CAS: N-Tier SSO Solution
Scott Battaglia
scott.battaglia at gmail.com
Wed Mar 5 09:35:04 EST 2008
Are you running CAS over HTTPS? CAS will only send back its
TicketGrantingTicket Cookie over HTTPS.
-Scott
On Wed, Mar 5, 2008 at 12:39 AM, Swanand Pagnis <swanand.pagnis at gmail.com>
wrote:
> Hi,
>
> I am facing a peculiar problem here, which many of you might have solved
> in the past.
> I beg your pardon for being a little verbose.
>
> Situation:
> 1. I have deployed CAS Server 3.2 on a server.
> 2. I have some n other servers which host k different applications, most
> of them in PHP.
> 3. I have casified the apps, by copying the respective phpCAS libraries on
> the server and making the app understand data set by CAS php files.
> 4. Lets say i have A1, A2 and A3 apps on server A, abd B1, B2, B3 on
> server B ( A and B are both apache httpd)
> 5. When I try to access A1 for the first time, I am redirected to CAS
> login, where I log in, and I a m sent back to A1, where I am logged in.
> 6. From the same client when I try to log onto A2, casPHP lib see that I
> have logged in, and I am directly granted access to A2, and subsequently A3
> as well.
> 7. Now I try to access B1 from the same client, but this time I am not
> recognized as a valid user, and i am sent back to CAS login screen, where I
> have to log in again. This creates an unnecessary extra session on CAS
> server.
>
>
> Is there a way around this?
>
> Thank you,
> Swanand
>
> --
> Attitude is decision
>
> _______________________________________________
> Yale CAS mailing list
> cas at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas
>
>
--
-Scott Battaglia
PGP Public Key Id: 0x383733AA
LinkedIn: http://www.linkedin.com/in/scottbattaglia
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas/attachments/20080305/f9d0c990/attachment.html
More information about the cas
mailing list