Yeah, it definitely seems like something isn't working correctly there... Out of curiosity, what are the URLs that you're trying to access? (You can scrub out the domain names, all I care about is the paths.)
Something like: CAS url is https://app.server.com/cas/login Protected application is https://app.server.com/mywebapp/secured/path/to.jsp Safe application is https://app.server.com/publicapp/path/to.jsp And then, when you visit those pages, what URL is displayed? Does it redirect you to something like https://app.server.com/cas/login?service=https%3A%2F%2app.server.com%2Fmywebapp%2Fsecured%2Fpath%2Fto.jsp ? Or does it take you somewhere else? Chris >>> William <[email protected]> 02/08/16 12:00 PM >>> Chris, That was my thought too, and I really should not have to do anything. I should be able to just get the Maven overlay and build it. I would then need to register applications with CAS that need SSO and add the CAS client filter to my protected applications. If I deploy an application without telling it anything about CAS, then it should not prompt for SSO credentials. With that said, if I get the Maven overlay: https://github.com/Jasig/cas-overlay-template and then build it with "mvnw clean package" and copy cas.war from the target folder into the webapps of Apache Tomcat and then start Tomcat. If I try to access my application that is not protected then I still get the CAS login page. It seems I would need to change something in web.xml or securityContext.xml because "/*" is being protected by CAS/Spring Security. There is something here I am not doing correctly. Regards. -- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
