Yes, it is possible. The easiest way is to turn on the container's support
for BASIC/Digest authentication (which I believe would place the username in
the REMOTE_USER header) and then utilize our "trusted" authentication to
retrieve the username from the request.getRemoteUser. Another method would
be to customize the workflow to retrieve the headers if they exist (and
fallback to another form of authentication if they don't).
-Scott
On 2/2/07, Luca Cinquini <[EMAIL PROTECTED]> wrote:
Hi,
I spent some time looking for an answer to this but haven't found
a
definite solution:
is there a way to enable direct client access to CAS via Basic or
Digest authentication (possibly over SSL) ? In other words, if a
client makes an HTTP(S) request to the CAS login page with the
appropriate username/password supplied in the headers, the CAS server
should immediately reply with the CAS ticket without displaying the
CAS login page. Is there already support for this kind of behavior ?
thanks a lot,
Luca
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
