Hello Heinz, Unforntunately, this is not possible as the URL of the casified web applications is the same for everyone, either from our internal network or from foreign offices, and we can't change it as it would mean changing all links on all workstations worldwide.
@Michael: We can't do that either, as we don't have access to browsers' configuration. ________________________________________ De : Heinz Drews [[email protected]] Date d'envoi : mercredi 29 juillet 2009 13:13 À : [email protected] Objet : Re: [cas-user] Multi-mode CAS Hello Arnaud, IE only uses the SPNEGO/NTLM handshake to servers which are in the intranet zone. You could specify a DNS name which are seen as "foreign". Regards, Heinz On Wed, Jul 29, 2009 at 11:51, Arnaud Claden<[email protected]> wrote: > Hello everyone, > > I have a little problem with my implementation of CAS. > > I have tested the Active Directory SSO with SPNEGO : it works like a charm. > I have tested the fallback to LDAP : it works like a charm. > > The problem I have is the following : > > Some workstations are in offshore offices, which means they are not connected > to the Active Directory. For them, the LDAP fallback is the solution. > However, when Internet Explorer browses to a site with SSO, it displays a > domain logon window. > This is natural as these workstations have no security option configured (and > they are not intended to have these modifications). > > Is there a way to prevent this from happening ? > > If there is none, we are implementing another CAS server for these cases (a > server only validating on LDAP), but how can I have it work right, as the web > applications are only configured for one CAS server, and not two. Is there a > way to check the browser's IP address and, depending on it, sending auth to > SPNEGO or to LDAP ? > > Thanks in advance for your answers. > > A. Claden > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
