Hi all,

I'm using CAS server 3.3., cas client 3.1.3 with spring security 2.0.4.
I have several applications which all use single sign on / out.

Once a user has logged in I'm displaying their name in the page header across 
all applications.
I'm using Cas controlled authentication and spring security role based 
authorisation. 
I also use the spring authentication tag to get the users name to display in 
the header, this relies on the spring security context object having been 
created in the applications session.

This is where my problem is some pages that are not protected by cas and so 
when a user logs into one application via CAS i retrieve their name and display 
it on the page header
however when a user then goes to a page not protected by cas in another 
application the spring security context object doenst exist in their session 
therefore the spring authentication tag assumes the user is not logged in. So 
is there a way I can ask CAS if a user is authenticated using the TGT cookie 
without asking for a login if not?

Thanks
Phil
-- 
You are currently subscribed to [email protected] as: 
[email protected]
To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user

Reply via email to