Hi all, Mavin said: "I will assume services A and B are Java applications and you're using the latest Jasig Java CAS client, 3.1.6. "
They are php applications and I'm using the last version of CAS Server. So... Could I configure CAS Server to know the services which is allowed and not allowed? Create a mapping of the services that he has to authenticate? For example: Group A - www.serverA.com - www.subServiceAA.com - www.subServiceAB.com Group B - www.serverB.com - www.subServiceBA.com - www.subServiceBB.com In other words, just allow these two groups. And if I logged in on Group A, I don't allowed user sso to log in on Group B. Thanks in advance, Murilo On Mon, Jun 1, 2009 at 8:58 AM, Murilo Foltran <[email protected]>wrote: > Thanks Marvin, > > I'm trying to configure my files. I let you know when I have this solution > working. > > > Cheers, > > Murilo > > > On Fri, May 29, 2009 at 12:26 PM, Marvin Addison <[email protected] > > wrote: > >> > I want to separate the sso between these servers. A user logged in on >> > ServerA, can't login on ServerB and vice-versa, the user from ServerA is >> > allowed to access only the ServerA and it subservices. >> >> I will assume services A and B are Java applications and you're using >> the latest Jasig Java CAS client, 3.1.6. If you just want to force >> reauthentication between services A and B, you could set the renew >> flag on both the AuthenticationFilter and >> Cas20ProxyReceivingTicketValidationFilter filters in the web.xml for >> both services. See >> >> http://www.ja-sig.org/wiki/display/CASC/Configuring+the+JA-SIG+CAS+Client+for+Java+in+the+web.xml >> for more information. >> >> If the subservices are truly subservices (different >> host/container/application), you'd probably need to set them up for >> CAS proxy authentication to enable SSO for the subservices, but not >> the subservices of another service. >> >> You should not have to modify the CAS server or clients to achieve a >> workable solution in any case. >> >> Regards, >> M >> >> -- >> You are currently subscribed to [email protected] as: >> [email protected] >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/display/JSG/cas-user >> > > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
