Basic/Digest Authentication
Scott Battaglia
scott.battaglia at gmail.com
Mon Feb 5 15:58:48 EST 2007
Yes, it is possible. The easiest way is to turn on the container's support
for BASIC/Digest authentication (which I believe would place the username in
the REMOTE_USER header) and then utilize our "trusted" authentication to
retrieve the username from the request.getRemoteUser. Another method would
be to customize the workflow to retrieve the headers if they exist (and
fallback to another form of authentication if they don't).
-Scott
On 2/2/07, Luca Cinquini <luca at ucar.edu> wrote:
>
> Hi,
> I spent some time looking for an answer to this but haven't found
> a
> definite solution:
> is there a way to enable direct client access to CAS via Basic or
> Digest authentication (possibly over SSL) ? In other words, if a
> client makes an HTTP(S) request to the CAS login page with the
> appropriate username/password supplied in the headers, the CAS server
> should immediately reply with the CAS ticket without displaying the
> CAS login page. Is there already support for this kind of behavior ?
> thanks a lot,
> Luca
> _______________________________________________
> Yale CAS mailing list
> cas at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas/attachments/20070205/9067d71b/attachment.html
More information about the cas
mailing list