Hello, first i like to explain, what is to be accomplished:
A Application is to be integrated in a sso-solution, that has its own autentication an autorisation mechanism. The application is running under apache and tomcat via jkmount. Endpoint must be the appache web server. There are three use-cases to be covered: 1. An User can be authenticated by his ADS-Account against Kerberos -> grant Access to the location and set HTTP_CAS_USER 2. An User can not be authenticated via Kerberberos -> grabt access anyway but unset HTTP_CAS_USER 3. An User can be authenticated by Kerberos but wants to login with an different account -> grant access with his credentials but unset HTTP_CAS_USER What i've found out so far: HTTP_CAS_USER is not present at the context of <Location> and cannot be forcasted with rewrite LA-U. CASGateway does not what i've expected. It does not work in this case, because it does not authenticate but redirect every attempt. If it would try to authenticate against kerberos first and, if fails, redirect then to another path, things would be fine. Any ideas, how to implement this behaviour with CAS? Thanks for your help regards Torben -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
