If I understand correctly how CAS works.... When you authenticate, a TGT and ST are created, period. Each service can be configured as to whether it honors the TGT or requires another user/pw verification. I don't think you can prevent the creation of the TGT.
-John From: Michael Herring [mailto:[email protected]] Sent: Wednesday, February 26, 2014 12:30 PM To: [email protected] Subject: Re: [cas-user] non-sso service Unless I'm missing something fundamental I think this is as simple as unchecking the "SSO Participant" checkbox on the Edit Service page of the Services Management. This functionality is present in CAS 3.5.x (and possible earlier). HTH, -Michael On Wed, Feb 26, 2014 at 11:59 AM, wallace <[email protected]<mailto:[email protected]>> wrote: Is there any way to add a service to CAS that does NOT participate in SSO, but still gets challenged by CAS for credentials? CAS would be responsible for collecting our credentials, but not allowing SSO to occur for the other services defined to CAS. I guess it would be ... the app gets a service ticket, but not a granting ticket. Is this possible? -- You are currently subscribed to [email protected]<mailto:[email protected]> as: [email protected]<mailto:[email protected]> To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- Michael Herring Information Technology Services Web Developer Denison University 740-587-6360 [email protected]<mailto:[email protected]> -- You are currently subscribed to [email protected]<mailto:[email protected]> as: [email protected]<mailto:[email protected]> To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
