Hi, I am working on a project where I need to federate a users identity between 2 independent CAS servers, and I am exploring the idea of using the OpenID support to accomplish this. In my mind the flow would work something like this: a user is registered with an OpenID provider (to get a url) and then authenticates against CAS server 1 (which is configured to support openid). The user then gets redirected to CAS server2 that is also configured to support openid. When the user is challenged it presents a url that normalises to CAS server 1 and the user is authenticated. My questions are 1) is this flow correct, and if so how does the CAS server reconcile the url with the CAS ticket. and 2) If CAS is an openid provider why do I have to go somewhere else to get the url? I have a feeling that I am missing something here, but the documentation on the web seems a little vague. Hope somebody can help with my obvious confusion.
-- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
