Hello, We are using CAS 4.1.9 overlay for AuthN in our enterprise. Two Apps. have the same user Id such as: XYZ, but they maybe two different persons.
We want to achieve a partial SSO, in other words, user login to app. A may be able to SSO to app B, but not to app C (because app C and app A have user id collision). We want CAS to be able to detect that, i.e.., authenticated users from one theme cannot SSO to apps. on another theme. It seems that I would override CentralAuthenticationServiceImpl's validateServiceTicket() to do that. Not sure that is best, since that is at the heart of CAS logic. Ideas? Thx! Yan -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/b2958500-6d45-48e1-92a9-088e996f7a18%40apereo.org.