I've used mod_auth_cas (on Apache 2.2) to authenticate directories, and I've used phpCAS 1.3.2 to authenticate simple PHP applications. But now I'm wondering if an application that lives in a directory authorized by mod_auth_cas couldn't make use of the ticket (and session?) created by mod_auth_cas. As a simple test, I've password-protected a directory that holds a PHP script that itself uses phpCAS. The results aren't good: all browsers detect a loop between our institution's CAS server (protocol 1, I believe) and the app's site, bouncing back and forth, it seems. They says this might be caused by "3rd party cookies" being disabled, which is not my situation.
Any guidance? Thanks very much. -- Frank Burleigh [email protected] -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
