> Sorry but i don't understand what you mean by "application entry point > for CAS is itself protected by CAS", i installed egroupware and phpCAS, > then i configured egroupware and put CAS as its authentication system, > howcome is itself protected by CAS?
It's pretty common with phpCAS to protect just the login page with CAS, so that's the application entry point I mentioned. The issue I mentioned is probably not relevant for phpCAS due to the way it works. My mental model for CAS clients is really the Java one. > My previous tests with Alfresco worked using initially http. CAS authentication works with http, but you don't get single sign-on unless you've relaxed the secure restriction of the TGC cookie on the server side. We strongly recommend you use https and not change that setting. If you can easily set up https, you might simply try that and see if the problem goes away. The other alternative is to enable logging in phpCAS and post some log excerpts. The logging might be beneficial in any case to understand the problem better. M -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
