I have a number of applications that rely on IIS Basic Authentication, where the username and password are stored in the webbrowser and passed to the webserver upon every request to a Basic Authentication protected page. I don't know the exact mechanism that is being used, or how the browser knows that the page uses basic authentication, but it seems to. Is there a simple way, and if so then could someone point me to some documentation on how to CASify this sort of application. When I have searched for "CAS Basic Authentication" online, I find a lot of information about using the ASP.NET client with non-ASP.NET applications.
It seems like what would have to happen would somehow in the CAS login process, a request containing the username and password would have to be sent from the web browser to a basic authentication page on the application's webserver directly after logging in. Certainly not an easy thing for me to imagine in the middle of a sign-on transaction, and seems like it would require an extra iframe or popup window or something to make the extra call to the external server. So is there a stand way to do this? It would be nice, as otherwise my users will simply have to continue to authenticate against the other application servers as I don't have the source code or any other way of cassifying them. Thanks, Aaron -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
