The only requirement is that the CAS server needs to be accessed over HTTPS for SSO to work. The clients, however insecure it is not to, are not required to use HTTPS to be in the CAS SSO session.
Cheers, Scott On Thu, Jun 17, 2010 at 9:35 AM, Marvin Addison <[email protected]>wrote: > > Basically everything works fine. But the old Java applications and the > new Webapps don't share a CAS session. I have to log in twice to get access > to all applications. One time for the webapps und one time for the old apps. > > A common cause of this is some applications are not accessible via > HTTPS. CAS SSO works exclusively over SSL, so if some of your > applications are not running over HTTPS they won't be part of the SSO > session. > > M > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
