We don't recommend screen scraping (as your application would need to be updated if the login page changed). What we do recommend is that you create a minimal login screen and change the last redirect of the login flow to use JavaScript to handle the redirect. Then embed this minimal login screen on your application pages with an iframe. This would allow you to keep your existing login page (though they would be formatted slightly different depending on how you format the minimal login screen) and still allow you to participate in single sign on.
Its very similar to Google Accounts. -Scott On 2/26/07, Dave Brondsema <[EMAIL PROTECTED]> wrote:
Edmund Mielach wrote: > Hi! > > I try to realize a sigle-sign-on mechanism for two webapps, one written > in PHP and a Java based one. My first tests where quite successful. But > now my problem is, that I want to keep the original loginpages of my > webapplications. Therefore I tried to change them in a way, that they > send the credentials directly to CAS, including the correct redirect URL > by changing the action attribute of the login forms to > "https://myurl/cas/login?service=<<mywebapp>> ". However, without a > correct flowExecutionKey (I'm not familiar with the spring framework, > but as far as I know this is an ID to control a workflow) I have no > chance to login at this point. > > Does anyone have an idea how to get a valid flowExecutionKey into my > original loginpages? With a valid flowExecutionKey the whole thing would > work exactly as it should. Or isn't this a very good idea because of any > security reasons? > Take a look at http://www.ja-sig.org/wiki/display/CAS/Using+CAS+without+the+CAS+login+screen if you haven't yet. It discussess some of the security/usability issues, and provides some options. I use what is described in the second paragraph of "Alternative approaches": proxying the CAS login screen into your app. That might work for you. -- Dave Brondsema Software Developer Cornerstone University _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
_______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
