Hi all, I'm using CAS server 3.3., cas client 3.1.3 with spring security 2.0.4. I have several applications which all use single sign on / out.
Once a user has logged in I'm displaying their name in the page header across all applications. I'm using Cas controlled authentication and spring security role based authorisation. I also use the spring authentication tag to get the users name to display in the header, this relies on the spring security context object having been created in the applications session. This is where my problem is some pages that are not protected by cas and so when a user logs into one application via CAS i retrieve their name and display it on the page header however when a user then goes to a page not protected by cas in another application the spring security context object doenst exist in their session therefore the spring authentication tag assumes the user is not logged in. So is there a way I can ask CAS if a user is authenticated using the TGT cookie without asking for a login if not? Thanks Phil -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
