Recently, Mark Stanislav gave a talk on holistic authentication security for companies who have implemented two-factor authentication. He developed a scoring system, MASSACRE, which quantifies the presence of several different security features on a web site; cookie flags, response headers, etc.. This inspired me to see if I could get our Jasig CAS server with Duo 2FA to the top of the charts. As you might know, CAS runs on Apache Tomcat, which leaves a system administrator little room for configuration of these features. Enter HAProxy. Continue reading Raise your MASSACRE Score with HAProxy
Tag Archives: haproxy
Using HAProxy with CAS
We recently had trouble replacing an older CAS server with a new system. The new server would not forward to the requested service after authenticating and the service could not verify the service ticket. We decided to use HAProxy for the front-end so we could switch back-end services seamlessly. Continue reading Using HAProxy with CAS