Hi All, I have a requirement to log a user in automatically to their CAs enabled apps if they have successfully logged in to our network i.e. logged in to their desktop in the morning. Not a problem in a development environment, set up the service account in Active Directory, enable SpNego in CAS, configure winbind and kerberos on the linux box and it works like advertised.
The question is what would the expected behaviour be in an HA configuration? The only way I have been able to work is to configure the SPN in ActiveDirectory to be HTTP/<FQDN of machine hosting CAS>. If I am behind a load balancer the only constant will be the dns entry for the VIP so will an SPN of HTTP/<FQDN of vip> work? If the question is not opaque enough for you I can obfuscate further Dean -- View this message in context: http://n4.nabble.com/CAS-SPNEGO-and-a-load-balancer-tp1017861p1017861.html Sent from the CAS Users mailing list archive at Nabble.com. -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
