On Fri, 25 Mar 2011, Laura Griffel wrote:
Thanks Andy,
But I'm still a little confused. Are you saying for each application
protected by CAS, I will need to login every time? Or when you say that
'you don't see the CAS page in your browser' when the second
application bounces me through CAS, then it is *not* supposed to show me
the login page?
If you have the CASTGC cookie, and it is valid, then CAS can use the
ticket granting cookie in lieu of primary credentials on the login page.
The CAS protocol document (http://www.jasig.org/cas/protocol) explains
this in sections 2.1 and 3.6.
Andy
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
