> If you want SSO to work then your redirect to login MUST be over HTTPS. It > won't work under HTTP as that's insecure.
Just to follow up on Scott's comment, the reason you're getting the following debug output is _exactly_ because the TGC cookie containing the TGT is refusing to be sent over plaintext HTTP: > 2009-06-25 00:49:42,076 DEBUG > [org.jasig.cas.client.authentication.AuthenticationFilter] no ticket and no > assertion found I'm pretty sure once you configure everything to run over SSL, you'll get SSO working fine. M -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
