CASTGC Cookie & NetID
Scott Battaglia
scott.battaglia at gmail.com
Fri Sep 22 07:45:55 EDT 2006
As Velpi pointed out, CAS has a "gateway" feature. What "gateway" does is
when you are redirected to CAS, CAS will generate a service ticket IF a SSO
session exists, but it will not create an SSO session. So what happens in
that scenario is that if there is an SSO session, the client application
will receive an ST, otherwise it will not. But the user will never be
prompted to provide a username/password. So your application can detect an
authenticated user that way.
The link has a more detailed explanation.
-Scott
On 9/22/06, Velpi <velpi at industria.be> wrote:
>
> > After successfully authenticating, is it possible to obtain the netId
> from the CASTGC cookie on subsequent requests? Otherwise would it be
> possible to modify the CAS login process to drop the netId into a cookie. I
> have a 3rd party application that needs to know if a user is authenticated
> and how that user is, but doesn't have any secure resources. It will
> basically display different data depending on the users status.
>
> Might this be something that you're looking for?
> http://www.ja-sig.org/products/cas/client/gateway/index.html
>
> -- Velpi
> _______________________________________________
> Yale CAS mailing list
> cas at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas/attachments/20060922/ce05e0bd/attachment.html
More information about the cas
mailing list