Hi All,
I'm using CAS+SPNEGO to implement one SSO system in the domain foo.bar.com.
I create one SPN http/[email protected] and it works fine when
we use http://myserver.foo.bar.com to visit. But this server also has another
domain name server.bar.com and it can be visted in the internet. In the
intranet, server.bar.com and myserver.foo.bar.com are both pointed to one
server, but when using http://server.bar.com, the spn in KRB5 package is
http://server.bar.com instead of my created one and of course it is not
existed, so the login page will be shown. I searched this problem and find it
maybe one cross-realm authentication scenario, but I have no clue how to solve
it. Can anyone give me some help on the configuration? I want the user who has
logined to the domain foo.bar.com still can automatically login to this system
with http://server.bar.com.
btw, The domain server is windows 2000. Thanks.
Regards,
Benjamin
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
