Hi all, So I have done some research on this group and still doesn't find other with my use case, so I am asking for your help.
Assume we have services A, B, C and D: B, C, D are normal SSO services, each one of them authenticate success, all BCD will login success. As for A, I want that even when BCD is authenticated, user still needs to authenticate once more before getting to A. At this point, theoretically all can be solved by* "renew=true"*. And the new *createSsoCookieOnRenewAuthn = false on 5.3.0* (https://github.com/apereo/cas/blob/v5.3.0-RC3/api/cas-server-core-api-configuration-model/src/main/java/org/apereo/cas/configuration/model/core/sso/SsoProperties.java) However, the tricky part is that, next time when user go back to service A , I want the user to *no need to authenticate again*. So it is basically like Service A is using another completely separated CAS server. Without actually using a separated CAS server (I don't want to make another server just for this). One more requirement would be to single logout all ABCD, but I know how to do that so no advice is needed there. Any advice would be appreciated, Thanks! -Andy -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/f1002b09-eb19-477d-a733-13a6d45bad26%40apereo.org.