> I have successfully implemented > Spring security and CAS for a web application. Now I want to use the > same approach for another app but I need to authenticate again for the > second app, not really SSO at all!
I see you're using plain http URLs in your environment. SSO is only available over a secure transport since the CAS TGC cookie that identifies authenticated state has the "secure" flag set. Change your URLs to https and it will work as expected. M -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
