Thank you Scott, I understand what you mean when you say :"applications (would) NEVER see the password". I think it's very important too and it can't be anything else. But in our case, we don't know how to avoid it : In fact, we have a portal that want to deal with our central authentification. The way we want to use CAS is with a login form in an iframe (that it doesn't matter here). The problem is : this portal is behind firewalls : Only HTTPS is authorised to throw. LDAPS is forbidden. It's why we search a way to achieve that : a user on Internet go to the portal, can login to our CAS which is on Intranet. We can't put CAS in the DMZ for the moment : it's too complex to declare all flows for all applications. Have you an idea to keep CAS central in the Intranet and to allow user to log in with the Internet portal also on CAS but indirectly (maybe) ?
Yoann -- View this message in context: http://n4.nabble.com/Using-CAS-without-the-CAS-login-screen-tp253698p1752759.html Sent from the CAS Developers mailing list archive at Nabble.com. -- You are currently subscribed to cas-dev@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev
