Hi Jeremy, The CAS feature you need is called "Gateway", as in "gateway=true". When an application sends a user to /cas/login setting request parameter "gateway=true", then CAS will always [1] immediately redirect back to the application. If the end user can be non-interactively authenticated (say, they have a valid TGT cookie such that CAS associated them with an established SSO session), fantastic, CAS redirects back with a valid "ticket=splat" parameter just as if gateway=true had been absent. However, if the end user cannot be non-interactively authenticated, CAS redirects back *without* the ticket request parameter.
Note well: this means that either 1) your application needs to establish a session with the end user, so as to detect that the user is coming back from a cas/login?gateway=true login attempt, and not redirect back to CAS making an infinite redirect loop, or 2) the service URL for your application (the value of the service parameter on your redirect to /cas/login) should not itself be configured to redirect to CAS for login, as as to avoid making an infinite redirect loop I don't have experience configuring Spring Security to take advantage of this CAS gateway=true feature. I bet it takes some care. Kind regards, Andrew On Dec 20, 2011, at 1:00 AM, Jeremy wrote: > I have 2 web apps, Site A and Site B, which both are both controlled by > Spring Security which uses CAS. User goes to a secure page on Site A and is > sent to CAS and successfully logs in and sees the secure page on Site A. > Then the user goes to Site B. They are not authenticated under Site B yet, > since they are on an non-scecure page, so it just says "Hello Anonymous". > They aren't authenticated on Site B until they try and hit a secure page > under Site B. > > How can I check to see if they are authenticated when they get to Site B? If > they are authenticated in CAS I want them to be authenticated in Site B as > well so I can show the user information. If they are not authenticated in > CAS, then I want to show links to sign up and log in. Thanks! > -- > You are currently subscribed to [email protected] as: [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
