Hi, I would not recommend to implement such a fallback mechanism on client side: it would be pretty complicated and you would lose all the benefits of a centralized authentication server (security, one link to the authentication source).
Why not a failover with two CAS servers? It can be achieved pretty easily with a Virtual IP (http://linux-ha.org/wiki/Main_Page). In all cases, you must careful of your SPOF (Single Point Of Failure): is your LDAP resilient? Best regards, Jérôme LELEU Founder of CAS in the cloud: www.casinthecloud.com | Twitter: @leleuj Chairman of CAS: www.jasig.org/cas | Creator of pac4j: www.pac4j.org 2015-02-06 6:28 GMT+01:00 Prasad Katti <[email protected]>: > Hi All, > > we are using CAS authentication to implement SSO model. we are using the > JSR 196 for the extending the JAAS authorization. As part of this we are > also implementing a fall back mechanism in situations where CAS is not > available. in situations where CAS is not available, we want to present a > custom login form and authenticate the user against a pre-defined ldap > realm. > > here's where we are having a problem. when the application redirects to > cas application login, if ÇAS is not available, how to capture the same on > redirection failure? one option is to check the connectivity by sending an > HTTP Connect method to the server. we can then use the HTTP status code to > determine if we have to invoke the fallback strategy. is there a built in > way in cas that will accomplish the same? I am just trying to weigh > different options. > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
