlnpquxvy}}}vvvspnklkiilpquuvxyy{yuuqppnnquvxxuvvx}~{~}}}}{xxvpknpppuuqsslinqsusssxxyx{{vqppkilngablvupq{~{y}}vyuuqlkknpnkilllklpqplnsyy{}~}~~}xuuqqnqplfffffliklsxxxxx~~~~~~{uquupigkppu{}~~~}~}}{y{~vuvqqssv~}{~}xsspifdddfkpsv{~}xuuusuuuusvxvvxy}~~yuqifdddbaabfa^_abadfflkklsxvx~~~}}{yyvuvvvyyvvx{xyslgbgb_d_bilqy~~}{sv~}{x~~}vqqux{yxx~~}~~y}qx}sxx}yussx{{vxvupgdfkd__^ZZaa_aaZZ\W_bgbbgillns{{}y~ygabi\TTOPGGJKH=CC;CMJ>@HO^^_nqv~{{vvysnklqnfgpvniv{ulnspspgfnvqgilxyupquyysllpnklqvspsyyv{}~~xx~xxuq}qgkpxskkpqlillniggglibb_bfipppuy~~}~{xsv{xvy{}}~{~}yxvvpkilpnigdgkgd__gkkkfdfinnllkpnsvusy~~y}~{}upkklklklnqslllnnkkkidadiib\_dfiiiinvuxxyxx~{xxupipnfifdggfaffgipliiiffafddglgknpv~~unkpvysx~}~~~}{y}{nglsupnsv{{{{{{{~~yx{yxqquvyxuqqy}upqnvvx~}yyvvspxypqs{yi\^^YWPJKKMTY\^Z^ipssxqpuuusuppu{up~x~uǦqx}s^HCUP=..33+"!01+)18>JOT_nsu¾}vlf_UTWRJGJMTWRORY\UUYW^a^^bilkfadluqnusv{{xpifksld_fg\RRYbdWT^inliabgkgffdkibiqvqsx}~qnxsd\lvnYTagaYPUa^WMMRMKKPTRUW\_Yaknnls~xvy}}pilppkbdbZUZ^ZWUYZ^_a\^bdknlllqyyy}vvvqifadZY\UZURUTRYU\\UTW_d_\abipsx}}{v}}xpsxqukbgl_bgnigqqnnkflvg_d_dkdZUgyndaluliianxunpx˹ǵǾqqd_UOKC90=;03>CCJRUZYUP__UTgidpx{vx}{~}xnuuҸxdRRJ9,&!  '>;=Tlvxý½yppsxgUWWYMB=BRYTC66EJKKMMRWaa\\bgldZdqx{vv{nZ^lkWKHKJCB813==9CHC>BUYPRfnkq»{vxy{l\dnliffbgfWMMR\\Y\\^TR\dbZdqplv}{nyssy}~~}{~vquyvvuqusligZPRYUKHPWYY\abkilsux~xpuupnxqqnnnpnqkdaYWWPKKORYWZ\^^iknyua\nxupv~vy~}xgiqpkddffkiinnk_fnnq^ZnyibqsvyŶxnlvpfTKO^_WY\W\^^\\\ZW\^RP^b\WYadbbd_bigdk}~^vȶxffu_E835, '+!$9MRWdxyx~Խ~sx{xnggdWPPPH@GJHKRMGMWfaKRi~xbd{~ln¹¹}~{lbpqdRKOMC86335056BJGEG^pxux~~Ŷ}~~yps}yv~~}xu{upgbdb_\Z^ZY^bdpuu~xss~}xxv}~}vupkgaWTY_YMMZddY\gsxsu~}{~xy}xqqpvxsslpslinlafffnifpx}}~qdikbZUZYa_\inffsvssllpi_\iaMKYkpgTY~basöŽ»pn{udWOR_bJ;COYYPMMKC@MKEG;BPROU\_by}pxʾn\YOB60,$ !.8EPZdyʾy~{xuqlZOOCCORMG9=JKGJKMask^^daap}ó}x{yqy}qdWKEYRJY_TJPWRPWYafdb^anlgu~}yv{x{pln_R_iliaggafffgfblqllns{vpivui_^bg_Ublfb_ipkki_bfpnggip~}xnillf\YUJJKMPU_ag_^gu~~lfu{lTRlxiUECOYE>GGHKEMMZbZds}{Ǿugpyssifvsdddf__^^ZREMYTJGC_kPMi{kks{\yҾ}ugUEEH>'$')"'55,1=HHHKM\kx~}y~skia\adUM\YYgZEM_iaKJk~y{}gZZaaZR\b_ZZaafpkZbkgddY\nvvu~vnxy~~~ndgkknkpnklxskfkvpgfggUYssgiks}x~vy{~vy~~}npuyqlnsy}sknp}{qx}~vy~xpuxvqkqpgbbgngggkpqx{~{yupqqkad\TROUUMPRT_fZOYdspiny~lWWsbMGYqkWPTUWYZTHR\\HEWfnYRuxg{°qupaWMG8+6$"+'0356BH@CMUMUpq{xy}vxu~~silZEGOYUTYOdx{}x~y~vvxq\TfdZZ\nuigkpnnqvyyuux{v{uv}}upx~sdp{xvvnyyvqik}vbsxipubv~ysy~{{uvuq}uxuux{y}x{up{~vpqspkkllnssgW^bgqpqvu{~~yniys^JGbqaP56^iH@Y^xx~~xiuuiakqxsdgnuviTYbquiWUfZYqu^Yfafyv\iäŮͳusbldTEGE55@RUWYWTfu}qadikpdYdq_dynfnuqpk\gns~{sknvya\nnfg_akd^\ik_p{}}}y½ydfs~{nUTppbYYgnlkqpiluqvqxysyxpvy{ysl}{~vysilk_glgsuiu{plpngkpnqplpkbYTbiuqs}ys}xs{qsnklYPOfsZWdlxvi{{}{}un~{slv~qysnu}}gZ}~kqn~{pnqf_Zpxvvfv~~sY_qiRPZ\da\\\Pp}{uu}pq}}pu^aqsuniy~vs}i{~q{y~{~}}nknplld_Y^gb^Zdqv}~}{}{}y~~yxxnqkq~xx~y{yxv~y~qlxqlg_ax{snki{{}xx}sy}{ylgy}}{}~xss_lpgbZbiuulpsp}}y~svyganuyp\^pvsigu~svyv{~~vplqubqvu}pdnqs~~uvq^p{~ilqyub^fvsd\\\b_PHOTHYpsl^f{sbnvv}}ifdaaiiWbqsqlku{{qx{{v}vy{vuqdknvupqxux~~~{}{qpux{vsuqqssvu{uxyx{{vx}{}}yy}{}{vxvxsvuqqkinnkkisyvv}yvxxsnnspnqsxvuux}~}}~}~~xx{}~xnnquxvppssu{}y~~xux}}yx}~}~yxy~yyxpsvxxuqs{~}yyvyvkiffgfgiiikkfilkfkpy}}y{yuuvqlgiiggkklqpqsvxysv{{xpgkqsqvvvvsspqxx{uuy{sssp}gZ_dp{us}upk^RKd}sgvk\^ny~}qdbix~fPCMfsuslbpii\M{ykYa}dvTa}^g~lGba;>UnlkKO^{kP^akv\9HfOTlqE;C=\{G^g{bGZ¬nPikPTqUs{aTUl{¸W>KaMTx>G;Kg80TpxB)KuyqdPZxǕuglp§TllE09O^uqlfG3K^Ug}ǸsPWlZCRgvö}^PW\UbpsWWYC>Kas~W=EEqff͹bn_qTHbg_M_qxT61Hfvp”RfC6U{i^~xJKk_@CZl}ùZ^}RBRfyçisZ@Jf}xծqxiCYuP6Jlg9UxuiqbJ3HgaWk¹laidsyǹvdB)!&3WZYu~}bJ95EgZWvŹqdvbGBKi}kK@RM}vnŗ{uJYqG9K\{qgT89TRMdy~pgZGEUZkԾuB1B@asWPl\=GRig\nZJpuTERk}˸nYsg@3CayybusP9CHsv{ʶnvJ{q{R>;pKsŦv9Yl_HuGRvKYOJlplvnl_dvˍWpȩlC\xvu^d}qBHOidKJi}\ulgig~{ȳpCun\~}BWuC.Ck;=ZsG8Osn{xu}pOdbORflyfYYaZ356J_lûlMbWTduxȾ—_iROHRi}Ƚ~\dC^i^Y_Uiudzd_qu;66^~k\_y~TGGkd=)9TgžԽuEpgOTp˅Z~ÙWbZ6'1JfffJ9Jb{}b;=gpunnű_g}kKP^x͵ulxiZJ;KTp{ňxqC>;~Y5JJ~guJ+ig>HCT@avԅ{¬sskPUqʾa@6=BZixŸ{~d85KaGK^vxsPEgyPZvжiO059GZZp~ylaM+$>Uk}ŤsiPaladsŬf8CKWaB;MfnqfE3=EYbp~dBETqg_sň~yf\p}as{lR;;TTMZllM'.ZYBHT}yY@W\uv϶fBOYYJ\}\Wnu}__E8Jbu}ŮRPygOfKKgyȱgU\bp^yqB58KGMbyvP;MWnYnǜU=BaaPbpYlO!)d}=MfnHGYfϧY{vM9\E\l{WniYaPa\}xM$MiEyuygȳqdH6Gqbu}xUq96TE.Rbf{Y}Zq\u~paqv_CCUnfaTi}T9HxTgg{Ȟ\dslnU{MdxgÏOWx_{iuikRk}gOWYWqsq^=8EiMps>anU9,6Zk±^^vsxnRKfy¦lMi{d\U@0JbubJqvkxb@@OWZW}s{q~\H{yUdpWMixMPOgiJsK>Zn_}yklYabZvs_ZYH\i_k{~nP6=U}}{l~dGG_yxbõu~M=Yn{pyqZaY66G\{}qiaM>Rk{NJUg}vfW@.3C^fslkgfGuWfUlx˙ͱsUa_;>Pndsg}lYWORCayvv}dOK>Rafq©ldvaREKdp~Ⱦ_ygRKH__dxld{vnqgUEgYlaagYJnu\9OTCfyf~fdf{»n_RW_Z6EEJ_p}xkG=;ffšpB+B}saZsŸ_5PlifRdyl6=yJKWky˻qU8UpPWf{¹xfO3+@TbqvxlaJ15Rnd_{öǹ^OTubxyyʳ~l\C6Kpqu\vnW.3lkZbv~ydC5T}YpqP3@Zx^pq}siG&.E^}p}«~pMRl{GWs٦\Yqf^ZfsxJ'GM_Wql{\36q~iTiʻfH1B\p\~ùg@,;TgPl{xkM,Gi\Y{axqqqfa\T^YivkWaUluagyukf~ulUKp{ZniYKbyqHRKJguxfdaUUWb~~yypyqiYKPduödi_^^b_U_snO@EUku}~kM39;GWiuvdHUTYalpȹlHGd^\dx~kE&B}fRMkxkM9Epgký}pdYB8P~lfЩpdWG05O{abangM,Bsa^uȻxy~ZHP~kMTn~ëvv_9)dfasufuеqyRE_nxqdP8Eqgf{{gOHWYTkxq_WkgdxsisZnpfanl{{qkUkifk{g^}xqnbi\u~nHn{l\qu}u}xP@y~viuxsgqqvkuY@HKduǾ}KOk}_\TWguaYUnsOH{gffds{¤vxpfvZ\{ngbPHdqvxvd_xukWp{susdU\_RRqpdKOfÊi{iY9O}u{v}f{pW@@\lynvxupx~n@6RsUugdUWa{vß}vuO~\akg_lDZgg1Ex}KOqxuM@akx\qaa~lPYfU\v}y~}qakMPq{d_Wp}~iYksg\y{}6@s>>bqG_lqunTkp^kayaqqluvf^Tisvdqn~xiskZHk^vx}~vbqlWqq~_~qdqqaGaivn_RY^b=WiUpiR_\MYxyqgxxvuffuJBPng~Z~^8=\{{l~âuqqlkxfqqqlbqgxuu~~Zinfgdlvl{suvvsyP>;bs\ya}ZZbb^qRdyKBv{~}x{GM{kqZuf^TGEkki~xnfsMavU\yZM{palÏ_pdx~qUUdbf}~~y{udMs~dx{}}du}yxsbPfq}}ngxklnRJR{iRk}nBa{vYpWnubk_^ypk{}{i{qdvy{vfYWR~k}U5Znsxp}udapx{~~}qgfyxKTxk~uRanPOguJOdbnx}iWpuqZ_fu^~}i}sgki_pykslxuqpkxaas^\sxud_x~vW~_i{~pgxq\JZf\PqxRbqunWkiyknvsugW_vksn}{pklppa}qWf~ukGYfkdppfUk^\pnxq@;xdYvunnd\pqxsfU{qndssqyvZpvyybkkpkgau{v}xlbMCT_gppq~}\UnfYi{~}bZsnZWxiukdy{~fJasukJZbnd~qYkifi{\K^uxubTk~p\kklPJabaxaf{~~svUv{ZWis{plu~bCJ_nnvflfdv{}gM^}u}}x{~}uyWHE}xd~ZEMg}xk>B}nqupgsMnMRkskn}s_R9=OZ_\usgKJnsanfiJYdgT\Wkv~p^^lu~qkU>BP\gnivvnl^PEYddid_g~vp}x~ZRfvpsu~usvRkTP^isuiv˩yy~qgWEZba_uqfdibTEPguȰ}nqZCBWgvͶnkavYKT^yuȫfPp{kigqlq{iy^OUUfv{sTTdaUdqk^KRTn~î}lsTfxsYp{Y_{^EUWUi{uvg}d^Ydin{n_KP^iRav~udRZibi}sifaUHZnba~kTPnpy~_x\yORviYsx^YfygZf}nx}pgZP_q~nxlda\KHWgxknibfdbuydO~~iZi~nkZs{vqYan{}pdROfkxk~nPZuynl}y}v_aRYlyixq^pyU_gYiy^nqaf}_Y{WYg^\~U^pggaUssYl^Zq{fl}a^p{fx^Zni\y\Raxy_yyPTklnaTp{snZuvaxv_dysykgxy~ub\bsup~{niuylnpiqn}sb_n{qsysunvy}xp{{~~ldiky~y}kfnqqynpu{lbgy{s}kgvxp}}llpqx{lfgq{yuxyx{{qpu{vnv}skuy~vp{~vsqnv~vvssqv~y{unqyx{ss}}plv}pluy~yy}xllv}}xsss{vnqyyuux{yy{ysy}~}}yy~{vsqqsx~xxy~xqqx}xy}uppy~xsv{uv}{y{}y}~~~~{y~~yxy}~}}~~{{~{{~{xy}~~{vvy~}xy{{}~}}yxxy~yvy~}{y{{yy}~~~}{}~~~{yx{~yy{}~}{{{~~{{}~{}~~~~~~~~}}{{~~~~~}}}~~}{}~}{}~~~~}~~~}~~~~~{yy}~~~~}~~~}~~~~~}}}~~~~}}~~}}}~~~~}~~}~~~~~~~~~~~~~~~~~~~~}~~~~}~~~~~~~~~~~~~}}~~~~~~~~~~}}}~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~*whoosh.wav.WAV 20103RIFFWAVEfmt ++data~~~~~~~~~~~~~~~~~~~~~~~~~~~|||~~~~~zvtvxz|~zvrnlrv||vtrpptz~|xvtv|~~zxvvvz|~xrlhntzzvrrpprrx~|j[QU_|bICCYn[ICY~zlnh]_r|]SUSSjz|x__l~v_]drnUb|nfd_]d]5=rrnj]jz~lMldrx[[_f|YQfWK_xh[zx[CIjzxxdSQz|_fI9WӹM;QnvK;OUx~xj]]YS~ɵlM?plM;CGpٵ[)Kh|% %;xtKQS]ɖbGr|lSnvz~nfS[nëx;Az=+AYݻ|=/1r_ ?|潄W5/Czãf)/pvbMQr|O=OtjdhjlG?G_ɊK3לdQCMppW;1SŷAMz/#?bx͖SAM[hvhYp~~zrvt[]ptWOUtxxd]v~vvxzd_xzh_nrSQltbdp~_lrQ_l][tf]W]~hWfp|fWhnhbU[hzlSCWbYbnxpdhjvjM9Ot]GQ[dpp~hhhdpx~xh]Yntnrp]dlvjQMb|vdjpzxzztljr||_[r~~jb_j|z|xpp~~v]Wh||zx|x|zzndhpxr]Yfntzjl|z||~vppnrzphrxz|~|xtrjjtv~~vz|z||xrrv~xrprtz|||vzxvx|xtx~~~~~~~zxxxx|zxz~~~rrz~|xz~~|vtx|zxz|~~~||zx|||~~zz|zz~~~~|~~||~~||zz|~||z~~~~zxzz|~~~~|~~~|~||~~~~~~~~~~~~~|||~~~~~~~~~~~~~||~~||~||~~~~|||~~~~||||~~~~~~||||~~~~~~~~~~~|~~~~|zz~~~~~~~||||~~||~~~~~|||~~~~~|||~|~|~~~~|z|~~~~~~~|||~~~~~~~~||~~~~~~~~camera.wav.WAV 30105RIFFWAVEfmt ++datah||||||||||||||||||||||||||||||||||||||||x|x|||x|tx||||xx|||xx|||||x|x||||||x|xx|t||||cgxkxxt|x|t|ttxxox||xxto||xt||t|x||t||oxkxx|xo|||ttt|ox||ot||xx|xot|||x|x||xt|xx|xx|t||xtxx|x||t||||||x|t||||ttxx|xt|x|ox|o||x||t|oxxot|t|o|xxx||||x|x||t|||||||||x||xxtxt|xxx|xx|xx||t||xxt|x|||xtxxxx|||||t||xx|||t|xx|xx|xox||||xxox|x|||xxxxt|x|xxt|||||xokkgWto|tk||t_|kxot|x|o|x|||xx|x||xo|x|xx|x|xtx|otxx|xx|||tx||||||xxoxo|t||ktxxx|xttto|t|k|||x|||oxo||txoto|x|xx||xkk|t||||xx|t|xxto|x|kt||||xtt|||||||xxx|ttxtxx|||c|k|||xtxxtxx|x|x|||x||||||x||||xxo|g|x||x|||xt|||||||||||x||||||x||||||x|x||x||||||xxx|o[ooBtWt™F_gtBW|gJcttFtogotxgoo|xo|x|||ox|xxx|xxx||x|||||||x|xx|x|||||x|x|x||x|x||x||||xx||||tkt_|o|tk_xNƀ)JۀgtgSk FB%||>gc:ΑtSx)k[[>xk_xx[[cSco[ookc_ooƀkx|So||gxxg|tc|to[|kct|totkgo|oooo||ktt|txtxk||||||xx|xx|txt|||t|||||x||||xx||||||||||x|||||x||tx|||||||x|txtxx|||||x||xxxt|||||t|||xx||||||xx|x||||x||||||xox||o|gc||tok||ttotxx|t|x|xx||o|x|||x|txx||x||xxxxx||||||xxx|x||||||||x||||||||||||||||||||||tx|x||txt||xx|x|xxxxxxx|||||xxxxx|||x||||||x|||toxxxxg|ox|ott|c|x|ox|tt||||||||xtt|||||||||||||||||x|||x|txxx|xx|||x||x||||||||||x|||||x|x||xx||||||||x|||||||||||||||||x||||||||||||||||||x||||||x||||||||||||x|x||xxx|x||||||||x|||x|||xx|||tx||||ot|o|x||xt||xtt|||||||||||||||xx||||xxtxx|||||||x|||txx|xxxxx|txxt||t|x||xx||||||xx|xxx|||xxx|xtx|t||||x|||||||||x|||||x|xt|xxxtx|x|x|xx||||||xxxx||xxxt|xx|xtx|t|xxt|x|x|txx||x|||xx||x|x||||||||x|x|||t|txx|xt|t|txx|t||xxx||x|x||xx|t|x||x||x|x||x|t||txttx|t||xt||x||||xxxx|xttx|t|txx|||x|t|x|||||x|||x|||x||txto|x|x||txx|||xx|xx|x||xox|tt||x|x||x|tt|||||x|x||x|x||x|tt||tot||x|t|x||||||x|||||xx||t||xx||x|xo||ttx||x||||x|x||x|||xxt|ox|xtxx|||txx|||tt||x|||o||t|t|xtxxx|||xxo||xt|x|xtkkkot|x|t||||x|||||x|||xx||x|x||x|||ttxxx|Nktg|gocxo|o|ttgt|xxxxt|t||x||x|txx|x||xx|||xt|||x|x|||||||tt|||||t|x|||||xt|t|x|x|tx||t||x||ox|ttxt|xtot|g|xt|||||xxx|||||xtxx||t|t|x|xx||||||||x|||t|||xt|||tx||x|ttttxt|x||||t|x|xo||tx||txxx||x|||t||||x|||xxxtt||||xt|x||xxxxxx|tt|o|gxt||tg|txx||tkkFokx_toc|tot||cxxoo|xxtxoo|kx|xktx||ot|txx|x|||x|txxkt|xtxxt|xtktt|t|xxxxxxx|xk||t||x||||x|xttot|xoto|oxxtoxx||xxx|t|x|txx|x||xxt|o|||kxxx||x|x|||t|||x|||xxkxttxxxxk||xtox|xx|xtt||t|txx|t||x||x|xtcߌƑct__|SWo|Nott[_t|gokx|tkxgtttcokkxxxxgc||||xxt|||x|x|xtxxx||||tt||x||||x||x|||||||||x|||xx||||x||||||||||x|||||||||||||||||xx|||||||||||||||||||||||||||||||||x||||||x|||||xx||||||||x|||||||||||||||||||||||||||||||x|||||x|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||x|||||xx|||||||x||||||||||||||||||||||||||xx||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| 2#^  O 7 8*b!(%(6-  .)J?"G#b$gqo}CivEv3b$ N': G3b$nɴg "b$D8eUM0} -b$躜qP㐽.6b$\fwPcE$a[HR Lb$NAP"E rTb$Bx2Ti=iY'ŗ[$b$m{uJs/Yv 0AA ߿@8aFlO ʚ;̇@+ʚ;g4[d[dv 0ppp@ <4!d!d` 0L4<4dddd` 0L4 <4dddd 0Lh0___PPT10 pp___PPT9./9? %9DSingle Sign-On open source avec CAS (Central Authentication Service)+Vincent Mathieu Pascal Aubry Julien MarchalSSO open source avec CASIntroduction Pourquoi le Single Sign-On ? Principes du SSO sur le web Le choix de CAS Le mcanisme CAS L authentification sous CAS CAS-ification d une application applications web applications non web CAS aujourd hui et demain Dmonstration` JM&) JM&)Pourquoi le Single Sign-On ?Single Sign-On = Authentification unique et unifie Authentifications multiples Scurit Le vol d un mot de passe unique est critique Protger le mot de passe Ne pas le transmettre aux applications (simplification des applications et non dlgation de la scurit) Diffrents mcanismes d authentification Abstraction du mode d authentification LDAP, NIS, BDD, certificats X509, & v[-*'$[-*  '$Pourquoi le Single Sign-On ?Principes du SSO web2Centralisation de l authentification Sur un serveur (d authentification) Redirections HTTP transparentes Des applications vers le serveur d authentification Du serveur d authentification vers les applications Passage d informations lors de ces redirections Cookies Paramtres CGIt%$!h1%$!h1  $Le choix de CAS par ESUP-Portail (1)Scurit Le mot de passe n est transmis qu au serveur d authentification Utilisation de tickets opaques et usage unique ( la Kerberos) Mcanisme n-tiers Utilisation de services sans transmission du mot de passe Portabilit (librairies clientes) Java, Perl, JSP, ASP, PHP, PL/SQL, modules apache et PAM Adaptation aise des applications :#[ {:#[ "$Le choix de CAS par ESUP-Portail (2)Prennit Dvelopp par l Universit de Yale En production dans les universits (amricaines notamment) Plateforme J2EE Code lger (un millier de lignes de code) Open source Intgration uPortal` ^*" ^*" Le choix de CAS L1re authentification d un utilisateur$'#L1re authentification d un utilisateur$'#pTGC : Ticket Granting Cookie Passeport du navigateur auprs du serveur CAS Cookie priv et protg (le seul cookie utilis dans CAS ; il n est pas obligatoire) Ticket opaque rejouable.ZZ 0Accs une application (aprs authentification)0Accs une application (aprs authentification)0Accs une application (avant authentification)0Accs une application (avant authentification) RemarquesUne fois le TGC acquis, l authentification devient transparente pour l accs toutes les autres applications CAS-ifies Une fois authentifi pour une application, une session applicative est mise en placen W Fonctionnement n-tiersyPGT : Proxy Granting Ticket Passeport d'un utilisateur pour une application auprs du serveur CAS Ticket opaque rejouable.Z^Z^!Fonctionnement n-tiersxPT : Proxy Ticket Passeport d'un utilisateur auprs d'un service tiers Ticket opaque non rejouable Limit dans le temps.ZgZg 6L authentification sous CASbLaisse l initiative de l administrateur Dveloppement  genericHandler par ESUP-Portail Possibilit d utiliser plusieurs modes d authentification Configuration au format XML&\V\V,; WFCAS-ification d une application web7Utilisation des librairies fournies Quelques lignes de code Cas-ification des applications proxy HTTPS ncessaire pour certaines URL Complexit masque par les librairies Dans tous les cas, grer des sessions applicatives Possibilit de mod_cas avec Apache Protection de documents statiques et/ou dynamiquesLcJX3cJX3>> @#FCAS-ification d une application webZExemple d utilisation de phpCAS (ESUP-Portail) <?php // include phpCAS library include_once('CAS/CAS.php'); // declare our script as a CAS client phpCAS::client(CAS_VERSION_2_0,'auth.univ.fr',443,''); // redirect to the CAS server if needed phpCAS::authenticateIfNeeded(); // at this point, the user is authenticated ?> <h1>Successfull Authentication!</h1> <p>User's login: <?php echo phpCAS::getUser(); ?>.</p>6// CG"C&GCG%CGC(GCGC,G?CG C2  :     )  NCAS-ification d une application non WEB(( )Un des point forts de CAS Grce au module pam_cas Exemple de configuration PAM auth sufficient /lib/security/pam_ldap auth sufficient /lib/security/pam_pwdb.so shadow nullok auth required /lib/security/pam_cas.so \ -simap://mail.univ.fr \ -phttps://ent.univ.fr/uPortal/CasProxyServlet ,QQC+     (!Le module pam_cas lPam_cas permet d authentifier partir d un ticket CAS0)">CAS-ification d un serveur IMAPzProblmatique Accder un serveur IMAP depuis une application web alors que l on ne connat pas le mot de passe de l utilisateur connect Laisser la possibilit aux clients de messagerie traditionnels de s authentifier normalement (avec un mot de passe) Ne pas modifier le serveur IMAP La solution : pam_cas :-)62*#>CAS-ification d un serveur IMAP +$HLa problmatique particulire d IMAP6Les ouvertures de connexion vers un serveur IMAP sont trs nombreuses Les clients Web ne gardent pas les connexions IMAP ouvertes (IMP) Valider un ticket chaque connexion est pnalisant pour le serveur CAS Ncessit d un cache Cyrus-IMAP propose un cache en standard (sasl_authd)6FLFL ,%HLa problmatique particulire d IMAP -&HLa problmatique particulire d IMAP $HLa problmatique particulire d IMAPLe webmail est intgr dans le SSO de ESUP-Portail En production l Universit de Nancy 2 Efficacit du cache : 95%&\\2CAS aujourd hui et demainCAS aujourd hui Au sein du projet Esup-portail D une manire gnrale Limitations et perspectives CAS traite l authentification, pas les autorisations Partage de charge et tolrances aux pannesL6`6`" .'Dmonstration rapide 1( Liens utiles9Home page de CAS : http://www.yale.edu/tp/cas/ Archive liste CAS : http://tp.its.yale.edu/pipermail/cas/ Archive uportal : http://list.unm.edu/archives/jasig-portal.html Documentations esup-portail : http://www.esup-portail.org/consortium/espace/SSO_1B/ http://www.esup-portail.org/consortium/espace/SSO_1B/cas/ Z:&/p%    '!0/(!0Di9!0|/!0.!08/3 ` ` ̙33` 333MMM` ff3333f` f` f` 3>?" dd@$~?" dd@  " @ ` n?" dd@   @@``PR    @ ` ` p>>   q(  `   s *"r  <d"/  6v 0  e1Cliquez pour modifier le style du titre du masque2 2@  6y   vCliquez pour modifier les styles du texte du masque Deuxime niveau Troisime niveau Quatrime niveau Cinquime niveau4 wl  6"  tW?JRES 2003Arial Black#" ` gH  0޽h ? ̙33 "Modle par dfaut  @ ?(  r  <d"@l  6"   6P @P  e1Cliquez pour modifier le style du titre du masque2 2  6|F    l8Cliquez pour modifier le style des sous-titres du masque9 9  0F `` F X*  0 F `  F Z*  0F `  F Z*   tW?JRES 2003Arial Black#" `IjH  0޽h ? ̙330 `.(    0N P   N P*    0PN    N R*  d  c $ ?  N:  0!N  0 N vCliquez pour modifier les styles du texte du masque Deuxime niveau Troisime niveau Quatrime niveau Cinquime niveau4 w  6&N _P  N P*    6`+N _  N R*  H  0޽h ? 3380___PPT10. D ' &&0[]V&(  x  c $@F@P F x  c $F  F N  C &Anancy2 `( l$F x  c o   |. W?UNIVERSITE DE RENNES 1Arial Z  s * P Z  s *P`2   0g xy `2   0g 0X T    #  Z2   s *Z2   s *Z2  s * P T P  # P   WGoYm?UNIVERSITATISArial Narrow   ~ WG?SIGILUMArial Narrow"Z    WG1s?REDONENSISArial Narrow P` `2  0g 6 `2  0g o T mT  # mT v N m   m Z2  s *` .l  <]G ڦH `  0 N  5`  0 E  $l  <x,GӲHG  l  <x,GUH  `  0 s a Z2  s *X < l  <H)G?H  f   6gGp* Z l ! <H)GgɳH0  `2 " 0'!w  ! Z2 # s *<  w `2 $ 0:(< . B f % 6G  @`2 & 0wE `2 ' 0`2 ( 0 mc`2 ) 00!P`2 * 0G i=  ` + 0H-  Z2 , s * - || T m  -# x TZ2 . s *` .l / <]G ڦH ` 0 0 N  5` 1 0 E  $l 2 <x,GӲHG  l 3 <x,GUH  ` 4 0 s a Z2 5 s *X < l 6 <H)G?H  f 7 6gGp* Z l 8 <H)GgɳH0  `2 9 0'!w  ! Z2 : s *<  w `2 ; 0:(< . B f < 6G  @`2 = 0wE `2 > 0`2 ? 0 mc`2 @ 00!P`2 A 0G i=  ` B 0H-  Z2 C s * - || T m  D#    Z2 E s *` .l F <]G ڦH ` G 0 N  5` H 0 E  $l I <x,GӲHG  l J <x,GUH  ` K 0 s a Z2 L s *X < l M <H)G?H  f N 6gGp* Z l O <H)GgɳH0  `2 P 0'!w  ! Z2 Q s *<  w `2 R 0:(< . B f S 6G  @`2 T 0wE `2 U 0`2 V 0 mc`2 W 00!P`2 X 0G i=  ` Y 0H-  Z2 Z s * - |T [ C ,Alogo-esup^  H  0޽h ? ̙33y___PPT10Y+D=' = @B +y    0(   x  c $ F0  F x  c $܂F F H  0޽h ? ̙33y___PPT10Y+D=' = @B +y  p0(  x  c $N0  N x  c $2  N x(    L HN? P ,$D0 @ x  c $N0  N   BN?k   Dnavigateur web  BN? P`  ? appli n1  |B  TKGW H^?PSL O vB  NGW H^?PSk Z |B  @ TKGW H^?PS [  ! C $A lock3>[ ,$D 0 " BPN? 0  ? appli n2   # C $A lock3>p[ ,$D 0 $ BN?   ? appli n3   % C $A lock3>@` [ ,$D 0 3 C $A lock3` i ,$D  0 = <|N0 ; sans le SSO  D BN?@0 =servicevB E NGW H^?PSp G C $A lock3Ol,$D 0Il   M  ,$D0 &  H8N?  Dnavigateur webB *  ZKGW H^?PSRw  B -  TGW H^?PS Z B . B ZKGW H^?PSLq   4  HhN? 0  ? appli n1   5  HN?  ? appli n2   6  HN?  ? appli n3   >  B+B#style.visibility<*! %(D' =+4 8?dCB4/3*#ppt_wBCB#ppt_wB*Y3>B ppt_w<*! D' =+4 8?dCB4/3*#ppt_hBCB#ppt_hB*Y3>B ppt_h<*! D' =%(D' =4@BBB B%(D' =1:Bvisible*o3>+B#style.visibility<*G %(D' =+4 8?dCB4/3*#ppt_wBCB#ppt_wB*Y3>B ppt_w<*G D' =+4 8?dCB4/3*#ppt_hBCB#ppt_hB*Y3>B ppt_h<*G D' =%(D' =4@BBB B%(D' =1:Bvisible*o3>+B#style.visibility<*# %(D' =+4 8?dCB4/3*#ppt_wBCB#ppt_wB*Y3>B ppt_w<*# D' =+4 8?dCB4/3*#ppt_hBCB#ppt_hB*Y3>B ppt_h<*# D' =%(D' =4@BBB B%(D' =1:Bvisible*o3>+B#style.visibility<*% %(D' =+4 8?dCB4/3*#ppt_wBCB#ppt_wB*Y3>B ppt_w<*% D' =+4 8?dCB4/3*#ppt_hBCB#ppt_hB*Y3>B ppt_h<*% Dv' =%(D' =%(D3' =4@BBB B%(D' =1:Bvisible*o3>+B#style.visibility<*K %(D' =-o6Bbox(out)*<3<*K D' =%(D3' =4@BB BB%(D' =1:Bvisible*o3>+B#style.visibility<*M %(D' =-o6Bdissolve*<3<*M D' =%(D' =%(D@' =A@BB BB0B%(D' =1:Bvisible*o3>+B#style.visibility<*L %(D' =-o6Bdissolve*<3<*L D' =%(D' =4@BBBB%(D' =1:Bvisible*o3>+B#style.visibility<*3 %(D' =+4 8?RCBBCB#ppt_wB*Y3>B ppt_w<*3 D' =+4 8?RCBBCB#ppt_hB*Y3>B ppt_h<*3 +8+0+L  +y  0(  x  c $x'0   x  c $4(  H  0޽h ? ̙33y___PPT10Y+D=' = @B +y  0(  x  c $/0   x  c $H  H  0޽h ? ̙33y___PPT10Y+D=' = @B +  <(  ~  s *P50   ~  s * 6  H  0޽h ? ̙33y___PPT10Y+D=' = @B +b  16( g(  ( 0( HxC?0  ,$D0 @ Fl  @ /(@ p,$D0 ( HHG?  Dnavigateur webB ( ZKGW H^?PS a  B ( TGW H^?PSj B (B ZKGW H^?PS5   ( HK?  ? appli n1   ( HO?   ? appli n2    ( HT?   ? appli n3    ( BW  :avec CAS   +( B\[? @  =service~B -( NGW H^?PS p p~  ( s *H]0     ( B|^?k  Dnavigateur web  ( BLc? 0@  ? appli n1   (@ ZGCH$NI` ?PSP,$D 0|B ( TKGW H^?PSL / B ( NGW H^?PS-,$D 0 ( ZGCH$NI` ?PS,$D 0vB ( NGW H^?PSk : |B (@ TKGW H^?PS ; L ( C $A lock3[  ( Bg?   ? appli n2  L ( C $A lock3P[  ( Bk?   ? appli n3  L ( C $A lock3 p[ B ( NGW H^?PSP]p,$D  0 ( C $A lock3 p  ,$D 0 ( Bp̙? 0` ,$D  0 j4serveur d authentification  ( C $A lock3 P0 ,$D 0 ( C $A lock3 @ ,$D 0 ( C $A lock3 @ ,$D 0B (@ TYuGW H^̙?PS@ 0B ,$D  0  ( <Xv ; sans le SSO z qp !( >,$D 02 "( C x?7Z<P0p #( <zq| Lrfrentiel utilisateursz 0 $( 0,$D  02 %( C x?7Z<P @0 &( <~< Lrfrentiel utilisateurs '( B?@` =servicevB (( NGW H^?PSpB )( TZGH?PSS,$D 0L *( C $A lock3 l ,( C $A lock3pp ,$D 0B .( c $D0P,$D 0, 2( BI;8[ E9 ,$ 0 Pidentifiant, mot de passe, certificat, & ))  6( Bx:,$ 0 NMais comment a marche ?H ( 0޽h ? ̙33BB___PPT10B+qhDA' = @B DFA' = @BA?%,( < +O%,( < +D' =%(D' =%(D' =4@BBBB%(D' =1:Bvisible*o3>+B#style.visibility<*!(%(D' =+4 8?RCBBCB#ppt_wB*Y3>B ppt_w<*!(D' =+4 8?RCBBCB#ppt_hB*Y3>B ppt_h<*!(D' =%(DA' =4@BBBB%(D' =1:Bvisible*o3>+B#style.visibility<*(%(D' =-}6B!strips(upRight)*<3<*(D' =%(D7' =4@BBBB%(D' =1:Bvisible*o3>+B#style.visibility<*)(%(D' =-s6Bwipe(left)*<3<*)(D' =%(D7' =4@BBBB%(D' =1:Bvisible*o3>+B#style.visibility<*(%(D' =-s6Bwipe(down)*<3<*(D' =%(D?' =4@BBB B%(D' =1:Bvisible*o3>+B#style.visibility<*(%(D' =-{6Bstrips(upLeft)*<3<*(Dv' =%(D' =%(D3' =4@BBB B%(D' =1:Bvisible*o3>+B#style.visibility<*.(%(D' =-o6Bbox(out)*<3<*.(D' =%(D3' =4@BB BB%(D' =1:Bvisible*o3>+B#style.visibility<*/(%(D' =-o6Bdissolve*<3<*/(D ' =%(D' =%(DA' =4@BBBB%(D' =1:Bvisible*o3>+B#style.visibility<*(%(D' =-}6B!strips(upRight)*<3<*(D#' =%(D' =A@BBBB0B%(D' =1:Bvisible*o3>+B#style.visibility<*(%(D' =+4 8?dCB1+#ppt_w/2BCB#ppt_xB*Y3>B ppt_x<*(D' =+4 8?\CB#ppt_yBCB#ppt_yB*Y3>B ppt_y<*(D' =%(D' =A@BBBB0B%(D' =1:Bvisible*o3>+B#style.visibility<*2(%(D' =%(D' =%(D' =4@BBBB%(D' =1:Bvisible*o3>+B#style.visibility<*$(%(D' =+4 8?RCBBCB#ppt_wB*Y3>B ppt_w<*$(D' =+4 8?RCBBCB#ppt_hB*Y3>B ppt_h<*$(D' =%(D7' =4@BBBB%(D' =1:Bvisible*o3>+B#style.visibility<*(%(D' =-s6Bwipe(down)*<3<*(D' =%(D' =%(D@' =A@BB BB0B%(D' =1:Bvisible*o3>+B#style.visibility<*0(%(D' =-o6Bdissolve*<3<*0(D' =%(D' =4@BBB B%(D' =1:Bvisible*o3>+B#style.visibility<*(%(D' =+4 8?dCB4/3*#ppt_wBCB#ppt_wB*Y3>B ppt_w<*(D' =+4 8?dCB4/3*#ppt_hBCB#ppt_hB*Y3>B ppt_h<*(D' =%(D' =%(D' =4@BBB B%(D' =1:Bvisible*o3>+B#style.visibility<*(%(D' =+4 8?dCB4/3*#ppt_wBCB#ppt_wB*Y3>B ppt_w<*(D' =+4 8?dCB4/3*#ppt_hBCB#ppt_hB*Y3>B ppt_h<*(D' =%(D' =4@BBB B%(D' =1:Bvisible*o3>+B#style.visibility<*,(%(D' =+4 8?dCB4/3*#ppt_wBCB#ppt_wB*Y3>B ppt_w<*,(D' =+4 8?dCB4/3*#ppt_hBCB#ppt_hB*Y3>B ppt_h<*,(D' =%(D' =4@BBB B%(D' =1:Bvisible*o3>+B#style.visibility<*(%(D' =+4 8?dCB4/3*#ppt_wBCB#ppt_wB*Y3>B ppt_w<*(D' =+4 8?dCB4/3*#ppt_hBCB#ppt_hB*Y3>B ppt_h<*(D' =%(D' =4@BBB B%(D' =1:Bvisible*o3>+B#style.visibility<*(%(D' =+4 8?dCB4/3*#ppt_wBCB#ppt_wB*Y3>B ppt_w<*(D' =+4 8?dCB4/3*#ppt_hBCB#ppt_hB*Y3>B ppt_h<*(D#' =%(D' =A@BBBB0B%(D' =1:Bvisible*o3>+B#style.visibility<*6(%(D' =+4 8?dCB1+#ppt_w/2BCB#ppt_xB*Y3>B ppt_x<*6(D' =+4 8?\CB#ppt_yBCB#ppt_yB*Y3>B ppt_y<*6(++0+0( ++0+( ++0+2( ++0+6( +   ,(  ,r , S 0    , B̙?p` ,$ 0 C serveur CAS  C  , C $A login  ,$D 0B ,@ NGW H^̙?PS ` ,$D 0B , NGW H^̙?PS  ,$D 0 , <4   ,$D0 t>formulaire d authentification : c  , Bto N" ,$D0 ;HTTPSC , BH?@p0,$0 Fnavigateur webC H , 0޽h ? ̙33___PPT10+*+D' = @B D' = @BA?%,( < +O%,( < +D' =%(%(DH' =%(D' =4@BBBB%(D' =1:Bvisible*o3>+B#style.visibility<*,%(D' =+4 8?\CB#ppt_xBCB#ppt_xB*Y3>B ppt_x<*,D#' =+4 8?nCB!#ppt_y+#ppt_h/2BCB#ppt_yB*Y3>B ppt_y<*,D' =+4 8?\CB#ppt_wBCB#ppt_wB*Y3>B ppt_w<*,D' =+4 8?RCBBCB#ppt_hB*Y3>B ppt_h<*,D' =%(D' =A@BBBB0B%(D' =1:Bvisible*o3>+B#style.visibility<*,%(D6 ' =%(DH' =%(D' =4@BBBB%(D' =1:Bvisible*o3>+B#style.visibility<*,%(D' =+4 8?\CB#ppt_xBCB#ppt_xB*Y3>B ppt_x<*,D#' =+4 8?nCB!#ppt_y-#ppt_h/2BCB#ppt_yB*Y3>B ppt_y<*,D' =+4 8?\CB#ppt_wBCB#ppt_wB*Y3>B ppt_w<*,D' =+4 8?RCBBCB#ppt_hB*Y3>B ppt_h<*,D' =%(D' =A@BBBB0B%(D' =1:Bvisible*o3>+B#style.visibility<*,%(D' =%(DE' =4@BBB%B%(D' =1:Bvisible*o3>+B#style.visibility<*,%(D' =-6B%barn(outVertical)*<3<*,+p+0+, ++0+, +:9  $  l (  lr l S $0    l S  @<$ 0   l B\̙?p` ,$ 0 C serveur CAS  C B l@ NGW H^̙?PS ` ,$D 0 l <á + ,$D0 Pidentifiant mot de passec  l C &Alogin2N ,$D 0 l B8ȡo N" ,$D0 ;HTTPSCB  l NGW H^?PS`,$D 0z 0  l >J!,$D 02  l C x?7Z<P @0  l <0̡< Nrfrentiel utilisateursC  l BLС?@p0,$0 Fnavigateur webC  l C x$ԡ 3jJf11?0,$D 0 ;TGC yl  p  l p ,$D 0B l # lGW H^̙?PS  ,$0% l S ~,ء 3jJf11?P p| ,$0 ;TGC H l 0޽h ? ̙33++___PPT10+.+: D*' = @B DI*' = @BA?%,( < +O%,( < +D ' =%(%(DH' =%(D' =4@BBBB%(D' =1:Bvisible*o3>+B#style.visibility<*l%(D' =+4 8?\CB#ppt_xBCB#ppt_xB*Y3>B ppt_x<*lD#' =+4 8?nCB!#ppt_y+#ppt_h/2BCB#ppt_yB*Y3>B ppt_y<*lD' =+4 8?\CB#ppt_wBCB#ppt_wB*Y3>B ppt_w<*lD' =+4 8?RCBBCB#ppt_hB*Y3>B ppt_h<*lD' =%(D' =A@BBBB0B%(D' =1:Bvisible*o3>+B#style.visibility<*l%(D' =%(D' =A@BBBB0B%(D' =1:Bvisible*o3>+B#style.visibility<*l%(D ' =%(DH' =%(D' =4@BBBB%(D' =1:Bvisible*o3>+B#style.visibility<* l%(D' =+4 8?\CB#ppt_xBCB#ppt_xB*Y3>B ppt_x<* lD#' =+4 8?nCB!#ppt_y+#ppt_h/2BCB#ppt_yB*Y3>B ppt_y<* lD' =+4 8?\CB#ppt_wBCB#ppt_wB*Y3>B ppt_w<* lD' =+4 8?RCBBCB#ppt_hB*Y3>B ppt_h<* lD' =%(D' =4@BBBB%(D' =1:Bvisible*o3>+B#style.visibility<* l%(D' =+4 8?RCBBCB#ppt_wB*Y3>B ppt_w<* lD' =+4 8?RCBBCB#ppt_hB*Y3>B ppt_h<* lD,' =%(DH' =%(D' =4@BBBB%(D' =1:Bvisible*o3>+B#style.visibility<*l%(D' =+4 8?\CB#ppt_xBCB#ppt_xB*Y3>B ppt_x<*lD#' =+4 8?nCB!#ppt_y-#ppt_h/2BCB#ppt_yB*Y3>B ppt_y<*lD' =+4 8?\CB#ppt_wBCB#ppt_wB*Y3>B ppt_w<*lD' =+4 8?RCBBCB#ppt_hB*Y3>B ppt_h<*lD' =%(DE' =4@BBB%B%(D' =1:Bvisible*o3>+B#style.visibility<*l%(D' =-6B%barn(outVertical)*<3<*lD#' =%(D' =A@BBBB0B%(D' =1:Bvisible*o3>+B#style.visibility<*l%(D' =+4 8?\CB#ppt_xBCB#ppt_xB*Y3>B ppt_x<*lD' =+4 8?dCB1+#ppt_h/2BCB#ppt_yB*Y3>B ppt_y<*lD' =%(D' =A@BBBB0B%(D' =1:Bvisible*o3>+B#style.visibility<*l%(D' =A@BBBB0B%(D' =1:Bvisible*o3>+B#style.visibility<*lK%(D' =A@BBBB0B%(D' =1:Bvisible*o3>+B#style.visibility<*lK%(D' =A@BBBB0B%(D' =1:Bvisible*o3>+B#style.visibility<*l%(++0+l ++0+l ++0+l ++0+l +ZZ  2* 7@`:(  @x @ c $$ߡ0    @ B?p Dnavigateur web  @ BP̙?p` ,$0 A serveur CAS     @ C x 3jJf11?M0 ;TGC   @ Bo N"  9HTTPS @ B`?@0 0  A application  B @ Tf5GrH?PS  7 ,$D 0B @@ 0DԔQ  ,$D 02 @  :mжmжBCSENG4HըI`TJJQd& Ԕ? S-S-`TJ-`TJ{/ a ,$D 02 @  (mжmжB~ENGI+*Qd& Ԕ? ~K ~`T~K ~`T+*`TK ~`T+*`T{ Pc ,$D 02 @  :mжmжBCVENGtHKLI`TJFQd& Ԕ? VV`TF`TF{ R ,$D 02 @  4mжmжBv^CENG"H^I Qd& Ԕ? v^vv^v `Tv `T{?4,$D  02 !@  4mжmжB`C>[ENGEsHJIAQd& Ԕ? `>[`>[A`T>[A`T{ ,$D 02 "@  :mжmжBhCENG 3HqI`TJ3Qd& Ԕ? HhHuHhHu`T3hHu`T3{0 !  ,$D 0B $@ Tf5GrH?PSN  ,$D 0l @ `  0@ @` ,$D 0B @B ZDԔ   %@ S ~ 3jJf11?@ `  ;TGC l     5@  ,$D 0fB @ 6DԔP P  '@ S ~i 3jJf11? ]   :ST l  4 P  6@ 4 P ,$D  0lB @B <DԔ 4 P  +@ S ~Xi 3jJf11?@  :ST l 0  7@0 ,$D  0lB @ <DԔ0  -@ S ~i 3jJf11?  :ST Q .@ 6 i  ,$ 0 qST : Service Ticket Passeport du navigateur auprs du client CAS Ticket opaque non rejouable Limit dans le temps*^^l 0 _ 3@0 _,$D  0fB  @B 6DԔ0@ @ /@ C xi 3jJf11?T  _ 6ID H @ 0޽h ?o`@@@@!@"@ ̙33==___PPT10=+gDT=' = @B D=' = @BA?%,( < +O%,( < +D' =%(%(D' =%(DA' =4@BBBB%(D' =1:Bvisible*o3>+B#style.visibility<*@%(D' =-}6B!strips(upRight)*<3<*@Ds' =%(D' =%(D7' =4@BBBB%(D' =1:Bvisible*o3>+B#style.visibility<*@%(D' =-s6Bwipe(down)*<3<*@D' =%(DC' =4@BBB B%(D' =1:Bvisible*o3>+B#style.visibility<*@%(D' =-6B#strips(downLeft)*<3<*@D' =%(D9' =4@BBBB%(D' =1:Bvisible*o3>+B#style.visibility<*!@%(D' =-u6Bwipe(right)*<3<*!@DH' =%(D' =4@BBBB%(D' =1:Bvisible*o3>+B#style.visibility<*0@%(D' =+4 8?\CB#ppt_xBCB#ppt_xB*Y3>B ppt_x<*0@D#' =+4 8?nCB!#ppt_y+#ppt_h/2BCB#ppt_yB*Y3>B ppt_y<*0@D' =+4 8?\CB#ppt_wBCB#ppt_wB*Y3>B ppt_w<*0@D' =+4 8?RCBBCB#ppt_hB*Y3>B ppt_h<*0@D+' =%(D' =%(D7' =4@BBBB%(D' =1:Bvisible*o3>+B#style.visibility<*@%(D' =-s6Bwipe(left)*<3<*@DH' =%(D' =4@BBBB%(D' =1:Bvisible*o3>+B#style.visibility<*5@%(D' =+4 8?\CB#ppt_xBCB#ppt_xB*Y3>B ppt_x<*5@D#' =+4 8?nCB!#ppt_y-#ppt_h/2BCB#ppt_yB*Y3>B ppt_y<*5@D' =+4 8?\CB#ppt_wBCB#ppt_wB*Y3>B ppt_w<*5@D' =+4 8?RCBBCB#ppt_hB*Y3>B ppt_h<*5@D' =%(D7' =4@BBBB%(D' =1:Bvisible*o3>+B#style.visibility<*@%(D' =-s6Bwipe(left)*<3<*@D' =%(DA' =4@BBBB%(D' =1:Bvisible*o3>+B#style.visibility<*6@%(D' =-}6B!strips(upRight)*<3<*6@D' =%(D' =A@BBBB0B%(D' =1:Bvisible*o3>+B#style.visibility<*.@%(D' =A@BBBB0B%(D' =1:Bvisible*o3>+B#style.visibility<*.@A%(D' =A@BBBB0B%(D' =1:Bvisible*o3>+B#style.visibility<*.@A]%(D' =A@BBBB0B%(D' =1:Bvisible*o3>+B#style.visibility<*.@]r%(D' =%(DH' =%(D' =4@BBBB%(D' =1:Bvisible*o3>+B#style.visibility<*7@%(D#' =+4 8?nCB!#ppt_x+#ppt_w/2BCB#ppt_xB*Y3>B ppt_x<*7@D' =+4 8?\CB#ppt_yBCB#ppt_yB*Y3>B ppt_y<*7@D' =+4 8?RCBBCB#ppt_wB*Y3>B ppt_w<*7@D' =+4 8?\CB#ppt_hBCB#ppt_hB*Y3>B ppt_h<*7@D7 ' =%(D' =%(D7' =4@BBBB%(D' =1:Bvisible*o3>+B#style.visibility<*@%(D' =-s6Bwipe(down)*<3<*@DH' =%(D' =4@BBBB%(D' =1:Bvisible*o3>+B#style.visibility<*3@%(D#' =+4 8?nCB!#ppt_x-#ppt_w/2BCB#ppt_xB*Y3>B ppt_x<*3@D' =+4 8?\CB#ppt_yBCB#ppt_yB*Y3>B ppt_y<*3@D' =+4 8?RCBBCB#ppt_wB*Y3>B ppt_w<*3@D' =+4 8?\CB#ppt_hBCB#ppt_hB*Y3>B ppt_h<*3@D' =%(D' =%(DE' =4@BBBB%(D' =1:Bvisible*o3>+B#style.visibility<*"@%(D' =-6B%strips(downRight)*<3<*"@D' =%(DC' =4@BBB B%(D' =1:Bvisible*o3>+B#style.visibility<*$@%(D' =-6B#strips(downLeft)*<3<*$@+8+0+.@ +%  $'p((  px p c $(i0  i  p BHi̙?p`  A serveur CAS    p B<io N"  ;HTTPSXB  p@ 0DԔQ  b2  p  :mжmжBCSENG4HըI`TJJQd& Ԕ? S-S-`TJ-`TJ{/ a P2  p  (mжmжB~ENGI+*Qd& Ԕ? ~K ~`T~K ~`T+*`TK ~`T+*`T{ Pc b2  p  :mжmжBCVENGtHKLI`TJFQd& Ԕ? VV`TF`TF{ R \2  p  4mжmжBv^CENG"H^I Qd& Ԕ? v^vv^v `Tv `T{?4\2 p  4mжmжB`C>[ENGEsHJIAQd& Ԕ? `>[`>[A`T>[A`T{ b2 p  :mжmжBhCENG 3HqI`TJ3Qd& Ԕ? HhHuHhHu`T3hHu`T3{0 !  F @ `  p  @` B pB TDԔ   p C x i 3jJf11?@ `  ;TGC F     p   `B p 0DԔP P  p C x$i 3jJf11? ]   :ST F  4 P  p  4 P fB pB 6DԔ 4 P  p C x@(i 3jJf11?@  :ST F 0  p 0 fB p 6DԔ0  p C x,i 3jJf11?  :ST  p 6@/i   qST : Service Ticket Passeport du navigateur auprs du client CAS Ticket opaque non rejouable Limit dans le temps*^^F 0 _ p 0 _fB pB 6DԔ0@ @  p C x4i 3jJf11?T  _ 6ID X "p 00`p p BP7i?p Dnavigateur web  p C xD;i 3jJf11?M0 ;TGC |B p Tf5GrH?PS  7 |B p Tf5GrH?PSN  b2 %p  :mжmжBCENG4HsI`TJ#5Qd& Ԕ? 5x5x`T#55x`T#5{ U  D !p 6"i  @ ,$0 zToutes les redirections sont transparentes pour l utilisateur>> &p B\Bi?@0 0  A application   'p <Fi:d<,$ 0 X"Dans la pratique& H p 0޽h ?p p p p ppp%p ̙33ZR___PPT102.+AD' = @B DU' = @BA?%,( < +O%,( < +D' =%(%(D' =%(D' =A@BBBB0B%(D' =1:Bvisible*o3>+B#style.visibility<*!p%(D#' =%(D' =A@BBBB0B%(D' =1:Bvisible*o3>+B#style.visibility<*'p%(D' =+4 8?dCB1+#ppt_w/2BCB#ppt_xB*Y3>B ppt_x<*'pD' =+4 8?\CB#ppt_yBCB#ppt_yB*Y3>B ppt_y<*'p+p+0+!p ++0+'p +.    $t (  t t c $pTi0<$0  i  t BUi?p,$0 Dnavigateur web  t BYi̙?p` ,$0 A serveur CAS    t B]io N" ,$D0 ;HTTPSB t Tf5GrH?PS  7 ,$D 0B  t@ 0DԔQ  ,$D 02  t  :mжmжBCSENG4HըI`TJJQd& Ԕ? S-S-`TJ-`TJ{/ a ,$D 02  t  :mжmжBCVENGtHKLI`TJFQd& Ԕ? VV`TF`TF{ R ,$D 02 t  4mжmжB_C>[ENG HJI4Qd& Ԕ? _>[_>[4`T>[4`T{ O ,$D 0B t@ ZDԔ PQ ,$D 0B "t NGW H^̙?PS ` ,$D 0 #t < di  ,$D 0 r:formulaire d authentificationc  $t Bhi?@0 0  A application  H t 0޽h ??0 t tt ̙33 } ___PPT10] .+! D' = @B D' = @BA?%,( < +O%,( < +D' =%(%(D' =%(DA' =4@BBBB%(D' =1:Bvisible*o3>+B#style.visibility<*t%(D' =-}6B!strips(upRight)*<3<*tD{' =%(D' =%(D?' =4@BBB B%(D' =1:Bvisible*o3>+B#style.visibility<* t%(D' =-{6Bstrips(upLeft)*<3<* tD' =%(DC' =4@BBB B%(D' =1:Bvisible*o3>+B#style.visibility<* t%(D' =-6B#strips(downLeft)*<3<* tD' =%(D9' =4@BBBB%(D' =1:Bvisible*o3>+B#style.visibility<*t%(D' =-u6Bwipe(right)*<3<*tDH' =%(D' =4@BBBB%(D' =1:Bvisible*o3>+B#style.visibility<*t%(D' =+4 8?\CB#ppt_xBCB#ppt_xB*Y3>B ppt_x<*tD#' =+4 8?nCB!#ppt_y+#ppt_h/2BCB#ppt_yB*Y3>B ppt_y<*tD' =+4 8?\CB#ppt_wBCB#ppt_wB*Y3>B ppt_w<*tD' =+4 8?RCBBCB#ppt_hB*Y3>B ppt_h<*tD ' =%(D' =%(D9' =4@BBBB%(D' =1:Bvisible*o3>+B#style.visibility<* t%(D' =-u6Bwipe(right)*<3<* tDH' =%(D' =4@BBBB%(D' =1:Bvisible*o3>+B#style.visibility<*"t%(D' =+4 8?\CB#ppt_xBCB#ppt_xB*Y3>B ppt_x<*"tD#' =+4 8?nCB!#ppt_y-#ppt_h/2BCB#ppt_yB*Y3>B ppt_y<*"tD' =+4 8?\CB#ppt_wBCB#ppt_wB*Y3>B ppt_w<*"tD' =+4 8?RCBBCB#ppt_hB*Y3>B ppt_h<*"tD' =%(D' =A@BBBB0B%(D' =1:Bvisible*o3>+B#style.visibility<*t%(D' =%(D' =A@BBBB0B%(D' =1:Bvisible*o3>+B#style.visibility<*#t%(+p+0+t ++0+#t +fQ   'x (  xx x c $oi0  i  x BLpi?p Dnavigateur web  x B|ti̙?p`  A serveur CAS    x C xTxi 3jJf11?M0,$D 0 ;TGC  x B{io N"  ;HTTPSB x Tf5GrH?PS ~ B ,$D  02  x  :mжmжBCSENG4HըI`TJJQd& Ԕ? S-S-`TJ-`TJ{/ a ,$D  02  x  (mжmжB~ENGI+*Qd& Ԕ? ~K ~`T~K ~`T+*`TK ~`T+*`T{ P ,$D 02  x  :mжmжBCVENGtHKLI`TJFQd& Ԕ? VV`TF`TF{ R ,$D 02  x  4mжmжBv^CENG"H^I Qd& Ԕ? v^vv^v `Tv `T{?4,$D  0l Q  $xQ  ,$D 0`B  xB 0DԔQ  x S ~؀i 3jJf11?  :ST z 0  x 0 ,$D  0fB x 6DԔ0  x C xi 3jJf11?  :ST z 0 _ x 0 _,$D  0fB xB 6DԔ0@ @  x C xi 3jJf11?T  _ 6ID B !x@ NGW H^̙?PS? 0,$D 0 "x <Pi + ,$0 Pidentifiant mot de passec %l   @  #x @ ,$D 0N     x    `B x 0DԔP P  x C xi 3jJf11? ]   :ST  x S ~Pi 3jJf11?  @  ;TGC v %x 6Li  0 0 Il n est pas ncessaire de s tre pralablement authentifi auprs du serveur CAS pour accder une applicationqq &x Bi?@0 0  A application   'x <ti:,$ 0 \&Quelques remarques& H x 0޽h ?O@ x x x x ̙33q7i7___PPT10I7.+*oDy6' = @B D46' = @BA?%,( < +O%,( < +D' =%(%(DH' =%(D' =4@BBBB%(D' =1:Bvisible*o3>+B#style.visibility<*!x%(D' =+4 8?\CB#ppt_xBCB#ppt_xB*Y3>B ppt_x<*!xD#' =+4 8?nCB!#ppt_y+#ppt_h/2BCB#ppt_yB*Y3>B ppt_y<*!xD' =+4 8?\CB#ppt_wBCB#ppt_wB*Y3>B ppt_w<*!xD' =+4 8?RCBBCB#ppt_hB*Y3>B ppt_h<*!xD' =%(D' =A@BBBB0B%(D' =1:Bvisible*o3>+B#style.visibility<*"x%(Db ' =%(D' =%(D7' =4@BBBB%(D' =1:Bvisible*o3>+B#style.visibility<* x%(D' =-s6Bwipe(left)*<3<* xDH' =%(D' =4@BBBB%(D' =1:Bvisible*o3>+B#style.visibility<*#x%(D' =+4 8?\CB#ppt_xBCB#ppt_xB*Y3>B ppt_x<*#xD#' =+4 8?nCB!#ppt_y-#ppt_h/2BCB#ppt_yB*Y3>B ppt_y<*#xD' =+4 8?\CB#ppt_wBCB#ppt_wB*Y3>B ppt_w<*#xD' =+4 8?RCBBCB#ppt_hB*Y3>B ppt_h<*#xD#' =%(D' =A@BBBB0B%(D' =1:Bvisible*o3>+B#style.visibility<*x%(D' =+4 8?\CB#ppt_xBCB#ppt_xB*Y3>B ppt_x<*xD' =+4 8?dCB1+#ppt_h/2BCB#ppt_yB*Y3>B ppt_y<*xD' =%(D' =%(DE' =4@BBBB%(D' =1:Bvisible*o3>+B#style.visibility<* x%(D' =-6B%strips(downRight)*<3<* xD' =%(DA' =4@BBBB%(D' =1:Bvisible*o3>+B#style.visibility<*$x%(D' =-}6B!strips(upRight)*<3<*$xD' =%(DH' =%(D' =4@BBBB%(D' =1:Bvisible*o3>+B#style.visibility<*x%(D#' =+4 8?nCB!#ppt_x+#ppt_w/2BCB#ppt_xB*Y3>B ppt_x<*xD' =+4 8?\CB#ppt_yBCB#ppt_yB*Y3>B ppt_y<*xD' =+4 8?RCBBCB#ppt_wB*Y3>B ppt_w<*xD' =+4 8?\CB#ppt_hBCB#ppt_hB*Y3>B ppt_h<*xD7 ' =%(D' =%(D7' =4@BBBB%(D' =1:Bvisible*o3>+B#style.visibility<* x%(D' =-s6Bwipe(down)*<3<* xDH' =%(D' =4@BBBB%(D' =1:Bvisible*o3>+B#style.visibility<*x%(D#' =+4 8?nCB!#ppt_x-#ppt_w/2BCB#ppt_xB*Y3>B ppt_x<*xD' =+4 8?\CB#ppt_yBCB#ppt_yB*Y3>B ppt_y<*xD' =+4 8?RCBBCB#ppt_wB*Y3>B ppt_w<*xD' =+4 8?\CB#ppt_hBCB#ppt_hB*Y3>B ppt_h<*xD ' =%(D' =%(DE' =4@BBBB%(D' =1:Bvisible*o3>+B#style.visibility<* x%(D' =-6B%strips(downRight)*<3<* xD' =%(DC' =4@BBB B%(D' =1:Bvisible*o3>+B#style.visibility<*x%(D' =-6B#strips(downLeft)*<3<*xD#' =%(D' =A@BBBB0B%(D' =1:Bvisible*o3>+B#style.visibility<*'x%(D' =+4 8?dCB1+#ppt_w/2BCB#ppt_xB*Y3>B ppt_x<*'xD' =+4 8?\CB#ppt_yBCB#ppt_yB*Y3>B ppt_y<*'x++0+x ++0+"x ++0+'x +m  0|$(  |r | S i0  i r | S i i H | 0޽h ? ̙33y___PPT10Y+D=' = @B +&  @50 (  r  S i0  i   S i  <$0 i   Bi?p Dnavigateur web   B̰i̙?p` ,$0 A serveur CAS     C xi 3jJf11?M0 ;TGC   BXi? p 0  Rapplication (mandataire CAS)2   :mжmжBUChENGYHNI`TJHQd& Ԕ? hUeo(hUeo(`THUeo(`TH{ . ,$D 0,l V "  3 V " ,$D 0B   T[?GrH?PSV " ,$D 0  S ~xi 3jJf11? p  :ST l 0  40  ,$D 0lB  <DԔ0   S ~i 3jJf11? y  :ST  ! B i?P ` @ =servicel   5 ,$D 0lB  <DԔ    S ~Di 3jJf11?&)  6ID  " C xi 3jJf11?  ;PGT  . C x,i 3jJf11?P  ,$D 0 ;PGT H  0޽h ? ̙33___PPT10.+ !@D' = @B D' = @BA?%,( < +O%,( < +D' =%(%(D' =%(DA' =4@BBBB%(D' =1:Bvisible*o3>+B#style.visibility<*3%(D' =-}6B!strips(upRight)*<3<*3D' =%(D' =%(D?' =4@BBB B%(D' =1:Bvisible*o3>+B#style.visibility<*4%(D' =-{6Bstrips(upLeft)*<3<*4D' =%(D' =%(D7' =4@BBBB%(D' =1:Bvisible*o3>+B#style.visibility<*%(D' =-s6Bwipe(down)*<3<*D' =%(DE' =4@BBBB%(D' =1:Bvisible*o3>+B#style.visibility<*5%(D' =-6B%strips(downRight)*<3<*5D#' =%(D' =A@BBBB0B%(D' =1:Bvisible*o3>+B#style.visibility<*.%(D' =+4 8?dCB1+#ppt_w/2BCB#ppt_xB*Y3>B ppt_x<*.D' =+4 8?\CB#ppt_yBCB#ppt_yB*Y3>B ppt_y<*.D' =%(D' =A@BBBB0B%(D' =1:Bvisible*o3>+B#style.visibility<*%(D' =A@BBBB0B%(D' =1:Bvisible*o3>+B#style.visibility<*b%(D' =A@BBBB0B%(D' =1:Bvisible*o3>+B#style.visibility<*bz%(+p+0+ ++0+. +YG  P$,(   + B8i? p 0  Rapplication (mandataire CAS)x  c $4i0  i   B(i?p Dnavigateur web   BX̙?p`  A serveur CAS     C xo 3jJf11?M0 ;TGC |B  T[?GrH?PS V " 2   :mжmжBUChENGYHNI`TJHQd& Ԕ? hUeo(hUeo(`THUeo(`TH{ . ,$D 0  C x o 3jJf11? p  :ST   B(o?P ` @ =servicel 0  $0  ,$D 0fB   6DԔ0   C xL o 3jJf11?  ;PGT B  T)GrH?PSo ` S ,$D 0jl h   )h ,$D  0d2   4mжmжC^UENGizH|хI`TJiGQd& Ԕ?  ɛ*^Up' ɛ*^Up'`TiG*^Up'`TiG{h  B  ZGrH?PS y K   S ~o 3jJf11? p _ :PT ll ;  *;  ,$D 0B  TX}?GrH?PSE d2   4mжmжCNENGizHs}I`TJ@Qd& Ԕ? |*N|*N`T@*N`T@{; l2   mжmжBÊC^E$GxHV"I`TQd& Ԕ? *^Ê *^Ê`T`T *^Ê`T`T{ ',$D  0l p  &p ,$D  0fB  6DԔp   C xo 3jJf11?p00  :PT l   ' ,$D  0fB B 6DԔ   C xo 3jJf11?`  6ID 2   :mжmжBCyENG+HEfI`TJX%Qd& Ԕ? y/Ey/E`TX%/E`TX%{? ` ,$D  0  C xo 3jJf11?P   ;PGT w " 6o    yPGT : Proxy Granting Ticket Passeport d'un utilisateur pour une application auprs du serveur CAS Ticket opaque rejouablef0Z^0 ZccDc # S  o p<$0 o l   % ,$D 0fB  6DԔ   C xT/o 3jJf11?@   :PT  , <0oQq,$ 0 \&L authentification& H  0޽h ?_P   ̙33A)9)___PPT10).+4D(' = @B D<(' = @BA?%,( < +O%,( < +D' =%(D' =%(D?' =4@BBB B%(D' =1:Bvisible*o3>+B#style.visibility<*$%(D' =-{6Bstrips(upLeft)*<3<*$DR ' =%(D' =%(DA' =4@BBBB%(D' =1:Bvisible*o3>+B#style.visibility<* %(D' =-}6B!strips(upRight)*<3<* D' =%(DE' =4@BBBB%(D' =1:Bvisible*o3>+B#style.visibility<*%%(D' =-6B%strips(downRight)*<3<*%D' =%(D' =A@BBBB0B%(D' =1:Bvisible*o3>+B#style.visibility<*#%(D' =A@BBBB0B%(D' =1:Bvisible*o3>+B#style.visibility<*#H%(D' =A@BBBB0B%(D' =1:Bvisible*o3>+B#style.visibility<*#Hd%(D' =A@BBBB0B%(D' =1:Bvisible*o3>+B#style.visibility<*#dy%(D' =%(D' =%(D7' =4@BBBB%(D' =1:Bvisible*o3>+B#style.visibility<*)%(D' =-s6Bwipe(down)*<3<*)D' =%(D' =%(DC' =4@BBB B%(D' =1:Bvisible*o3>+B#style.visibility<*&%(D' =-6B#strips(downLeft)*<3<*&D' =%(D' =%(D?' =4@BBB B%(D' =1:Bvisible*o3>+B#style.visibility<*%(D' =-{6Bstrips(upLeft)*<3<*D' =%(DA' =4@BBBB%(D' =1:Bvisible*o3>+B#style.visibility<*'%(D' =-}6B!strips(upRight)*<3<*'Dz' =%(D' =%(D7' =4@BBBB%(D' =1:Bvisible*o3>+B#style.visibility<*%(D' =-s6Bwipe(left)*<3<*D' =%(D3' =4@BBBB%(D' =1:Bvisible*o3>+B#style.visibility<*%(D' =-o6Bwipe(up)*<3<*D' =%(D' =%(DC' =4@BBB B%(D' =1:Bvisible*o3>+B#style.visibility<**%(D' =-6B#strips(downLeft)*<3<**D#' =%(D' =A@BBBB0B%(D' =1:Bvisible*o3>+B#style.visibility<*,%(D' =+4 8?dCB0-#ppt_w/2BCB#ppt_xB*Y3>B ppt_x<*,D' =+4 8?\CB#ppt_yBCB#ppt_yB*Y3>B ppt_y<*,+p+0+# ++0+, +  `!)H :(  Hr H S 8o0  o r H S |o &z C annuaire LDAPC8 @z  H Y2 H C x?7Z<P@0  H <Ho& z Ebase de donnesCF @z  H  Q2  H C x?7Z<P@0 H <XF* z A domaine NIS  CF @z H  M 2 H C x?7Z<P@0 H <DF z Fcertificats X509CF @z H  f 2 H C x?7Z<P@0 H <8;o" z Fdomaine KerberosCF @z H  w2 H C x?7Z<P@0 H <Ro z Hdomaine Windows NTCF @z H  C}2 H C x?7Z<P@0 H <Po z d.fichiers d utilisateursCX2 "H 0 P p" #H HZHQIԔPS  p" $H HZH]UIԔPS  p" %H HZHIԔPS  p" &H@ HZHIԔPS p" 'H@ HZHDIԔPS p" (H@ HZHeIԔPS  p" )H@ HZHbIԔPS   H B\o̙?@ 0 0 ,$0 A serveur CAS   H H 0޽h ?"HH#H"HH$H"H H%H "HH&H "HH'H "HH(H "HH)H ̙33___PPT10i.9d+D=' = @B +}  pP$(  Pr P S do0  o r P S deo o H P 0޽h ? ̙33___PPT10i.+D=' = @B +  0(  x  c $lo0  o x  c $hmo o H  0޽h ? ̙33___PPT10i.+D=' = @B +}  X$(  Xr X S yo0  o r X S |zo o H X 0޽h ? ̙33___PPT10i.9+D=' = @B +%/  UM'-0 )(  z `     ,$D 0  <o̙`  Wpam_casfB  6D`  r  S o0  o r  S o@ o F `       <o̙`  Xpam_pwdb  fB  6D`    6Hop Iapplication cliente   <Ho̙p  Xpam_ldap  F  @   P 0 2   C x?7Z<P@ 0   <`o   C Annuaire LDAPCj  BGH8IԔ P XB  0DԔ    <o = flogin/passwordC   <4os   flogin/passwordC F t@  @  2  C x?7Z<P@ 0  <ot  c /etc/passwd  CXB @ 0DԔ  ! j  BGeHIeԔ d@   <3oS0!  flogin/passwordC XB  0DԔ  ! 6,o,$D 0 Iapplication cliente  $ B̵o̙?  ,$D 0 A serveur CAS   Hl  H  - H ,$D 0`B   0DԔ @ @  % BGH}IԔE H ,$D 0 & Bo/ @  <ticketC dB ) <Dpp  < +Fp Iapplication serveurXB  0DԔ d  <G HTQI Ԕ8 l  @  , @ ,$D 0B  0DԔ  @ ,$D 0 # BoN =,$D0 B login/ticket  C  " HG$HI$Ԕ 8,$D 0H  0޽h ?_  "% ̙33xp___PPT10P+;@SD' = @B D' = @BA?%,( < +O%,( < +D' =%(DH' =%(D' =4@BBBB%(D' =1:Bvisible*o3>+B#style.visibility<*%(D' =+4 8?\CB#ppt_xBCB#ppt_xB*Y3>B ppt_x<*D#' =+4 8?nCB!#ppt_y-#ppt_h/2BCB#ppt_yB*Y3>B ppt_y<*D' =+4 8?\CB#ppt_wBCB#ppt_wB*Y3>B ppt_w<*D' =+4 8?RCBBCB#ppt_hB*Y3>B ppt_h<*D' =%(D' =%(D' =A@BBBB0B%(D' =1:Bvisible*o3>+B#style.visibility<*!%(D' =+4 8?RCBBCB#ppt_wB*Y3>B ppt_w<*!D' =+4 8?RCBBCB#ppt_hB*Y3>B ppt_h<*!D' =%(DC' =4@BBB B%(D' =1:Bvisible*o3>+B#style.visibility<*,%(D' =-6B#strips(downLeft)*<3<*,D' =%(D' =%(D' =A@BBBB0B%(D' =1:Bvisible*o3>+B#style.visibility<*$%(D' =+4 8?RCBBCB#ppt_wB*Y3>B ppt_w<*$D' =+4 8?RCBBCB#ppt_hB*Y3>B ppt_h<*$D' =%(DE' =4@BBBB%(D' =1:Bvisible*o3>+B#style.visibility<*-%(D' =-6B%strips(downRight)*<3<*-+p+0+! ++0+$ +m  $(  r  S To0  o r  S o o H  0޽h ? ̙33y___PPT10Y+D=' = @B +  &((  F `   p    <o̙`  Wpam_casfB  6D`  x  c $o0  o F `   F p   <o̙`  Xpam_pwdb  fB   6D`    6ToPp X"client de messagerie traditionnel##   <o̙0 F  Xpam_ldap    <lo0  B serveur IMAP  d  <G HzI Ԕ F  @   0 2  C x?7Z<P@ 0  <o   C Annuaire LDAPCj  BGH\hIԔ  XB  0DԔ  XB  0DԔ   <qP  hlogin / passwordC   <q3   hlogin / passwordC F t@   2  C x?7Z<P@ 0  < qt  c /etc/passwd  CXB @ 0DԔ  j  BGeHD IeԔ d   <q =  hlogin / passwordC XB  0DԔ XB  0DԔ XB  0DԔ    6q!  y!webmail CAS-ifi (mandataire CAS)"" j  BG>mH@0I>mԔx ! ! <q } @ login / PT  C  " Bo̙? p,$0 A serveur CAS   d # <GHRIԔ H  $ <qS `O  8PTC  & B"q?  Dnavigateur web d" '@ <ZHIpԔ ( <"q^  8STC H  0޽h ?o    "#&' ̙33y___PPT10Y+D=' = @B +m  $(  r  S ,q0  q r  S -q q H  0޽h ? ̙33y___PPT10Y+D=' = @B +{  'I0 V(  F `    `   <2q̙`  Wpam_casfB  6D`  F `   9`   <T8q̙`  Xpam_pwdb  fB   6D`    <@!(  F `   P `   <\{q̙`  Wpam_casfB  6D`  F `   | ` P   <Dq̙`  Xpam_pwdb  fB  6D`    <q̙ ` |  Xpam_ldap  ^B  6D `   6Xq`  Tsasl^B  6D` x  c $̉q0  q   60qP X"client de messagerie traditionnel##   <tq`  c Cyrus imapd  d  <GۜH{_IۜԔF `$  $`2  C x?7Z<P${  <\q`r C Annuaire LDAPCj"  BGH+I7Ԕ$ $XB  0DԔ0 0   <q hlogin / passwordC   <q0 y  hlogin / passwordC F @   2  C x?7Z<P@ 0  <ܡq   c /etc/passwd  CXB @ 0DԔ  j"  BZGHI1Ԕ zXB  0DԔ @ `   6\q P wwebmail CAS-ifi (IMP + phpCAS)   j  BG4&HI4&Ԕ@   <Lq@ I  @ login / PT  C   B+B#style.visibility<*:%(D#' =+4 8?nCB!#ppt_x-#ppt_w/2BCB#ppt_xB*Y3>B ppt_x<*:D' =+4 8?\CB#ppt_yBCB#ppt_yB*Y3>B ppt_y<*:D' =+4 8?RCBBCB#ppt_wB*Y3>B ppt_w<*:D' =+4 8?\CB#ppt_hBCB#ppt_hB*Y3>B ppt_h<*:D' =%(D' =A@BBBB0B%(D' =1:Bvisible*o3>+B#style.visibility<*3%(D' =4@BBBB%(D' =1:Bvisible*o3>+B#style.visibility<*;%(D#' =+4 8?nCB!#ppt_x-#ppt_w/2BCB#ppt_xB*Y3>B ppt_x<*;D' =+4 8?\CB#ppt_yBCB#ppt_yB*Y3>B ppt_y<*;D' =+4 8?RCBBCB#ppt_wB*Y3>B ppt_w<*;D' =+4 8?\CB#ppt_hBCB#ppt_hB*Y3>B ppt_h<*;D' =%(D' =A@BBBB0B%(D' =1:Bvisible*o3>+B#style.visibility<*.%(D' =4@BBBB%(D' =1:Bvisible*o3>+B#style.visibility<*<%(D#' =+4 8?nCB!#ppt_x-#ppt_w/2BCB#ppt_xB*Y3>B ppt_x<*<D' =+4 8?\CB#ppt_yBCB#ppt_yB*Y3>B ppt_y<*<D' =+4 8?RCBBCB#ppt_wB*Y3>B ppt_w<*<D' =+4 8?\CB#ppt_hBCB#ppt_hB*Y3>B ppt_h<*<D' =%(D' =A@BBBB0B%(D' =1:Bvisible*o3>+B#style.visibility<*8%(DR' =%(D' =%(D' =4@BBBB%(D' =1:Bvisible*o3>+B#style.visibility<*=%(D' =+4 8?RCBBCB#ppt_wB*Y3>B ppt_w<*=D' =+4 8?RCBBCB#ppt_hB*Y3>B ppt_h<*=D' =%(DH' =%(D' =4@BBBB%(D' =1:Bvisible*o3>+B#style.visibility<*,%(D#' =+4 8?nCB!#ppt_x-#ppt_w/2BCB#ppt_xB*Y3>B ppt_x<*,D' =+4 8?\CB#ppt_yBCB#ppt_yB*Y3>B ppt_y<*,D' =+4 8?RCBBCB#ppt_wB*Y3>B ppt_w<*,D' =+4 8?\CB#ppt_hBCB#ppt_hB*Y3>B ppt_h<*,D' =%(DH' =%(D' =4@BBBB%(D' =1:Bvisible*o3>+B#style.visibility<*+%(D#' =+4 8?nCB!#ppt_x+#ppt_w/2BCB#ppt_xB*Y3>B ppt_x<*+D' =+4 8?\CB#ppt_yBCB#ppt_yB*Y3>B ppt_y<*+D' =+4 8?RCBBCB#ppt_wB*Y3>B ppt_w<*+D' =+4 8?\CB#ppt_hBCB#ppt_hB*Y3>B ppt_h<*+++0+. ++0+3 ++0+8 +  0(  x  c $tq0  q x  c $0q q H  0޽h ? ̙33___PPT10i.aE+D=' = @B +}  d$(  dr d S 8q0  q r d S q q H d 0޽h ? ̙33___PPT10i.&q+D=' = @B +   *F$ (  r  S tq0  q L  c ${^{8 Pp ;`j@ @p ppl  <?@p  S NA$ logo-sympa-150x49Sympa@@r !0 $ <qP$,$D0 Vcru.frC8 ` p 6l  <? ` p  j W?Cyrus IMAPArial{S   & Wf?Computing servicesTimes New RomanT % <qP,$D0 ? nancy2.fr  C+8    8P @   0  0 l  <?   0  S JAhorde-colorHorde.org 2 !0  V W?IMPArial : & <q  ,$D0 ? nancy2.fr  C8 0 ` s0  7` S0@    0 `0 l   <?      E A$uportal-headuPortal by JA-SIG K  !0 ' <q ` s4 ,$D0 ? nancy2.fr  CR ( s *888 p   9` r 0 B߿? p   2 \ W?CASArial t  . BA ?? `   4 <q0  ,$D0 ? nancy2.fr  C " Ht?  !0 Dnavigateur web  5 B$t Ts,$D0 Xjres.org  CXB < 0DԔ@@XB = 0DԔ`  P XB > 0DԔp` XB ? 0DԔ  XB @ 0DԔ0XB A 0DԔ0` dB B <DԔp0 dB C@ <DԔ pdB D <DԔp  dB E <DԔ @ H  0޽h ? ̙33___PPT10+Do' = @B D*' = @BA?%,( < +O%,( < +Da' =%(%(D' =%(D' =A@BBBB0B%(D' =1:Bvisible*o3>+B#style.visibility<*5%(+8+0+5 +m  0$(  r  S pt0  t r  S ,t t H  0޽h ? ̙33y___PPT10Y+D=' = @B +t0 P(  X  C    N  S 6N 0  N Cette prsentation est le fruit du groupe de travail qui traite du Single Sign-On et des autorisations au sein du projet ESUP-Portail (ce groupe associe des dveloppeurs des universits de Nancy 1, Nancy 2, Rennes 1, Toulouse 3 et Valenciennes). Le single Sign-On, dont on a dj largement parl au cours de ces JRES (prsentation des ENT + Olivier Salaun), a t une des premires proccupations du projet ESUP-Portail. Il y a environ un an, le projet a valu les solutions de Single Sign-On existantes dans le monde libre. L objectif de cette prsentation est de vous faire comprendre ce qu est CAS (comment il marche). Si nous y russissons, vous comprendrez alors certainement pourquoi CAS a t choisi comme le SSO du projet ESUP-Portail. J+ A5Y4 C H  0޽h ? 3380___PPT10.`Q NxMlE~ٛ%-c PPK(ꡇ"Θ EC \ƥHVK #rBjs/"q"+qvfaѳw׻ۙ}6{g@DKרPcoqhg2$f2)"6fMfhs ,ڙO9Σ]@ ڳhЪhϣ]B{Es咣-,1~ogQW0RyWvWKmAp?}ϊ9|bezܓW0ñgOX!o+]w0akrY>r{~s8xHwf9~'ƃw6͵VVzVsZ?ƫmå~<4_`;-qoxhRb :Ea"-5n8`vVBۃWo s^g1))r:rFnKRơi)%sg<ʥiaYDn-M:*!-ֹx{3yjǎ`Cy+ CwY[#$so^"Ma͒?I -izY*KEv Yp8~vnNV uu`RrydA\: ! dŮ¯| +ht'>9J|`p>zB-6tjPlAc ^@ш ʕk$G"%(+7/)~ Z@Q9IrDMYd0d0N( ǢQ} [BbBI odII[I* gĕsb OΨ^ >&-3x22Z3314+6+4=9;-p;;-=+>=-8a%_q6?99#g<\E޻ Y'/+NTIVWo\cr,tX. 0zH CBV[P+Q0 Pv[Yl(pq^ 0@N=]2_4 PC3AOh+'0Q `h    (0ESingle Sign-On open source avec CAS (Central Authentication Service)nadmin Stoto S53oMicrosoft PowerPointour@@F1@CU[GPg  R('& &&#TNPP2OMi & TNPP &&TNPP     'A x(xKʦ """)))UUUMMMBBB999|PP3f3333f333ff3fffff3f3f̙f3333f3333333333f3333333f3f33ff3f3f3f3333f3333333f3̙33333f333ff3ffffff3f33f3ff3f3f3ffff3fffffffff3fffffff3f̙ffff3ff333f3ff33fff33f3ff̙3f3f3333f333ff3fffff̙̙3̙f̙̙̙3f̙3f3f3333f333ff3fffff3f3f̙3ffffffffff!___www𼼼𼼼𼼼𼼼𼼼𼼼𼼼𼼼𼼼𼼼𼼼𼼼𼼼𼼼𼼼𼼼𼼼𼼼𼼼𼼼𼼼𼼼𼼼𼼼𼼼𼼼𼼼𼼼𼼼𼼼𼼼𼼼𼼼𼼼𼼼𼼼𼼼𼼼𼼼𼼼뒒mm쒓mrmrsmݻ׻ݵݼݼݻݼmsnnssmmn mnmF E⦋ⴵutotomrn쒍 ޴ouootunn왼F ݮooooÔomssF ݊񋵋ooýoýtn ݑⵋ ݴ⒙F“F o¼üs񓒼𼼼񼼼񼼼񼼼񼼼񼼼񼼼񼼼񼼼񼼼񼼼񼼼񼼼񼼼񼼼񼼼񼼼--&TNPP &՜.+,D՜.+,     Affichage l'cranIFSICag} $Times New RomanArial Courier NewModle par dfaut!Photo Microsoft Photo Editor 3.0ESingle Sign-On open source avec CAS (Central Authentication Service)SSO open source avec CASPourquoi le Single Sign-On ?Pourquoi le Single Sign-On ?Principes du SSO web%Le choix de CAS par ESUP-Portail (1)%Le choix de CAS par ESUP-Portail (2)Le choix de CAS'1re authentification dun utilisateur'1re authentification dun utilisateur1Accs une application (aprs authentification)1Accs une application (aprs authentification)1Accs une application (avant authentification)1Accs une application (avant authentification) RemarquesFonctionnement n-tiersFonctionnement n-tiersLauthentification sous CAS$CAS-ification dune application web$CAS-ification dune application web(CAS-ification dune application non WEBLe module pam_cas CAS-ification dun serveur IMAP CAS-ification dun serveur IMAP%La problmatique particulire dIMAP%La problmatique particulire dIMAP%La problmatique particulire dIMAP%La problmatique particulire dIMAPCAS aujourdhui et demainDmonstration rapide Liens utiles Polices utilisesModle de conceptionServeurs OLE incorporsTitres des diapositives 8@ _PID_HLINKSA6http://www.sympa.org/5http://mis105.mis.udel.edu/ja-sig/uportal/index.htmlhttp://www.horde.org/http://ent.univ-nancy2.fr/http://www.yale.edu/tp/cas/&http://tp.its.yale.edu/pipermail/cas/:http://www.esup-portail.org/consortium/espace/SSO_1B/cas/6http://www.esup-portail.org/consortium/espace/SSO_1B//http://list.unm.edu/archives/jasig-portal.html_DNtotototo  !"#$%&'()*+,-./0123456789:;<=?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~      !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~      !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`bcdefghijklmnopqrstuvwxyz{|}~Root EntrydO)Pictures{Current UserSummaryInformation(aRPowerPoint Document(>8DDocumentSummaryInformation8