You've probably misconfigured the client or disabled sessions. That example Tomcat 5.5 Tomcat Manager web.xml should work fine and only go to CAS once.
-Scott On Wed, Feb 11, 2009 at 5:26 PM, Sam <[email protected]> wrote: > I have configured CAS and a single client app (configure being used rather > loosely, as I didn't configure much). What I did was setup the client app > similar to > http://www.ja-sig.org/wiki/display/CASC/web.xml+for+Tomcat+5.5+Tomcat+Manager(I > am running tomcat 5.5 as well). CAS is running on a separate server with > a valid cert (this is dev environment). I created my own password validator > that seems to be working just fine. > > I have the app running under HTTP for now and I have noticed that it sends > a request to CAS with every request to the server. It gets a new ticket to > validate and calls the CAS validation service (and succeeds without a > problem). The first request through it presents a login screen - subsequent > requests simply validate the new ticket. > > My question is this: > > Should the app be sending a request to CAS with every request it gets? This > is what seems to be happening and is very noticeable because it switches > back and forth between HTTP & HTTPS because I'm running the app under HTTP. > It seems a bit inefficient to validate the user with every request and I'm > wondering if I've misconfigured something (I'm using the CAS 3 client and > associated filters). > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
