Martin, Yes, I think your diagram shows it well.
What I would eventually like is to have the OAuth network protected by a CAS server. The CAS server can be configured to provide Authentication itself as is the default or, as in this case, delegate authentication to another CAS server, using it's UI etc. What configuration is required to do the delegation in this case? I have added the cas-server-support-pac4j-webflow dependency and set the cas.server.authn.pac4j.cas.loginUrl and protocol. What else, if anything is required? I currently get the redirect but on successful authentication, the redirect back to my CAS server fails. I am not in the office at the moment, but will post the issue when I return.... Cheers! On Monday, 24 October 2016 13:30:11 UTC+1, Martin Bohun wrote: > > Hi Lewis, > > This is just a confirmation question, are you trying to delegate/forward > auth request from one cas server to another cas server? > As shown in the following diagram (right-bottom corner): > > > <https://raw.githubusercontent.com/mbohun/mbohun_graph-experiments/master/jasig-cas-upgrade/ala-cas-upgrade-01.png> > > > > https://github.com/mbohun/mbohun_graph-experiments/blob/master/jasig-cas-upgrade/ala-cas-upgrade-01.png > > Well, if yes, then the answer is (too) *yes* I did test that setup and it > works fine. > > cheers, > > martin > > On Sunday, October 23, 2016 at 5:55:52 AM UTC+11, Lewis Henderson wrote: >> >> All, >> >> I have a requirement to 'chain' two CAS servers. >> >> My issue is that I am integrating with a third party that use a CAS >> server that I have no control over. >> >> I would like to use CAS as the security server into an OAuth2 >> micro-service network (CAS as OAuth2 Server) but redirect login to the 3rd >> Party CAS server. >> >> I have looked through the code and it seems as though if I manage to get >> it configured, it will show my login screen but with a link to the >> configured delegate server. >> >> Two questions :- >> >> >> 1. How do I configure this on my CAS server? >> 2. If there is only one provider, would it be possible to redirect >> there directly, showing their login screen without the need to show mine? >> The reason for this is that theirs is branded with their logos etc... >> >> >> Cheers >> >> >> -- - CAS gitter chatroom: https://gitter.im/apereo/cas - CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html - CAS documentation website: https://apereo.github.io/cas - CAS project website: https://github.com/apereo/cas --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/dee902bc-41a5-443d-9246-36327ae7015a%40apereo.org.
