If you're trying to access a secured remote service on behalf of a user, you should be passing a proxy ticket to that service. If the service can then create a session, you only need to do it once. Otherwise you'd need a proxy ticket per request.
Cheers, Scott On Mon, Jan 25, 2010 at 10:48 AM, Bertrand Tignon <[email protected]> wrote: > Hi, > > I am trying to set up CAS within our architecture, and we are going through > several issues. > > Here's what we are trying to set up : > > http://somwhere.com/ is our IIS where we have our html pages > > some of the html pages need some dynamic content, so they call the > following application server : > > http://webappserver.com:8080/webapp/ > > this webapp is Casified. The web.xml has a gateway filter (/*), a > authentication filter (/signin), a validation filter (/*), and a wrapper > filter (/*). > > so this webapp talks to the CAS server which is : > > https://securecas:8443/cas > > > First, does it make sense ? > > If no, please tell me. If yes : > > Our html pages load the dynamic content, with an ajax call (jquery load). > The problem is that when we load the content, it gives back a 302 error. > > When I take off the gateway filter, it works fine, no 302 error. but then, > my header (which says :register/signin or Welcome/signout) never knows when > a user is connected, and always shows register/signin. > > When I keep the gateway only for the header, and user iframe instead of > ajax to load the header. it works, but when the user refreshes the page the > header keeps being different. It is really really wierd. It's almost every > other time. > > > I am thinking, am I in a case where I should use proxy settings to avoid > 302 errors ? If yes, I have no idea how to configure proxy settings and I > can't find good documentation and example online. Any help appreciated. > > > Or if I don;t have to use proxy settings, what should I do to make my sso > work ? > > > Thank you very much for your help! > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
