Please try a newer version of the phpcas client. Please try 1.1.3 or the brand new 1.2.0 release [1]. The 1.1.0 version has a few bugs and security holes. As far as the behaviour goes you probably want to use the "gateway" feature with the phpCAS::checkAuthentication() [1] function. This feature is intended for as an autologin on a portal page for example. During this check the client checks with the CAS server and silently logs in authenticated users while anonymous users never see any login page. I think you are missunderstanding the cas concept. No information cookie or something similar is passed between different services. Every service has to check with the CAS server if you have a valid session global login session.
Best Regards, Joachim [1]http://downloads.jasig.org/cas-clients/php/ [2]http://downloads.jasig.org/cas-clients/php/current/docs/api/group__publicAuth.html#ga21fd1c2665d2e21c03e6a6dd1860cf4d Am 10.12.2010 09:23, schrieb 橡树: > Hi, > I encounter a problem, and wait for your advice. > > There are two sites which were all successfully configured with phpCAS > 1.1.0. > > In the homepage of the site A, there are two links: > 1. <a href="http://localhost/sitea/index.php/main/login";>Login A</a> > 2.<a href="http://localhost/siteb";>Go to B</a> > > In the same way, there are two links in the homepage of the site B. They > are: > 1. <a href="http://localhost/siteb/index.php/main/login";>Login B</a> > 2.<a href="http://localhost/sitea";>Go to A</a> > > When I click the link "Login A" in the homepage of the site A, I was > redirected to the CAS server. After user authentication, I come back to > the homepage of the site A as a logged in user. Then I click the link > "Go to B" in the homepage of the site A, I come to the homepage of the > site B. But now I'm not a logged in user of the site B. Why? I hope I > can log in the site B automatically because I have passed the user > authentication when I logged in the site A. > Then I click the link "Login B" in the homepage of the site B, I logged > in the site B without user authentication this time. > Is my understanding wrong, or are there any configuration errors? Any > help would be most appreciated. > > Regards, > Blue > > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
