> We are now looking into integrating the system with ADFS (Active Directory > Federation Services).
I'm not terribly familiar with ADFS, but it's my understanding it's Microsoft's proprietary answer to Shibboleth and federated identity management. Assuming that's correct, this will be a difficult integration if you want to avoid logging in again as you stated. The integration path with Shibboleth, in the simplest case, puts CAS in front of Shib by making CAS the authentication provider for Shib; see https://wiki.jasig.org/display/CASUM/Shibboleth-CAS+Integration for more information. I can imagine that if ADFS exposes a Web/Web service API, you could do similar, but it won't fulfill the requirement to avoid reauthentication. In short, merging SSO domains is difficult to impossible. M -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
