Give your app two URLs - one standard and one externally visible to the third party.
The CAS servlet that intercepts requests can then treat these two URL accesses differently. An attempted access of the first URL triggers a standard CAS challenge. An attempted access of the second URL forwards to the application which can process the accompanying token. Hope this helps. Regards, Ganesh On 9 October 2012 08:38, Hoa Lu <hoa...@gmail.com> wrote: > Hi, > > Newish to CAS. Our application uses CAS for login. We're trying to > integrate our app with a third party app. Users sign into the third party > app, and click on a link to access our app. We want to bypass the CAS > login page and programmatically log the user in and allow access to our app. > > The third party app will pass to us a session token which we validate > using their api, and retrive the user info, and then "log in" this user > into our application. We are already doing the session token validation in > a separate app, setting a "golden ticket" cookie, and forwarding to CAS. > How on CAS can I check for the existence of this "golden ticket" and > bypass login page and programmatically log this user in? > > > -- > You are currently subscribed to cas-dev@lists.jasig.org as: > g.c.pra...@gmail.com > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-dev > -- You are currently subscribed to cas-dev@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev
