Hello,
I have an application composed of 2 web modules (war):
A first module acting as a service provider, it contains all the business
aspects
A second module having the responsibility to display all kinds of data a
graphics provided by the first one. It does not contain any business logic.
I have to integrate CAS SSO into this application.
So after a self educating period, it seemed to me that I have to implement
the CAS Proxy mode:
The first module as the “service”, the second module as a “proxy”.
Finally I succeeded to let this configuration work correctly.
After a while, I noticed the following:
Even if the user was authentified by the Proxy, each application
request going from the Proxy towards the Service is being redirect
and inducing technical sso request among the Proxy, the CAS server and
the Service
in order to regenerate a PT and then validate it.
1/ Why regenerate and revalidate a PT for each Proxy Request ?
Knowing that the Proxy had been authentified earlier.
Is there a mean to avoid this ? and how ?
2/ Even worst:
As I’m using CAS capabilities to retrieve attributes from datastores
(LDAP, RDBMS) , this process happens just after authentication validation
(which is great),
But it is also happening also for each application request going from
the Proxy towards the Service.
Is there a mean to avoid this ? and how ?
Thank you
Alf.
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
