Hi, Maybe there is other way? For example modifying the login page of CAS by giving it the ability to retrieve the user's windows credentials from the browser and authenticate them
Seems like the Kerberos is adding some overhead to our system. Any ideas? Thanks. From: Idan Fridman [mailto:[email protected]] Sent: Thursday, February 06, 2014 10:44 AM To: [email protected] Subject: RE: [cas-user] Authentication to cas using windows user credentials automatically Hi Angelo, That's means that I need to instruct our IT department that each new user which will be added to AD also will need to be added into Kerberos server? From: Angelo Immediata [mailto:[email protected]] Sent: Thursday, February 06, 2014 10:37 AM To: [email protected] Subject: Re: [cas-user] Authentication to cas using windows user credentials automatically hi Ray Yes you have to use a Kerberos server and also AD As far as I know this is the only way to use SPNEGO Angelo 2014-02-06 Idan Fridman <[email protected]<mailto:[email protected]>>: Hi Angelo, I was wonder if I must use Kerberos for this feature? We are using Active Directory. Thanks, Ray. From: Angelo Immediata [mailto:[email protected]<mailto:[email protected]>] Sent: Wednesday, February 05, 2014 5:09 PM To: [email protected]<mailto:[email protected]> Subject: Re: [cas-user] Authentication to cas using windows user credentials automatically hi Maybe you can see this: https://wiki.jasig.org/display/CASUM/SPNEGO I hope it can help Angelo 2014-02-05 Constance Morris <[email protected]<mailto:[email protected]>>: Hi Ray, We have done that with our CAS services. I'm tied up at the moment, but will be glad to send you the details to put in your files as soon as I have the chance. Constance [email protected]<mailto:[email protected]> -----Original Message----- From: ray [mailto:[email protected]<mailto:[email protected]>] Sent: Wednesday, February 05, 2014 4:03 AM To: [email protected]<mailto:[email protected]> Subject: [cas-user] Authentication to cas using windows user credentials automatically We using CAS as our authentication service for our apps. CAS is connected to our Active directory. When users in our organization log in to windows they logging via the same AD nodes. Is it possible to configure CAS somehow(or any other way) when a user is logging in to windows he will be considered authenticated to CAS and therefor will be automatically authenticate to all our sso apps? Any idea's would be warmly welcomed. thanks. -- You are currently subscribed to [email protected]<mailto:[email protected]> as: [email protected]<mailto:[email protected]> To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected]<mailto:[email protected]> as: [email protected]<mailto:[email protected]> To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected]<mailto:[email protected]> as: [email protected]<mailto:[email protected]> To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user This e-mail and the information it contains may be privileged and/or confidential. It is intended solely for the use of the named recipient(s). If you are not the intended recipient you may not disclose, copy, distribute or retain any part of this message or attachments. If you have received this e-mail in error please notify the sender immediately [by clicking 'Reply'] and delete this e-mail. -- You are currently subscribed to [email protected]<mailto:[email protected]> as: [email protected]<mailto:[email protected]> To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected]<mailto:[email protected]> as: [email protected]<mailto:[email protected]> To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user This e-mail and the information it contains may be privileged and/or confidential. It is intended solely for the use of the named recipient(s). If you are not the intended recipient you may not disclose, copy, distribute or retain any part of this message or attachments. If you have received this e-mail in error please notify the sender immediately [by clicking 'Reply'] and delete this e-mail. -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user This e-mail and the information it contains may be privileged and/or confidential. It is intended solely for the use of the named recipient(s). If you are not the intended recipient you may not disclose, copy, distribute or retain any part of this message or attachments. If you have received this e-mail in error please notify the sender immediately [by clicking 'Reply'] and delete this e-mail. This e-mail and the information it contains may be privileged and/or confidential. It is intended solely for the use of the named recipient(s). If you are not the intended recipient you may not disclose, copy, distribute or retain any part of this message or attachments. If you have received this e-mail in error please notify the sender immediately [by clicking 'Reply'] and delete this e-mail. -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
