"Does CAS do full-fledged-SSO?
Where full-fledged-SSO is defined as 'authenticating in one app makes it unnecessary
to authenticate in other apps'."
Yes.
Authenticating via CAS to one application makes it unnecessary for the
end user to experience the tedious and inconvenient aspects of
authenticating to access another application. The second application,
when it redirects the user to CAS for authentication, will by default
enjoy an immediate redirect back with a token to authenticate the user.
CAS offers an option for applications to opt out of the single sign on
feature while still using CAS for authentication. That is, an
application can insist that an end user present primary credentials to
CAS for the purpose of authenticating to that application, opting out of
CAS accepting a single sign on session token (evidence of having
recently presented credentials to CAS) as a basis for issuing a service
ticket for the user to authenticate to the application.
Andrew
Bruno wrote:
Besides ensuring that applications rely on the same username and password, does
CAS do full-fledged-SSO?
Where full-fledged-SSO is defined as 'authenticating in one app makes it
unnecessary to authenticate in other apps'.
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
