Sorry, I don’t understand your question.
If the cas client for app2 is configured to run in gateway mode, then if the user goes directly to app2 before logging in then he won't be prompted to login. If that is not the behavior you want, then don't use gateway mode. You said that app2 was not a secure app, so I made the gateway suggestion, but if it does not fit your use case, then use the cas client without gateway mode. Then you will be prompted for a password even if you go first to app2. David Ohsie Software Architect EMC Corporation From: Rohit Kotecha [mailto:[email protected]] Sent: Friday, July 12, 2013 3:46 AM To: [email protected] Cc: Ohsie, David Subject: RE:[cas-user] How to retrieve CAS SSO information on non-secure page Hi David, Thanks for quick reply. If I will configure CAS client with "gateway" mode for app2 and if user directly visit app2(without logged-in in app1) and try to visit secure page at that time also user will not be prompt for credential and we need it. correct me if I am wrong. Thanks and Regards, Rohit Kotecha From: Ohsie, David [mailto:[email protected]] Sent: Thursday, July 11, 2013 9:27 PM To: [email protected] Subject: RE:[cas-user] How to retrieve CAS SSO information on non-secure page Put a cas client in front of app2, ideally at an https served URL. This will run the usual CAS protocol to get app2 an ST which the CAS client will then validate to get the logged in user. If you don't want the user to be prompted for a password, but to only ask CAS if a user is already logged in, then configure your CAS client to run in "gateway" mode. David Ohsie Software Architect EMC Corporation From: Rohit Kotecha [mailto:[email protected]] Sent: Thursday, July 11, 2013 11:42 AM To: [email protected] Subject: [cas-user] How to retrieve CAS SSO information on non-secure page Hi Team, I have two application say app1 and app2 and both integrated with CAS. user is logged-in app1 and open app2 in other tab. Now landing page of app2 is non-secure and because of some business requirement I want to get user information who logged-in in app1 on client side(jsp page) or application in server side? is there any way to achieve above? such api or method to fire to CAS server and get information like user is loggedin. Thanks and Regards, Rohit Kotecha -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -**************Nihilent*************** " *** All information contained in this communication is confidential, proprietary, privileged and is intended for the addressees only. If youhave received this E-mail in error please notify mail administrator by telephone on +91-20-39846100 or E-mail the sender by replying to this message, and then delete this E-mail and other copies of it from your computer system. Any unauthorized dissemination,publication, transfer or use of the contents of this communication, with or without modifications is punishable under the relevant law. Nihilent has scanned this mail with current virus checking technologies. However, Nihilent makes no representations or warranties to the effect that this communication is virus-free. Nihilent reserves the right to monitor all E-mail communications through its Corporate Network. *** " *************************************************************************- -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -**************Nihilent*************** " *** All information contained in this communication is confidential, proprietary, privileged and is intended for the addressees only. If youhave received this E-mail in error please notify mail administrator by telephone on +91-20-39846100 or E-mail the sender by replying to this message, and then delete this E-mail and other copies of it from your computer system. Any unauthorized dissemination,publication, transfer or use of the contents of this communication, with or without modifications is punishable under the relevant law. Nihilent has scanned this mail with current virus checking technologies. However, Nihilent makes no representations or warranties to the effect that this communication is virus-free. Nihilent reserves the right to monitor all E-mail communications through its Corporate Network. *** " *************************************************************************-
smime.p7s
Description: S/MIME cryptographic signature
