Hi, thanks for the answer... The problem is that I do not want to break the normal flow in the Spring Security integration of CAS: -> if unauthorized redirect to CAS
At the time where the Spring Security filter is active the SAMLResponse is there (provided as a POST param). As the redirect is done, CAS will not be provided the SAMLResponse if it is not defined as the single entry point in WebSeal. So the current approach is to generate a SAMLRequest from the Spring Security filter, redirect to SSO passing the SAMLRequest as parameter. WebSeal will then send a SAMLResponse to the SSO due to the SAMRequest (where the SSO URL is set in the AssertionConsumerService block). Any further thoughts on this appreciated. Thanks, Anders -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
