Hi everybody, I didn't find something close... Here is my problem:
I already use CAS to authenticate user against application within the same domain (say *.warehouse.com). Applications Servers and CAS servers are in the same network. I now have new applications servers that are not on the same network but in our points of sales connected through our WAN but in other domains (store1.domain2.net or store2.domain2.net or storexxx.domain2.net) We have Servers within this points of sales that need to authenticate users even if the link to the CAS servers is down. The users in the points of sales need to authenticate only once to access applications that are in the posx.domain2.net or in the *warehouse.com. Users from store1.domain2.net don't need to authenticate for store2.domain2.net but only for store1.domain2.net and *.warehouse.com. What is the best solution? Is it possible to have a CAS server in every store that authenticate users for application in the warehouse with the domain *.warehouse.com and under the same local storexxx.domain2.net? I saw multi domain or cross domain references but didn't find documentations... Sometime the users will authenticate first against cas.store1.domain2.net and then access later applications which use cas.warehouse.com... Can the CAS share tickets, do we need approbation between CAS server like in Active Directory? I don't think cluster is a solution because we may have a cluster with 500 CAS server and link that are not reliable (WAN). Thanks! Benj -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
