As Velpi pointed out, CAS has a "gateway" feature.  What "gateway" does is when you are redirected to CAS, CAS will generate a service ticket IF a SSO session exists, but it will not create an SSO session. So what happens in that scenario is that if there is an SSO session, the client application will receive an ST, otherwise it will not.  But the user will never be prompted to provide a username/password. So your application can detect an authenticated user that way.

The link has a more detailed explanation.

-Scott

On 9/22/06, Velpi <[EMAIL PROTECTED]> wrote:
> After successfully authenticating, is it possible to obtain the netId from the CASTGC cookie on subsequent requests? Otherwise would it be possible to modify the CAS login process to drop the netId into a cookie. I have a 3rd party application that needs to know if a user is authenticated and how that user is, but doesn't have any secure resources. It will basically display different data depending on the users status.

Might this be something that you're looking for?
http://www.ja-sig.org/products/cas/client/gateway/index.html

-- Velpi
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas

_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas

Reply via email to